safedatingtry.com Open in urlscan Pro
198.54.116.137 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://safedatingtry.com/ddfnsa24/
Submission: On November 07 via manual (November 7th 2019, 12:38:15 pm UTC) from IT

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 198.54.116.137, located in Los Angeles, United States and belongs to NAMECHEAP-NET - Namecheap, Inc., US. The main domain is safedatingtry.com.

This is the only time safedatingtry.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tinder (Online)

Domain & IP information

	IP Address	AS Autonomous System
11	198.54.116.137 198.54.116.137	22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap)
1	173.214.173.148 173.214.173.148	19318 (IS-AS-1) (IS-AS-1 - Interserver)
2	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
14	3

11 198.54.116.137 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: server116-20.web-hosting.com

safedatingtry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.214.173.148 (Dumont, United States)

ASN19318 (IS-AS-1 - Interserver, Inc, US)
PTR: server.cpasnap.com

traffic.cpasnap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	safedatingtry.com safedatingtry.com	343 KB
2	gstatic.com fonts.gstatic.com	34 KB
1	cpasnap.com traffic.cpasnap.com
14	3

	Domain	Requested by
11	safedatingtry.com	safedatingtry.com
2	fonts.gstatic.com	safedatingtry.com
1	traffic.cpasnap.com	safedatingtry.com
14	3

This site contains no links.

Subject Issuer	Validity	Valid
*.google.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://safedatingtry.com/ddfnsa24/
Frame ID: 083D12FF0882B2259076D7E1C32305EE
Requests: 13 HTTP requests in this frame

Frame: http://traffic.cpasnap.com/tr?offer_id=9&pub=125
Frame ID: 3330FA79E1259EDC19136C1846D6522F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

14
Requests

14 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

377 kB
Transfer

403 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
safedatingtry.com/ddfnsa24/ 5 KB
2 KB 353ms
163ms Document
text/html 198.54.116.137
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: http://safedatingtry.com/ddfnsa24/
Protocol: HTTP/1.1
Server: 198.54.116.137 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server116-20.web-hosting.com
Software: Apache /
Resource Hash: 71313207b5c89b29919f38187f6baa71eed454e8d165215c38748c0eb8e1abe6

Request headers

Host: safedatingtry.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Thu, 07 Nov 2019 12:37:53 GMT
Server: Apache
Last-Modified: Sat, 13 Jul 2019 16:57:53 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1769
Content-Type: text/html

GET
H/1.1 200
OK css.css
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ 3 KB
688 B 162ms
162ms Stylesheet
text/css 198.54.116.137
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: http://safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/css.css
Requested by: Host: safedatingtry.com
URL: http://safedatingtry.com/ddfnsa24/
Protocol: HTTP/1.1
Server: 198.54.116.137 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server116-20.web-hosting.com
Software: Apache /
Resource Hash: 519ee46f437e46672232693bcbffa220c415c2ae736247ca1fc8e45a83ea1e1a

Request headers

Referer: http://safedatingtry.com/ddfnsa24/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Thu, 07 Nov 2019 12:37:53 GMT
Content-Encoding: gzip
Last-Modified: Sat, 13 Jul 2019 16:57:53 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: none
Content-Length: 457

GET
H/1.1 200
OK normalize.css
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ 8 KB
3 KB 316ms
160ms Stylesheet
text/css 198.54.116.137
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: http://safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/normalize.css
Requested by: Host: safedatingtry.com
URL: http://safedatingtry.com/ddfnsa24/
Protocol: HTTP/1.1
Server: 198.54.116.137 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server116-20.web-hosting.com
Software: Apache /
Resource Hash: 055395b01212455e2e3cf174208947ef347110b0a0d8710f097237698d8eee2b

Request headers

Referer: http://safedatingtry.com/ddfnsa24/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Thu, 07 Nov 2019 12:37:53 GMT
Content-Encoding: gzip
Last-Modified: Sat, 13 Jul 2019 16:57:53 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: none
Content-Length: 2621

GET
H/1.1 200
OK skeleton.css
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ 12 KB
3 KB 318ms
161ms Stylesheet
text/css 198.54.116.137
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: http://safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/skeleton.css
Requested by: Host: safedatingtry.com
URL: http://safedatingtry.com/ddfnsa24/
Protocol: HTTP/1.1
Server: 198.54.116.137 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server116-20.web-hosting.com
Software: Apache /
Resource Hash: 146ca30e79339708e76fa0f2fa4bc60015b98c2296e19c3393a68c355fcaf72c

Request headers

Referer: http://safedatingtry.com/ddfnsa24/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Thu, 07 Nov 2019 12:37:53 GMT
Content-Encoding: gzip
Last-Modified: Sat, 13 Jul 2019 16:57:53 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: none
Content-Length: 2743

GET
H/1.1 200
OK style.css
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ 11 KB
3 KB 316ms
160ms Stylesheet
text/css 198.54.116.137
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: http://safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/style.css
Requested by: Host: safedatingtry.com
URL: http://safedatingtry.com/ddfnsa24/
Protocol: HTTP/1.1
Server: 198.54.116.137 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server116-20.web-hosting.com
Software: Apache /
Resource Hash: 2911de3c20ebdd535d1ddc0b1a83e93692c1cf68499e0031c3e33e7c4ddcc8a0

Request headers

Referer: http://safedatingtry.com/ddfnsa24/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Thu, 07 Nov 2019 12:37:53 GMT
Content-Encoding: gzip
Last-Modified: Sat, 13 Jul 2019 16:57:53 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: none
Content-Length: 2813

GET
H/1.1 200
OK logotin.png
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ 120 KB
120 KB 323ms
163ms Image
image/png 198.54.116.137
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/logotin.png
Requested by: Host: safedatingtry.com
URL: http://safedatingtry.com/ddfnsa24/
Protocol: HTTP/1.1
Server: 198.54.116.137 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server116-20.web-hosting.com
Software: Apache /
Resource Hash: e95a5cbefe7ac857a1de7a320787caf1b86fc6a4903db2d6e60db67855eac088

Request headers

Referer: http://safedatingtry.com/ddfnsa24/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Thu, 07 Nov 2019 12:37:53 GMT
Last-Modified: Sat, 13 Jul 2019 16:57:53 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 122370
Content-Type: image/png

GET
H/1.1 200
OK logosdf1.png
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ 23 KB
24 KB 323ms
160ms Image
image/png 198.54.116.137
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/logosdf1.png
Requested by: Host: safedatingtry.com
URL: http://safedatingtry.com/ddfnsa24/
Protocol: HTTP/1.1
Server: 198.54.116.137 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server116-20.web-hosting.com
Software: Apache /
Resource Hash: 198814fa3098ba2d30dfde90c8f6c34fd14ea42c97e1002faee9ce0f5336b32d

Request headers

Referer: http://safedatingtry.com/ddfnsa24/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Thu, 07 Nov 2019 12:37:53 GMT
Last-Modified: Sat, 13 Jul 2019 16:57:53 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 24034
Content-Type: image/png

GET
H/1.1 200
OK 1.jpg
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ 122 KB
122 KB 167ms
166ms Image
image/jpeg 198.54.116.137
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/1.jpg
Requested by: Host: safedatingtry.com
URL: http://safedatingtry.com/ddfnsa24/
Protocol: HTTP/1.1
Server: 198.54.116.137 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server116-20.web-hosting.com
Software: Apache /
Resource Hash: 3d9c391e23984bdf5dd573924a43cd45a96811bf2cccff7150161cfa11bf8cba

Request headers

Referer: http://safedatingtry.com/ddfnsa24/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Thu, 07 Nov 2019 12:37:53 GMT
Last-Modified: Sat, 05 Oct 2019 21:44:02 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 124421
Content-Type: image/jpeg

GET
H/1.1 200
OK 2.jpg
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ 28 KB
28 KB 160ms
159ms Image
image/jpeg 198.54.116.137
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/2.jpg
Requested by: Host: safedatingtry.com
URL: http://safedatingtry.com/ddfnsa24/
Protocol: HTTP/1.1
Server: 198.54.116.137 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server116-20.web-hosting.com
Software: Apache /
Resource Hash: bcf538cef04c6ce3805608c0042d35a5d5cae8ca56cdde0868b79d8ca1127c46

Request headers

Referer: http://safedatingtry.com/ddfnsa24/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Thu, 07 Nov 2019 12:37:53 GMT
Last-Modified: Sat, 05 Oct 2019 21:43:58 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 28201
Content-Type: image/jpeg

GET
H/1.1 200
OK 3.jpg
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ 31 KB
31 KB 159ms
158ms Image
image/jpeg 198.54.116.137
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/3.jpg
Requested by: Host: safedatingtry.com
URL: http://safedatingtry.com/ddfnsa24/
Protocol: HTTP/1.1
Server: 198.54.116.137 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server116-20.web-hosting.com
Software: Apache /
Resource Hash: 8f9e2a394438ac36bcc499b8e1f0d4af9d0ed3e3b746c8c76aacec1802488a50

Request headers

Referer: http://safedatingtry.com/ddfnsa24/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Thu, 07 Nov 2019 12:37:53 GMT
Last-Modified: Sat, 05 Oct 2019 21:44:00 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 31775
Content-Type: image/jpeg

GET
H/1.1 200
OK as-seen-on.gif
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ 8 KB
8 KB 161ms
161ms Image
image/gif 198.54.116.137
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/as-seen-on.gif
Requested by: Host: safedatingtry.com
URL: http://safedatingtry.com/ddfnsa24/
Protocol: HTTP/1.1
Server: 198.54.116.137 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server116-20.web-hosting.com
Software: Apache /
Resource Hash: 8e223cc1c0b5d03c2ea02dcb46cbd4a6e6efcb1c1b255654e15ce01b8f21dac2

Request headers

Referer: http://safedatingtry.com/ddfnsa24/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Thu, 07 Nov 2019 12:37:53 GMT
Last-Modified: Sat, 13 Jul 2019 16:57:53 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 7730
Content-Type: image/gif

GET
H/1.1 200
OK Cookie set tr
traffic.cpasnap.com/ Frame 3330 0
0 457ms
289ms Document
text/html 173.214.173.148
Interserver

General

Check archive.org

Show headers Download Go to

Full URL: http://traffic.cpasnap.com/tr?offer_id=9&pub=125
Requested by: Host: safedatingtry.com
URL: http://safedatingtry.com/ddfnsa24/
Protocol: HTTP/1.1
Server: 173.214.173.148 Dumont, United States, ASN19318 (IS-AS-1 - Interserver, Inc, US),
Reverse DNS: server.cpasnap.com
Software: Apache /
Resource Hash

Request headers

Host: traffic.cpasnap.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://safedatingtry.com/ddfnsa24/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer: http://safedatingtry.com/ddfnsa24/

Response headers

Date: Thu, 07 Nov 2019 12:37:53 GMT
Server: Apache
Set-Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22d5bfbf98907244603b8897d5aedbd624%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22144.76.109.30%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1573130273%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D22432327dda9579310e89776e4f178b3a07e2fa0; expires=Thu, 07-Nov-2019 14:37:53 GMT; Max-Age=7200; path=/ ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%229d406a0bdf4852b1ea0f1644b9ba0b9d%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22144.76.109.30%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F78.0.3904.70+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1573130273%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D98f87ab375eafc86189cad0dc3455bb35ead9cb7; expires=Thu, 07-Nov-2019 14:37:53 GMT; Max-Age=7200; path=/ transaction_id=f805fa58771b3ae4bc6f08ed61415f694d641014; expires=Fri, 08-Nov-2019 12:39:33 GMT; Max-Age=86500; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 2-c49IRs1JiJN1FRAMjTN5zd9vgsFH1eYCDE0hY.woff2
fonts.gstatic.com/s/merriweathersans/v9/ 17 KB
17 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v9/2-c49IRs1JiJN1FRAMjTN5zd9vgsFH1eYCDE0hY.woff2

Requested by

Host: safedatingtry.com
URL: http://safedatingtry.com/ddfnsa24/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d2af45368bed634685d02dd59dc604e02a8e60ca64d3e27f9e61c2433a3c5b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/css.css
Origin: http://safedatingtry.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 05 Nov 2019 19:56:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Oct 2017 23:07:41 GMT
server: sffe
age: 146501
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17564
x-xss-protection: 0
expires: Wed, 04 Nov 2020 19:56:12 GMT

GET
H2 200 2-c49IRs1JiJN1FRAMjTN5zd9vgsFH1OZyDE0hY.woff2
fonts.gstatic.com/s/merriweathersans/v9/ 17 KB
17 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v9/2-c49IRs1JiJN1FRAMjTN5zd9vgsFH1OZyDE0hY.woff2

Requested by

Host: safedatingtry.com
URL: http://safedatingtry.com/ddfnsa24/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1ee120fd9f6065721a492193e4628687c2a6b109ccdee4dec52d0832a6146b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/css.css
Origin: http://safedatingtry.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Fri, 01 Nov 2019 19:21:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Oct 2017 23:07:57 GMT
server: sffe
age: 494207
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17292
x-xss-protection: 0
expires: Sat, 31 Oct 2020 19:21:06 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tinder (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| changeImage

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.securejoinaccess.com/	1970-01-19 13:44:26	Name: __cfduid Value: d5409a72c4beef0c2cb33fa9f579406891573130275
.xprivateauth.com/	1970-01-19 13:44:26	Name: __cfduid Value: d1ea5deaba666f155248e0ec643e6b4501573130274
idateverify.com/	1969-12-31 23:59:59	Name: .AspNetCore.Session Value: CfDJ8EEtSSmmyrxMn5bEh5FZs2geP29AI2pawZgUfxlESDBBoDapKTZWJo0Fd%2B2PoWU5gt5XRK5cD9Sf1UC5sYaVasa9SEdXjujXAzjkiFuBtrYhZE0%2FwPiycCXv2Y56eI6kCnEHGV%2BdyELOaynBguPebTzU8AUnQHBUcj8zwt7WYMgy
www.securejoinaccess.com/	1969-12-31 23:59:59	Name: X-Mapping-ponelalg Value: 5D7320C856F4886C2C24FA2A29761271
.idateverify.com/	1970-01-19 13:44:26	Name: __cfduid Value: d9e54dfec29feebca226aa23cf53837ab1573130273

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
safedatingtry.com
traffic.cpasnap.com
173.214.173.148
198.54.116.137
2a00:1450:4001:815::2003
055395b01212455e2e3cf174208947ef347110b0a0d8710f097237698d8eee2b
146ca30e79339708e76fa0f2fa4bc60015b98c2296e19c3393a68c355fcaf72c
198814fa3098ba2d30dfde90c8f6c34fd14ea42c97e1002faee9ce0f5336b32d
1ee120fd9f6065721a492193e4628687c2a6b109ccdee4dec52d0832a6146b93
2911de3c20ebdd535d1ddc0b1a83e93692c1cf68499e0031c3e33e7c4ddcc8a0
3d9c391e23984bdf5dd573924a43cd45a96811bf2cccff7150161cfa11bf8cba
519ee46f437e46672232693bcbffa220c415c2ae736247ca1fc8e45a83ea1e1a
71313207b5c89b29919f38187f6baa71eed454e8d165215c38748c0eb8e1abe6
8e223cc1c0b5d03c2ea02dcb46cbd4a6e6efcb1c1b255654e15ce01b8f21dac2
8f9e2a394438ac36bcc499b8e1f0d4af9d0ed3e3b746c8c76aacec1802488a50
bcf538cef04c6ce3805608c0042d35a5d5cae8ca56cdde0868b79d8ca1127c46
d2af45368bed634685d02dd59dc604e02a8e60ca64d3e27f9e61c2433a3c5b52
e95a5cbefe7ac857a1de7a320787caf1b86fc6a4903db2d6e60db67855eac088

safedatingtry.com Open in urlscan Pro 198.54.116.137 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

14 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

377 kBTransfer

403 kBSize

5 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

5 Cookies

Indicators

safedatingtry.com Open in urlscan Pro
198.54.116.137 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

14 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

377 kB
Transfer

403 kB
Size

5
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!