www.casualfindfun.me Open in urlscan Pro
144.91.100.199 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.casualfindfun.me/anxdsx/
Submission: On May 10 via automatic, source openphish (May 10th 2020, 12:26:15 pm UTC)

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 144.91.100.199, located in Germany and belongs to CONTABO, DE. The main domain is www.casualfindfun.me.

This is the only time www.casualfindfun.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tinder (Online)

Domain & IP information

	IP Address	AS Autonomous System
11	144.91.100.199 144.91.100.199	51167 (CONTABO) (CONTABO)
1	2606:4700:303... 2606:4700:3032::681b:a2f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
14	3

11 144.91.100.199 (Germany)

ASN51167 (CONTABO, DE)
PTR: vmd332016.contaboserver.net

www.casualfindfun.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::681b:a2f8 (United States)

ASN13335 (CLOUDFLARENET, US)

onlylocalcams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	casualfindfun.me www.casualfindfun.me	476 KB
2	gstatic.com fonts.gstatic.com	34 KB
1	onlylocalcams.com onlylocalcams.com
14	3

	Domain	Requested by
11	www.casualfindfun.me	www.casualfindfun.me
2	fonts.gstatic.com	www.casualfindfun.me
1	onlylocalcams.com	www.casualfindfun.me
14	3

This site contains links to these domains. Also see Links.

Domain
safetry.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-22` - `2020-10-09`	10 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://www.casualfindfun.me/anxdsx/
Frame ID: 88FF0D3EFCBF31CF8F0A7E831DBF5D7B
Requests: 13 HTTP requests in this frame

Frame: https://onlylocalcams.com/Bbariateam01
Frame ID: 40A559232F4F8D708FC06C0D9447742B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

14
Requests

21 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

510 kB
Transfer

507 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://safetry.me/anxdsx
Title: Click Here

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.casualfindfun.me/anxdsx/ 5 KB
5 KB 171ms
117ms Document
text/html 144.91.100.199
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casualfindfun.me/anxdsx/
Protocol: HTTP/1.1
Server: 144.91.100.199 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd332016.contaboserver.net
Software: Apache /
Resource Hash: edf58f37a5eac55765476931dc2010929350840463cfaabd06fb07f84da20dc1

Request headers

Host: www.casualfindfun.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 12:25:37 GMT
Server: Apache
Last-Modified: Sat, 09 May 2020 19:52:06 GMT
Accept-Ranges: bytes
Content-Length: 4989
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK css.css
www.casualfindfun.me/anxdsx/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ 3 KB
3 KB 65ms
63ms Stylesheet
text/css 144.91.100.199
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casualfindfun.me/anxdsx/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/css.css
Requested by: Host: www.casualfindfun.me
URL: http://www.casualfindfun.me/anxdsx/
Protocol: HTTP/1.1
Server: 144.91.100.199 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd332016.contaboserver.net
Software: Apache /
Resource Hash: 519ee46f437e46672232693bcbffa220c415c2ae736247ca1fc8e45a83ea1e1a

Request headers

Referer: http://www.casualfindfun.me/anxdsx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 12:25:37 GMT
Last-Modified: Sat, 09 May 2020 19:31:33 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2647

GET
H/1.1 200
OK normalize.css
www.casualfindfun.me/anxdsx/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ 8 KB
8 KB 90ms
76ms Stylesheet
text/css 144.91.100.199
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casualfindfun.me/anxdsx/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/normalize.css
Requested by: Host: www.casualfindfun.me
URL: http://www.casualfindfun.me/anxdsx/
Protocol: HTTP/1.1
Server: 144.91.100.199 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd332016.contaboserver.net
Software: Apache /
Resource Hash: 055395b01212455e2e3cf174208947ef347110b0a0d8710f097237698d8eee2b

Request headers

Referer: http://www.casualfindfun.me/anxdsx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 12:25:37 GMT
Last-Modified: Sat, 09 May 2020 19:31:33 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8223

GET
H/1.1 200
OK skeleton.css
www.casualfindfun.me/anxdsx/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ 12 KB
12 KB 89ms
76ms Stylesheet
text/css 144.91.100.199
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casualfindfun.me/anxdsx/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/skeleton.css
Requested by: Host: www.casualfindfun.me
URL: http://www.casualfindfun.me/anxdsx/
Protocol: HTTP/1.1
Server: 144.91.100.199 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd332016.contaboserver.net
Software: Apache /
Resource Hash: 146ca30e79339708e76fa0f2fa4bc60015b98c2296e19c3393a68c355fcaf72c

Request headers

Referer: http://www.casualfindfun.me/anxdsx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 12:25:37 GMT
Last-Modified: Sat, 09 May 2020 19:31:33 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 11868

GET
H/1.1 200
OK style.css
www.casualfindfun.me/anxdsx/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ 11 KB
12 KB 100ms
87ms Stylesheet
text/css 144.91.100.199
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casualfindfun.me/anxdsx/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/style.css
Requested by: Host: www.casualfindfun.me
URL: http://www.casualfindfun.me/anxdsx/
Protocol: HTTP/1.1
Server: 144.91.100.199 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd332016.contaboserver.net
Software: Apache /
Resource Hash: 676efbfa1f34b4a59c4ba6305c2eff567213fbad7a2512b55d990699fff68df3

Request headers

Referer: http://www.casualfindfun.me/anxdsx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 12:25:37 GMT
Last-Modified: Sat, 09 May 2020 19:31:33 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 11741

GET
H/1.1 200
OK logopof.png
www.casualfindfun.me/anxdsx/ 143 KB
143 KB 88ms
75ms Image
image/png 144.91.100.199
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.casualfindfun.me/anxdsx/logopof.png
Requested by: Host: www.casualfindfun.me
URL: http://www.casualfindfun.me/anxdsx/
Protocol: HTTP/1.1
Server: 144.91.100.199 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd332016.contaboserver.net
Software: Apache /
Resource Hash: 65fb4e4bc5d13c796e26a329f6373554bca614862dc7c90ac71fe343c8bf5d37

Request headers

Referer: http://www.casualfindfun.me/anxdsx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 12:25:37 GMT
Last-Modified: Sat, 09 May 2020 19:31:33 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 146176

GET
H/1.1 200
OK logosdf1.png
www.casualfindfun.me/anxdsx/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ 23 KB
24 KB 102ms
89ms Image
image/png 144.91.100.199
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.casualfindfun.me/anxdsx/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/logosdf1.png
Requested by: Host: www.casualfindfun.me
URL: http://www.casualfindfun.me/anxdsx/
Protocol: HTTP/1.1
Server: 144.91.100.199 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd332016.contaboserver.net
Software: Apache /
Resource Hash: 198814fa3098ba2d30dfde90c8f6c34fd14ea42c97e1002faee9ce0f5336b32d

Request headers

Referer: http://www.casualfindfun.me/anxdsx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 12:25:37 GMT
Last-Modified: Sat, 09 May 2020 19:31:33 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 24034

GET
H/1.1 200
OK 1.jpg
www.casualfindfun.me/anxdsx/imagefile/ 70 KB
70 KB 59ms
58ms Image
image/jpeg 144.91.100.199
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.casualfindfun.me/anxdsx/imagefile/1.jpg
Requested by: Host: www.casualfindfun.me
URL: http://www.casualfindfun.me/anxdsx/
Protocol: HTTP/1.1
Server: 144.91.100.199 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd332016.contaboserver.net
Software: Apache /
Resource Hash: 125d550a9dae63488b8b1a6eb196bd03ac7bde97a621b4795118fe3c184a66f4

Request headers

Referer: http://www.casualfindfun.me/anxdsx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 12:25:37 GMT
Last-Modified: Sat, 09 May 2020 19:32:10 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 71345

GET
H/1.1 200
OK 2.jpg
www.casualfindfun.me/anxdsx/imagefile/ 105 KB
105 KB 60ms
60ms Image
image/jpeg 144.91.100.199
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.casualfindfun.me/anxdsx/imagefile/2.jpg
Requested by: Host: www.casualfindfun.me
URL: http://www.casualfindfun.me/anxdsx/
Protocol: HTTP/1.1
Server: 144.91.100.199 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd332016.contaboserver.net
Software: Apache /
Resource Hash: 1d3812667afaf6f6222a3a7393dab5251f4f6ca18f8015eb4b3d41d4ae545d09

Request headers

Referer: http://www.casualfindfun.me/anxdsx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 12:25:37 GMT
Last-Modified: Sat, 09 May 2020 19:32:12 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 107357

GET
H/1.1 200
OK 3.jpg
www.casualfindfun.me/anxdsx/imagefile/ 87 KB
87 KB 65ms
65ms Image
image/jpeg 144.91.100.199
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.casualfindfun.me/anxdsx/imagefile/3.jpg
Requested by: Host: www.casualfindfun.me
URL: http://www.casualfindfun.me/anxdsx/
Protocol: HTTP/1.1
Server: 144.91.100.199 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd332016.contaboserver.net
Software: Apache /
Resource Hash: 2600de292b595421802046c2d2e69565685bfb062c306ae667c99e3f5041e6c0

Request headers

Referer: http://www.casualfindfun.me/anxdsx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 12:25:37 GMT
Last-Modified: Sat, 09 May 2020 19:32:13 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 88658

GET
H/1.1 200
OK as-seen-on.gif
www.casualfindfun.me/anxdsx/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/ 8 KB
8 KB 75ms
74ms Image
image/gif 144.91.100.199
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.casualfindfun.me/anxdsx/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/as-seen-on.gif
Requested by: Host: www.casualfindfun.me
URL: http://www.casualfindfun.me/anxdsx/
Protocol: HTTP/1.1
Server: 144.91.100.199 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd332016.contaboserver.net
Software: Apache /
Resource Hash: 8e223cc1c0b5d03c2ea02dcb46cbd4a6e6efcb1c1b255654e15ce01b8f21dac2

Request headers

Referer: http://www.casualfindfun.me/anxdsx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 10 May 2020 12:25:37 GMT
Last-Modified: Sat, 09 May 2020 19:31:33 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7730

GET
H2 200 Bbariateam01
onlylocalcams.com/ Frame 40A5 0
0 7708ms
7651ms Document
text/html 2606:4700:3032::681b:a2f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onlylocalcams.com/Bbariateam01
Requested by: Host: www.casualfindfun.me
URL: http://www.casualfindfun.me/anxdsx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a2f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: onlylocalcams.com
:scheme: https
:path: /Bbariateam01
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.casualfindfun.me/anxdsx/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.casualfindfun.me/anxdsx/

Response headers

status: 200
date: Sun, 10 May 2020 12:25:45 GMT
content-type: text/html
set-cookie: __cfduid=daf8d1612297bfacb2a92b5d0b9391d381589113537; expires=Tue, 09-Jun-20 12:25:37 GMT; path=/; domain=.onlylocalcams.com; HttpOnly; SameSite=Lax PHPSESSID=989abqnfk278mivv2p6pqfnn82; path=/; domain=.onlylocalcams.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
p3p: CP=.NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM.
set-api-cache: true
used-api-cache: false
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5913a4d99c923240-FRA
content-encoding: br
cf-request-id: 02a0255c0100003240408f1200000001

GET
H2 200 2-c49IRs1JiJN1FRAMjTN5zd9vgsFH1eYCDE0hY.woff2
fonts.gstatic.com/s/merriweathersans/v9/ 17 KB
17 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v9/2-c49IRs1JiJN1FRAMjTN5zd9vgsFH1eYCDE0hY.woff2

Requested by

Host: www.casualfindfun.me
URL: http://www.casualfindfun.me/anxdsx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2af45368bed634685d02dd59dc604e02a8e60ca64d3e27f9e61c2433a3c5b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.casualfindfun.me/anxdsx/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/css.css
Origin: http://www.casualfindfun.me

Response headers

date: Tue, 05 May 2020 21:45:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Oct 2017 23:07:41 GMT
server: sffe
age: 398389
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17564
x-xss-protection: 0
expires: Wed, 05 May 2021 21:45:48 GMT

GET
H2 200 2-c49IRs1JiJN1FRAMjTN5zd9vgsFH1OZyDE0hY.woff2
fonts.gstatic.com/s/merriweathersans/v9/ 17 KB
17 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v9/2-c49IRs1JiJN1FRAMjTN5zd9vgsFH1OZyDE0hY.woff2

Requested by

Host: www.casualfindfun.me
URL: http://www.casualfindfun.me/anxdsx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ee120fd9f6065721a492193e4628687c2a6b109ccdee4dec52d0832a6146b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.casualfindfun.me/anxdsx/Tinder%20Safe%20Dating%20-%20Personal%20Meetings_files/css.css
Origin: http://www.casualfindfun.me

Response headers

date: Thu, 23 Apr 2020 17:41:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Oct 2017 23:07:57 GMT
server: sffe
age: 1449819
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17292
x-xss-protection: 0
expires: Fri, 23 Apr 2021 17:41:58 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tinder (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| changeImage

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rhsfty.com/	1970-01-19 09:25:15	Name: __utmb Value: 69496403.1.10.1589113550
.rhsfty.com/	1970-01-19 13:48:01	Name: __utmz Value: 69496403.1589113550.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.rhsfty.com/	1970-01-19 09:25:14	Name: __utmt Value: 1
.rhsfty.com/	1969-12-31 23:59:59	Name: __utmc Value: 69496403
.rhsfty.com/	1970-01-20 02:56:25	Name: __utma Value: 69496403.247074363.1589113550.1589113550.1589113550.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
onlylocalcams.com
www.casualfindfun.me
144.91.100.199
2606:4700:3032::681b:a2f8
2a00:1450:4001:81a::2003
055395b01212455e2e3cf174208947ef347110b0a0d8710f097237698d8eee2b
125d550a9dae63488b8b1a6eb196bd03ac7bde97a621b4795118fe3c184a66f4
146ca30e79339708e76fa0f2fa4bc60015b98c2296e19c3393a68c355fcaf72c
198814fa3098ba2d30dfde90c8f6c34fd14ea42c97e1002faee9ce0f5336b32d
1d3812667afaf6f6222a3a7393dab5251f4f6ca18f8015eb4b3d41d4ae545d09
1ee120fd9f6065721a492193e4628687c2a6b109ccdee4dec52d0832a6146b93
2600de292b595421802046c2d2e69565685bfb062c306ae667c99e3f5041e6c0
519ee46f437e46672232693bcbffa220c415c2ae736247ca1fc8e45a83ea1e1a
65fb4e4bc5d13c796e26a329f6373554bca614862dc7c90ac71fe343c8bf5d37
676efbfa1f34b4a59c4ba6305c2eff567213fbad7a2512b55d990699fff68df3
8e223cc1c0b5d03c2ea02dcb46cbd4a6e6efcb1c1b255654e15ce01b8f21dac2
d2af45368bed634685d02dd59dc604e02a8e60ca64d3e27f9e61c2433a3c5b52
edf58f37a5eac55765476931dc2010929350840463cfaabd06fb07f84da20dc1

www.casualfindfun.me Open in urlscan Pro 144.91.100.199 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

21 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

510 kBTransfer

507 kBSize

5 Cookies

1 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

5 Cookies

Indicators

www.casualfindfun.me Open in urlscan Pro
144.91.100.199 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

21 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

510 kB
Transfer

507 kB
Size

5
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!