scammer.me Open in urlscan Pro
185.113.141.250 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://scammer.me/
Effective URL:
https://scammer.me/
Submission: On June 02 via api (June 2nd 2024, 5:12:13 pm UTC) from US — Scanned from PT

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 185.113.141.250, located in Lisbon, Portugal and belongs to I4W, PT. The main domain is scammer.me.
TLS certificate: Issued by R3 on May 5th 2024. Valid for: 3 months.

This is the only time scammer.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	185.113.141.250 185.113.141.250	204094 (I4W) (I4W)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	3

16 185.113.141.250 (Lisbon, Portugal)

ASN204094 (I4W, PT)
PTR: cp4.maskcloud.net

scammer.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

userstatics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	scammer.me scammer.me	607 KB
1	userstatics.com userstatics.com — Cisco Umbrella Rank: 90025	698 B
0	Failed function sub() { [native code] }. Failed
20	3

	Domain	Requested by
16	scammer.me	scammer.me
1	userstatics.com	scammer.me
0	localhost Failed	scammer.me
20	3

This site contains links to these domains. Also see Links.

Domain
discord.gg

Subject Issuer	Validity	Valid
autodiscover.scammer.me R3	`2024-05-05` - `2024-08-03`	3 months	crt.sh
userstatics.com E1	`2024-05-26` - `2024-08-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://scammer.me/
Frame ID: C21905E524E3520756E16E10F04E3A2C
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

feds.blog - main page

Page URL History Show full URLs

http://scammer.me/ HTTP 307
https://scammer.me/ Page URL

Detected technologies

particles.js (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

<div id="particles-js">
/particles(?:\.min)?\.js

Page Statistics

20
Requests

85 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

608 kB
Transfer

796 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/weapons

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://scammer.me/ HTTP 307
https://scammer.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://scammer.me/media/backgroundcuz.mp4 HTTP 302
https://localhost/

Request Chain 10

https://scammer.me/media/audioye.mp3 HTTP 302
https://localhost/

Request Chain 18

https://scammer.me/attachments/15e8c86f61a2f1178a2f19692f257dbe.jpg HTTP 302
https://localhost/

20 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response scammer.me/ Redirect Chain http://scammer.me/ https://scammer.me/	30 KB 7 KB	511ms 90ms	Document text/html	185.113.141.250 I4W
General Check archive.org Show headers Download Go to Full URL https://scammer.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.113.141.250 Lisbon, Portugal, ASN204094 (I4W, PT), Reverse DNS cp4.maskcloud.net Software nginx / Resource Hash `7e2501d89f88dde41dae8fdb25734ccb4433eb25d56953f9dac25d2cf7759cf4` Request headers Accept-Language pt-PT,pt;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers content-encoding br content-type text/html date Sun, 02 Jun 2024 17:12:08 GMT last-modified Sat, 01 Jun 2024 11:34:26 GMT server nginx vary Accept-Encoding Redirect headers Location https://scammer.me/ Non-Authoritative-Reason HttpsUpgrades
GET H2	200	landing.css scammer.me/css/	1 KB 516 B	87ms 86ms	Stylesheet text/css	185.113.141.250 I4W
General Check archive.org Show headers Download Go to Full URL https://scammer.me/css/landing.css Requested by Host: scammer.me URL: https://scammer.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.113.141.250 Lisbon, Portugal, ASN204094 (I4W, PT), Reverse DNS cp4.maskcloud.net Software nginx / Resource Hash `ab4bd43c3c9ef4d1752c1554c64e3329fb36c4e6f68d188edadabfd143dfc07a` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://scammer.me/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 02 Jun 2024 17:12:08 GMT content-encoding br last-modified Wed, 22 Nov 2023 02:11:02 GMT server nginx vary Accept-Encoding content-type text/css
GET H2	200	all.min.css scammer.me/css/	82 KB 17 KB	92ms 92ms	Stylesheet text/css	185.113.141.250 I4W
General Check archive.org Show headers Download Go to Full URL https://scammer.me/css/all.min.css Requested by Host: scammer.me URL: https://scammer.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.113.141.250 Lisbon, Portugal, ASN204094 (I4W, PT), Reverse DNS cp4.maskcloud.net Software nginx / Resource Hash `e8dbd7c07e0e23b8b32f56c52230cd067b772d33dd392e1a3ac0e5e888f12e85` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://scammer.me/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 02 Jun 2024 17:12:08 GMT content-encoding br last-modified Thu, 30 May 2024 20:58:38 GMT server nginx vary Accept-Encoding content-type text/css
GET H2	200	featherblack.png scammer.me/images/	8 KB 8 KB	92ms 92ms	Image image/png	185.113.141.250 I4W
General Check archive.org Show headers Download Go to Show image Full URL https://scammer.me/images/featherblack.png Requested by Host: scammer.me URL: https://scammer.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.113.141.250 Lisbon, Portugal, ASN204094 (I4W, PT), Reverse DNS cp4.maskcloud.net Software nginx / Resource Hash `cebdc9c3654c69006a855ad84d535d35c4c2efb47523c3aeb81b7db043d97847` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://scammer.me/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 02 Jun 2024 17:12:08 GMT last-modified Sun, 14 Apr 2024 11:09:10 GMT server nginx accept-ranges bytes content-length 7740 content-type image/png
GET H2	200	logo.png scammer.me/images/	147 KB 147 KB	145ms 145ms	Image image/png	185.113.141.250 I4W
General Check archive.org Show headers Download Go to Show image Full URL https://scammer.me/images/logo.png Requested by Host: scammer.me URL: https://scammer.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.113.141.250 Lisbon, Portugal, ASN204094 (I4W, PT), Reverse DNS cp4.maskcloud.net Software nginx / Resource Hash `f5f60139cc14436d0a520a39eea61a2d1c2e6091e9fb516dfb76a99498166809` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://scammer.me/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 02 Jun 2024 17:12:08 GMT last-modified Sun, 05 May 2024 15:24:52 GMT server nginx accept-ranges bytes content-length 150163 content-type image/png
GET H2	200	featherblack2.png scammer.me/images/	8 KB 8 KB	132ms 130ms	Image image/png	185.113.141.250 I4W
General Check archive.org Show headers Download Go to Show image Full URL https://scammer.me/images/featherblack2.png Requested by Host: scammer.me URL: https://scammer.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.113.141.250 Lisbon, Portugal, ASN204094 (I4W, PT), Reverse DNS cp4.maskcloud.net Software nginx / Resource Hash `0c57c4d87b625c018c2387eb9e9e188baf257a4fdcb6aa6d427a4d9f9d224e43` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://scammer.me/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 02 Jun 2024 17:12:08 GMT last-modified Sun, 14 Apr 2024 11:09:40 GMT server nginx accept-ranges bytes content-length 8251 content-type image/png
GET H2	200	script.js Show response scammer.me/js/	336 B 273 B	133ms 132ms	Script text/javascript	185.113.141.250 I4W
General Check archive.org Show headers Download Go to Full URL https://scammer.me/js/script.js Requested by Host: scammer.me URL: https://scammer.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.113.141.250 Lisbon, Portugal, ASN204094 (I4W, PT), Reverse DNS cp4.maskcloud.net Software nginx / Resource Hash `6b18b496111e12600788139a7471c976e508dee385e246356429bb8f5f4cad60` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://scammer.me/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 02 Jun 2024 17:12:08 GMT content-encoding br last-modified Wed, 22 Nov 2023 02:11:02 GMT server nginx vary Accept-Encoding content-type text/javascript
GET H2	200	enter.js Show response scammer.me/js/	410 B 280 B	129ms 128ms	Script text/javascript	185.113.141.250 I4W
General Check archive.org Show headers Download Go to Full URL https://scammer.me/js/enter.js Requested by Host: scammer.me URL: https://scammer.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.113.141.250 Lisbon, Portugal, ASN204094 (I4W, PT), Reverse DNS cp4.maskcloud.net Software nginx / Resource Hash `41edaf09fb812ca3b5cd762543fc28e801241eee3fd33815bed46c3854791f25` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://scammer.me/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 02 Jun 2024 17:12:08 GMT content-encoding br last-modified Wed, 22 Nov 2023 02:11:02 GMT server nginx vary Accept-Encoding content-type text/javascript
GET H2	200	particles.min.js Show response scammer.me/js/	23 KB 6 KB	133ms 132ms	Script text/javascript	185.113.141.250 I4W
General Check archive.org Show headers Download Go to Full URL https://scammer.me/js/particles.min.js Requested by Host: scammer.me URL: https://scammer.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.113.141.250 Lisbon, Portugal, ASN204094 (I4W, PT), Reverse DNS cp4.maskcloud.net Software nginx / Resource Hash `faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://scammer.me/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 02 Jun 2024 17:12:08 GMT content-encoding br last-modified Wed, 22 Nov 2023 02:11:02 GMT server nginx vary Accept-Encoding content-type text/javascript
GET H2	200	browser.js Show response scammer.me/js/	30 KB 6 KB	134ms 134ms	Script text/javascript	185.113.141.250 I4W
General Check archive.org Show headers Download Go to Full URL https://scammer.me/js/browser.js Requested by Host: scammer.me URL: https://scammer.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.113.141.250 Lisbon, Portugal, ASN204094 (I4W, PT), Reverse DNS cp4.maskcloud.net Software nginx / Resource Hash `a0752704ee69dd6a7dec7e13c68802cb6e44d18f60304a20f9db4beb14a8c4f0` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://scammer.me/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 02 Jun 2024 17:12:08 GMT content-encoding br last-modified Wed, 22 Nov 2023 02:11:02 GMT server nginx vary Accept-Encoding content-type text/javascript
GET		/ localhost/ Redirect Chain https://scammer.me/media/backgroundcuz.mp4 https://localhost/	0 0

GET		/ localhost/ Redirect Chain https://scammer.me/media/audioye.mp3 https://localhost/	0 0

GET H2	200	sxdaup.cur scammer.me/	4 KB 4 KB	89ms 88ms	Image application/octet-stream	185.113.141.250 I4W
General Check archive.org Show headers Download Go to Show image Full URL https://scammer.me/sxdaup.cur Requested by Host: scammer.me URL: https://scammer.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.113.141.250 Lisbon, Portugal, ASN204094 (I4W, PT), Reverse DNS cp4.maskcloud.net Software nginx / Resource Hash `ba525a834cfb43a8db59ef8afe3e63656d7b32515314cc5091d0fed2730abfcd` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://scammer.me/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 02 Jun 2024 17:12:08 GMT last-modified Wed, 22 Nov 2023 02:11:02 GMT server nginx accept-ranges bytes content-length 4286
GET H2	200	bg.gif scammer.me/media/	385 KB 385 KB	88ms 88ms	Image image/gif	185.113.141.250 I4W
General Check archive.org Show headers Download Go to Show image Full URL https://scammer.me/media/bg.gif Requested by Host: scammer.me URL: https://scammer.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.113.141.250 Lisbon, Portugal, ASN204094 (I4W, PT), Reverse DNS cp4.maskcloud.net Software nginx / Resource Hash `fd3749635fa313cdf9ebab0b24b40cfe446c692a65bd065e477733255ba54430` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://scammer.me/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 02 Jun 2024 17:12:08 GMT last-modified Sun, 14 Apr 2024 11:13:34 GMT server nginx accept-ranges bytes content-length 393887 content-type image/gif
GET H2	200	EyzV6w4.png scammer.me/images/	106 B 219 B	140ms 140ms	Image image/png	185.113.141.250 I4W
General Check archive.org Show headers Download Go to Show image Full URL https://scammer.me/images/EyzV6w4.png Requested by Host: scammer.me URL: https://scammer.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.113.141.250 Lisbon, Portugal, ASN204094 (I4W, PT), Reverse DNS cp4.maskcloud.net Software nginx / Resource Hash `f58f8c44309b752800bb2fed5b658168f2b68eddb11f3c00c2474d90bf4073b7` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://scammer.me/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 02 Jun 2024 17:12:08 GMT last-modified Wed, 22 Nov 2023 02:11:02 GMT server nginx accept-ranges bytes content-length 106 content-type image/png
GET H2	200	wvrbvfnafxtazrvybrms.ttf scammer.me/fonts/	18 KB 18 KB	131ms 130ms	Font font/ttf	185.113.141.250 I4W
General Check archive.org Show headers Download Go to Full URL https://scammer.me/fonts/wvrbvfnafxtazrvybrms.ttf Requested by Host: scammer.me URL: https://scammer.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.113.141.250 Lisbon, Portugal, ASN204094 (I4W, PT), Reverse DNS cp4.maskcloud.net Software nginx / Resource Hash `6124fe5b92735e59548c010f9c03b32f024896ff75f19a3fc36ae5ae2b788e12` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://scammer.me/ Origin https://scammer.me Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 02 Jun 2024 17:12:08 GMT last-modified Wed, 22 Nov 2023 02:11:02 GMT server nginx accept-ranges bytes content-length 18236 content-type font/ttf
GET H2	200	/ Show response scammer.me/	30 KB 0	0ms 0ms	Fetch text/html	185.113.141.250 I4W
General Check archive.org Show headers Download Go to Full URL https://scammer.me/ Requested by Host: scammer.me URL: https://scammer.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.113.141.250 Lisbon, Portugal, ASN204094 (I4W, PT), Reverse DNS cp4.maskcloud.net Software nginx / Resource Hash `7e2501d89f88dde41dae8fdb25734ccb4433eb25d56953f9dac25d2cf7759cf4` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://scammer.me/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 02 Jun 2024 17:12:08 GMT content-encoding br last-modified Sat, 01 Jun 2024 11:34:26 GMT server nginx vary Accept-Encoding content-type text/html
GET H2	200	script.js Show response userstatics.com/get/	133 B 698 B	311ms 138ms	Script text/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://userstatics.com/get/script.js?referrer=https://scammer.me/ Requested by Host: scammer.me URL: https://scammer.me/js/browser.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.1 Resource Hash `df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://scammer.me/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 02 Jun 2024 17:12:09 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.1 vary Accept-Encoding access-control-allow-methods GET, POST content-type text/javascript; charset=utf-8 access-control-allow-origin https://scammer.me report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S2slYO628qxAOw4NzDkPDdIOmPt5ENbdUh0xeawlL2xHDduUJc%2FYmLoYSwXeh1vqTeLXeGN1s4FaersHlUEMzoljcPmYdEDXDEHuajiNTkDFPNeXU5FxHjCKJ8oDg1w7SmU%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 88d9111369383c75-CDG access-control-allow-headers X-Requested-With,content-type alt-svc h3=":443"; ma=86400
GET H2	200	/ scammer.me/	30 KB 0	0ms 0ms	Other text/html	185.113.141.250 I4W
General Check archive.org Show headers Download Go to Full URL https://scammer.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.113.141.250 Lisbon, Portugal, ASN204094 (I4W, PT), Reverse DNS cp4.maskcloud.net Software nginx / Resource Hash `7e2501d89f88dde41dae8fdb25734ccb4433eb25d56953f9dac25d2cf7759cf4` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://scammer.me/ Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 02 Jun 2024 17:12:08 GMT content-encoding br last-modified Sat, 01 Jun 2024 11:34:26 GMT server nginx vary Accept-Encoding content-type text/html
GET		/ localhost/ Redirect Chain https://scammer.me/attachments/15e8c86f61a2f1178a2f19692f257dbe.jpg https://localhost/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: localhost
URL: https://localhost/

Domain: localhost
URL: https://localhost/

Domain: localhost
URL: https://localhost/

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			scammer.me/	1970-01-20 21:03:08	Name: PHPREFS Value: full

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

localhost
scammer.me
userstatics.com
localhost
185.113.141.250
188.114.96.3
0c57c4d87b625c018c2387eb9e9e188baf257a4fdcb6aa6d427a4d9f9d224e43
41edaf09fb812ca3b5cd762543fc28e801241eee3fd33815bed46c3854791f25
6124fe5b92735e59548c010f9c03b32f024896ff75f19a3fc36ae5ae2b788e12
6b18b496111e12600788139a7471c976e508dee385e246356429bb8f5f4cad60
7e2501d89f88dde41dae8fdb25734ccb4433eb25d56953f9dac25d2cf7759cf4
a0752704ee69dd6a7dec7e13c68802cb6e44d18f60304a20f9db4beb14a8c4f0
ab4bd43c3c9ef4d1752c1554c64e3329fb36c4e6f68d188edadabfd143dfc07a
ba525a834cfb43a8db59ef8afe3e63656d7b32515314cc5091d0fed2730abfcd
cebdc9c3654c69006a855ad84d535d35c4c2efb47523c3aeb81b7db043d97847
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
e8dbd7c07e0e23b8b32f56c52230cd067b772d33dd392e1a3ac0e5e888f12e85
f58f8c44309b752800bb2fed5b658168f2b68eddb11f3c00c2474d90bf4073b7
f5f60139cc14436d0a520a39eea61a2d1c2e6091e9fb516dfb76a99498166809
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6
fd3749635fa313cdf9ebab0b24b40cfe446c692a65bd065e477733255ba54430

scammer.me Open in urlscan Pro 185.113.141.250 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

85 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

608 kBTransfer

796 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

1 Cookies

Indicators

scammer.me Open in urlscan Pro
185.113.141.250 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

85 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

608 kB
Transfer

796 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions