support.securedsearch.org Open in urlscan Pro
13.224.89.93 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://support.securedsearch.org/faq.html
Submission: On June 30 via manual (June 30th 2020, 1:14:55 am UTC) from PH

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 13.224.89.93, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is support.securedsearch.org.

This is the only time support.securedsearch.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WhatsApp (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
6	13.224.89.93 13.224.89.93	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
3 4	2606:4700:303... 2606:4700:3030::ac43:99d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
12	5

6 13.224.89.93 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-93.zrh50.r.cloudfront.net

support.securedsearch.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::ac43:99d9 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

allfont.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	securedsearch.org support.securedsearch.org	265 KB
4	allfont.net 3 redirects allfont.net	1 KB
2	gstatic.com fonts.gstatic.com	27 KB
1	googleapis.com fonts.googleapis.com	721 B
12	4

	Domain	Requested by
6	support.securedsearch.org	support.securedsearch.org
4	allfont.net	3 redirects support.securedsearch.org
2	fonts.gstatic.com	support.securedsearch.org
1	fonts.googleapis.com	support.securedsearch.org
12	4

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-31` - `2020-10-09`	8 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://support.securedsearch.org/faq.html
Frame ID: D4EBB03F5AE5F85BB0666EC76AF8D8B1
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Page Statistics

12
Requests

33 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

293 kB
Transfer

293 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://allfont.net/allfont.css?fonts=montserrat-light HTTP 301
https://allfont.net/allfont.css?fonts=montserrat-light HTTP 301
http://allfont.net/cache/css/montserrat-light.css HTTP 301
https://allfont.net/cache/css/montserrat-light.css

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request faq.html Show response
support.securedsearch.org/ 2 KB
3 KB 152ms
107ms Document
text/html 13.224.89.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://support.securedsearch.org/faq.html
Protocol: HTTP/1.1
Server: 13.224.89.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-93.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bda91dcaf6ac5c590f16abfb9aafe29b0e0e2ef6ba602b66ecb069dc2f1c116

Request headers

Host: support.securedsearch.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/html
Content-Length: 2074
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2017 16:08:55 GMT
x-amz-meta-cb-modifiedtime: Wed, 01 Feb 2017 16:08:11 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 29 Jun 2020 11:51:30 GMT
ETag: "e93fcbab535131e592d4f3eb4a6d7dd7"
X-Cache: Hit from cloudfront
Via: 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: kqga81akURi2AnnFA3oDmCIEav51U21AsOVkeDt1KjNQNmmhLPVi8Q==
Age: 48186

GET
H/1.1 200
OK style.css
support.securedsearch.org/style/ 7 KB
7 KB 68ms
67ms Stylesheet
text/css 13.224.89.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://support.securedsearch.org/style/style.css
Requested by: Host: support.securedsearch.org
URL: http://support.securedsearch.org/faq.html
Protocol: HTTP/1.1
Server: 13.224.89.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-93.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0df378ad67663d7386f1f9bd41c08cfbc032cffca5014ff3b9a945d408a3a68e

Request headers

Referer: http://support.securedsearch.org/faq.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Tue, 02 Aug 2016 07:29:55 GMT
Date: Mon, 29 Jun 2020 13:49:42 GMT
Via: 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
Last-Modified: Thu, 11 Aug 2016 09:05:10 GMT
Server: AmazonS3
Age: 41093
ETag: "934093ebd1175593eeed8a825f938349"
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 6943
X-Amz-Cf-Id: c7ZqY0_4ATLeHM-I8GArc_OVoSAnK6NfElHpr4HlykOtSb11J3JNqg==

GET
H/1.1 200
OK faq-2.png
support.securedsearch.org/img/ 90 KB
90 KB 148ms
119ms Image
image/png 13.224.89.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://support.securedsearch.org/img/faq-2.png
Requested by: Host: support.securedsearch.org
URL: http://support.securedsearch.org/faq.html
Protocol: HTTP/1.1
Server: 13.224.89.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-93.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ed15da35ec0c3b2fe715f3c3780c1fd2d20dc707df5371819cd595fdd09eb20

Request headers

Referer: http://support.securedsearch.org/faq.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 29 Jun 2020 13:49:42 GMT
Via: 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
Last-Modified: Sun, 07 Aug 2016 12:41:54 GMT
Server: AmazonS3
Age: 41093
ETag: "08f752374ebdf5820562580209384ae5"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 91985
X-Amz-Cf-Id: QEkdp7PC8I7KQniCjXZwsSHwvWjEmoL047jn4D9MgbfjauSV63c4pA==

GET
H/1.1 200
OK faq-3.png
support.securedsearch.org/img/ 88 KB
88 KB 153ms
120ms Image
image/png 13.224.89.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://support.securedsearch.org/img/faq-3.png
Requested by: Host: support.securedsearch.org
URL: http://support.securedsearch.org/faq.html
Protocol: HTTP/1.1
Server: 13.224.89.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-93.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef2b2b1c8fd240b7ab065fdaf7129da975da08c3133381190d0cfccdef36ae39

Request headers

Referer: http://support.securedsearch.org/faq.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 29 Jun 2020 11:51:32 GMT
Via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
Last-Modified: Sun, 07 Aug 2016 12:41:50 GMT
Server: AmazonS3
Age: 48184
ETag: "edbf888c710c89acdd1677bb53b13026"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 89921
X-Amz-Cf-Id: VW7AVLXKp3SkiguFxDCC92oiCGF-OnZo9ueC__5IN3J-woQXjkBgVg==

GET
H/1.1 200
OK faq-4.png
support.securedsearch.org/img/ 73 KB
74 KB 140ms
107ms Image
image/png 13.224.89.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://support.securedsearch.org/img/faq-4.png
Requested by: Host: support.securedsearch.org
URL: http://support.securedsearch.org/faq.html
Protocol: HTTP/1.1
Server: 13.224.89.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-93.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b55e793069828789ecf2da3c267fb8222e7f855264f8beb528a28da41db3140

Request headers

Referer: http://support.securedsearch.org/faq.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 29 Jun 2020 11:51:32 GMT
Via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
Last-Modified: Sun, 07 Aug 2016 12:41:52 GMT
Server: AmazonS3
Age: 48184
ETag: "b6ad412aecc5cddb5d6de94779e33146"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 75095
X-Amz-Cf-Id: 8KpKTL2aZwZljeZvrRquUcsQdKYXi0oVV9Ju49rwoYygb6Bmc9dwGA==

GET
H/1.1 200
OK icon-black.png
support.securedsearch.org/img/ 2 KB
2 KB 141ms
108ms Image
image/png 13.224.89.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://support.securedsearch.org/img/icon-black.png
Requested by: Host: support.securedsearch.org
URL: http://support.securedsearch.org/faq.html
Protocol: HTTP/1.1
Server: 13.224.89.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-93.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cdf323d907c401939019ea9eeedef1d017ac8e3071237e7d662557c1dfcb95d5

Request headers

Referer: http://support.securedsearch.org/faq.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Mon, 01 Aug 2016 10:48:29 GMT
Date: Mon, 29 Jun 2020 15:52:44 GMT
Via: 1.1 0baaefd2451e4f0e2d5ea55eb90f4a1a.cloudfront.net (CloudFront)
Last-Modified: Tue, 02 Aug 2016 13:43:18 GMT
Server: AmazonS3
Age: 33712
ETag: "f2b0241e9d6ef66a24ed92114a285acc"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 2034
X-Amz-Cf-Id: dcmGgIRgFWVMqqfwekqYedURolMHWuyLn4hvQFNk-2IIFPuzNlQTAQ==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
721 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: support.securedsearch.org
URL: http://support.securedsearch.org/faq.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00838395cd8b377d7164786319e394a09e9002e048ecb8651c1d7ba94b2d65a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://support.securedsearch.org/faq.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Jun 2020 00:39:16 GMT
server: ESF
date: Tue, 30 Jun 2020 01:14:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Jun 2020 01:14:35 GMT

GET
H2

200

montserrat-light.css
allfont.net/cache/css/
Redirect Chain

http://allfont.net/allfont.css?fonts=montserrat-light
https://allfont.net/allfont.css?fonts=montserrat-light
http://allfont.net/cache/css/montserrat-light.css
https://allfont.net/cache/css/montserrat-light.css

345 B
366 B

9ms
9ms

Stylesheet
text/css

2606:4700:3030::ac43:99d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allfont.net/cache/css/montserrat-light.css
Requested by: Host: support.securedsearch.org
URL: http://support.securedsearch.org/faq.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:99d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb1b62b0d93ee13473d7da5e034470b0af1272cbbcb3076a496616c4a5b10531

Request headers

Referer: http://support.securedsearch.org/faq.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 30 Jun 2020 01:14:35 GMT
content-encoding: br
cf-cache-status: HIT
age: 5555780
cf-polished: origSize=506
status: 200
cf-request-id: 03a4635660000005bbad1d8200000001
last-modified: Sun, 17 Jul 2016 18:50:06 GMT
server: cloudflare
etag: W/"578bd35e-1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-ray: 5ab40803cef705bb-FRA
cf-bgj: minify

Redirect headers

Date: Tue, 30 Jun 2020 01:14:35 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://allfont.net/cache/css/montserrat-light.css
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5ab40803bdf596e0-FRA
cf-request-id: 03a4635657000096e0dc198200000001
Expires: Tue, 30 Jun 2020 02:14:35 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: support.securedsearch.org
URL: http://support.securedsearch.org/faq.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
Origin: http://support.securedsearch.org

Response headers

date: Thu, 11 Jun 2020 02:33:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
age: 1636893
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Fri, 11 Jun 2021 02:33:02 GMT

GET montserrat-light_d508f4bcd80b35f5ab68ae7d0e466277.woff
allfont.net/cache/fonts/ 0
0

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: support.securedsearch.org
URL: http://support.securedsearch.org/faq.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
Origin: http://support.securedsearch.org

Response headers

date: Tue, 09 Jun 2020 03:24:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 1806597
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Wed, 09 Jun 2021 03:24:38 GMT

GET montserrat-light_d508f4bcd80b35f5ab68ae7d0e466277.ttf
allfont.net/cache/fonts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: allfont.net
URL: http://allfont.net/cache/fonts/montserrat-light_d508f4bcd80b35f5ab68ae7d0e466277.woff

Domain: allfont.net
URL: http://allfont.net/cache/fonts/montserrat-light_d508f4bcd80b35f5ab68ae7d0e466277.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allfont.net
fonts.googleapis.com
fonts.gstatic.com
support.securedsearch.org
allfont.net
13.224.89.93
2606:4700:3030::ac43:99d9
2a00:1450:4001:802::200a
2a00:1450:4001:808::2003
00838395cd8b377d7164786319e394a09e9002e048ecb8651c1d7ba94b2d65a0
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0df378ad67663d7386f1f9bd41c08cfbc032cffca5014ff3b9a945d408a3a68e
4bda91dcaf6ac5c590f16abfb9aafe29b0e0e2ef6ba602b66ecb069dc2f1c116
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
8ed15da35ec0c3b2fe715f3c3780c1fd2d20dc707df5371819cd595fdd09eb20
9b55e793069828789ecf2da3c267fb8222e7f855264f8beb528a28da41db3140
cdf323d907c401939019ea9eeedef1d017ac8e3071237e7d662557c1dfcb95d5
eb1b62b0d93ee13473d7da5e034470b0af1272cbbcb3076a496616c4a5b10531
ef2b2b1c8fd240b7ab065fdaf7129da975da08c3133381190d0cfccdef36ae39

support.securedsearch.org Open in urlscan Pro 13.224.89.93 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

33 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

293 kBTransfer

293 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

Indicators

support.securedsearch.org Open in urlscan Pro
13.224.89.93 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

33 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

293 kB
Transfer

293 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!