support.securedsearch.org
Open in
urlscan Pro
13.224.89.93
Malicious Activity!
Public Scan
Submission: On June 30 via manual from PH
Summary
This is the only time support.securedsearch.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WhatsApp (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 13.224.89.93 13.224.89.93 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::200a | 15169 (GOOGLE) (GOOGLE) | |
3 4 | 2606:4700:303... 2606:4700:3030::ac43:99d9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::2003 | 15169 (GOOGLE) (GOOGLE) | |
12 | 5 |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-93.zrh50.r.cloudfront.net
support.securedsearch.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
securedsearch.org
support.securedsearch.org |
265 KB |
4 |
allfont.net
3 redirects
allfont.net |
1 KB |
2 |
gstatic.com
fonts.gstatic.com |
27 KB |
1 |
googleapis.com
fonts.googleapis.com |
721 B |
12 | 4 |
Domain | Requested by | |
---|---|---|
6 | support.securedsearch.org |
support.securedsearch.org
|
4 | allfont.net |
3 redirects
support.securedsearch.org
|
2 | fonts.gstatic.com |
support.securedsearch.org
|
1 | fonts.googleapis.com |
support.securedsearch.org
|
12 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1O1 |
2020-06-10 - 2020-09-02 |
3 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-01-31 - 2020-10-09 |
8 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-06-10 - 2020-09-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://support.securedsearch.org/faq.html
Frame ID: D4EBB03F5AE5F85BB0666EC76AF8D8B1
Requests: 12 HTTP requests in this frame
Screenshot
Detected technologies
Amazon Web Services (PaaS) ExpandDetected patterns
- headers via /\(CloudFront\)$/i
- headers server /^AmazonS3$/i
Amazon Cloudfront (CDN) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
Amazon S3 (Miscellaneous) Expand
Detected patterns
- headers server /^AmazonS3$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- http://allfont.net/allfont.css?fonts=montserrat-light HTTP 301
- https://allfont.net/allfont.css?fonts=montserrat-light HTTP 301
- http://allfont.net/cache/css/montserrat-light.css HTTP 301
- https://allfont.net/cache/css/montserrat-light.css
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
faq.html
support.securedsearch.org/ |
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
support.securedsearch.org/style/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
faq-2.png
support.securedsearch.org/img/ |
90 KB 90 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
faq-3.png
support.securedsearch.org/img/ |
88 KB 88 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
faq-4.png
support.securedsearch.org/img/ |
73 KB 74 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-black.png
support.securedsearch.org/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 721 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
montserrat-light.css
allfont.net/cache/css/ Redirect Chain
|
345 B 366 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ |
13 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
montserrat-light_d508f4bcd80b35f5ab68ae7d0e466277.woff
allfont.net/cache/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
montserrat-light_d508f4bcd80b35f5ab68ae7d0e466277.ttf
allfont.net/cache/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- allfont.net
- URL
- http://allfont.net/cache/fonts/montserrat-light_d508f4bcd80b35f5ab68ae7d0e466277.woff
- Domain
- allfont.net
- URL
- http://allfont.net/cache/fonts/montserrat-light_d508f4bcd80b35f5ab68ae7d0e466277.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WhatsApp (Instant Messenger)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
allfont.net
fonts.googleapis.com
fonts.gstatic.com
support.securedsearch.org
allfont.net
13.224.89.93
2606:4700:3030::ac43:99d9
2a00:1450:4001:802::200a
2a00:1450:4001:808::2003
00838395cd8b377d7164786319e394a09e9002e048ecb8651c1d7ba94b2d65a0
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0df378ad67663d7386f1f9bd41c08cfbc032cffca5014ff3b9a945d408a3a68e
4bda91dcaf6ac5c590f16abfb9aafe29b0e0e2ef6ba602b66ecb069dc2f1c116
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
8ed15da35ec0c3b2fe715f3c3780c1fd2d20dc707df5371819cd595fdd09eb20
9b55e793069828789ecf2da3c267fb8222e7f855264f8beb528a28da41db3140
cdf323d907c401939019ea9eeedef1d017ac8e3071237e7d662557c1dfcb95d5
eb1b62b0d93ee13473d7da5e034470b0af1272cbbcb3076a496616c4a5b10531
ef2b2b1c8fd240b7ab065fdaf7129da975da08c3133381190d0cfccdef36ae39