safedatingtry.com
Open in
urlscan Pro
198.54.116.137
Malicious Activity!
Public Scan
Submission: On November 07 via manual from IT
Summary
This is the only time safedatingtry.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Tinder (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 198.54.116.137 198.54.116.137 | 22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap) | |
1 | 173.214.173.148 173.214.173.148 | 19318 (IS-AS-1) (IS-AS-1 - Interserver) | |
2 | 2a00:1450:400... 2a00:1450:4001:815::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
14 | 3 |
ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: server116-20.web-hosting.com
safedatingtry.com |
ASN19318 (IS-AS-1 - Interserver, Inc, US)
PTR: server.cpasnap.com
traffic.cpasnap.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
safedatingtry.com
safedatingtry.com |
343 KB |
2 |
gstatic.com
fonts.gstatic.com |
34 KB |
1 |
cpasnap.com
traffic.cpasnap.com |
|
14 | 3 |
Domain | Requested by | |
---|---|---|
11 | safedatingtry.com |
safedatingtry.com
|
2 | fonts.gstatic.com |
safedatingtry.com
|
1 | traffic.cpasnap.com |
safedatingtry.com
|
14 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google.com GTS CA 1O1 |
2019-10-10 - 2020-01-02 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://safedatingtry.com/ddfnsa24/
Frame ID: 083D12FF0882B2259076D7E1C32305EE
Requests: 13 HTTP requests in this frame
Frame:
http://traffic.cpasnap.com/tr?offer_id=9&pub=125
Frame ID: 3330FA79E1259EDC19136C1846D6522F
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
safedatingtry.com/ddfnsa24/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.css
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ |
3 KB 688 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
normalize.css
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
skeleton.css
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logotin.png
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ |
120 KB 120 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logosdf1.png
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ |
23 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.jpg
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ |
122 KB 122 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.jpg
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3.jpg
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
as-seen-on.gif
safedatingtry.com/ddfnsa24/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ |
8 KB 8 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
tr
traffic.cpasnap.com/ Frame 3330 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2-c49IRs1JiJN1FRAMjTN5zd9vgsFH1eYCDE0hY.woff2
fonts.gstatic.com/s/merriweathersans/v9/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2-c49IRs1JiJN1FRAMjTN5zd9vgsFH1OZyDE0hY.woff2
fonts.gstatic.com/s/merriweathersans/v9/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Tinder (Online)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| changeImage5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.securejoinaccess.com/ | Name: __cfduid Value: d5409a72c4beef0c2cb33fa9f579406891573130275 |
|
.xprivateauth.com/ | Name: __cfduid Value: d1ea5deaba666f155248e0ec643e6b4501573130274 |
|
idateverify.com/ | Name: .AspNetCore.Session Value: CfDJ8EEtSSmmyrxMn5bEh5FZs2geP29AI2pawZgUfxlESDBBoDapKTZWJo0Fd%2B2PoWU5gt5XRK5cD9Sf1UC5sYaVasa9SEdXjujXAzjkiFuBtrYhZE0%2FwPiycCXv2Y56eI6kCnEHGV%2BdyELOaynBguPebTzU8AUnQHBUcj8zwt7WYMgy |
|
www.securejoinaccess.com/ | Name: X-Mapping-ponelalg Value: 5D7320C856F4886C2C24FA2A29761271 |
|
.idateverify.com/ | Name: __cfduid Value: d9e54dfec29feebca226aa23cf53837ab1573130273 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.gstatic.com
safedatingtry.com
traffic.cpasnap.com
173.214.173.148
198.54.116.137
2a00:1450:4001:815::2003
055395b01212455e2e3cf174208947ef347110b0a0d8710f097237698d8eee2b
146ca30e79339708e76fa0f2fa4bc60015b98c2296e19c3393a68c355fcaf72c
198814fa3098ba2d30dfde90c8f6c34fd14ea42c97e1002faee9ce0f5336b32d
1ee120fd9f6065721a492193e4628687c2a6b109ccdee4dec52d0832a6146b93
2911de3c20ebdd535d1ddc0b1a83e93692c1cf68499e0031c3e33e7c4ddcc8a0
3d9c391e23984bdf5dd573924a43cd45a96811bf2cccff7150161cfa11bf8cba
519ee46f437e46672232693bcbffa220c415c2ae736247ca1fc8e45a83ea1e1a
71313207b5c89b29919f38187f6baa71eed454e8d165215c38748c0eb8e1abe6
8e223cc1c0b5d03c2ea02dcb46cbd4a6e6efcb1c1b255654e15ce01b8f21dac2
8f9e2a394438ac36bcc499b8e1f0d4af9d0ed3e3b746c8c76aacec1802488a50
bcf538cef04c6ce3805608c0042d35a5d5cae8ca56cdde0868b79d8ca1127c46
d2af45368bed634685d02dd59dc604e02a8e60ca64d3e27f9e61c2433a3c5b52
e95a5cbefe7ac857a1de7a320787caf1b86fc6a4903db2d6e60db67855eac088