www.alexa.webcam.indmesnapchat.xyz.taggedaccount.xyz Open in urlscan Pro
162.213.253.54 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.alexa.webcam.indmesnapchat.xyz.taggedaccount.xyz/
Submission: On March 20 via automatic, source certstream-suspicious (March 20th 2020, 6:38:58 pm UTC)

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 28 HTTP transactions. The main IP is 162.213.253.54, located in Los Angeles, United States and belongs to NAMECHEAP-NET, US. The main domain is www.alexa.webcam.indmesnapchat.xyz.taggedaccount.xyz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 20th 2020. Valid for: a year.

This is the only time www.alexa.webcam.indmesnapchat.xyz.taggedaccount.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tinder (Online)

Domain & IP information

	IP Address	AS Autonomous System
21	162.213.253.54 162.213.253.54	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
1	104.31.75.224 104.31.75.224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1 1	18.202.12.61 18.202.12.61	16509 (AMAZON-02) (AMAZON-02)
1 1	104.17.131.50 104.17.131.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.127.50 104.17.127.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	6

21 162.213.253.54 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server255-4.web-hosting.com

www.alexa.webcam.indmesnapchat.xyz.taggedaccount.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.31.75.224 (United States)

ASN13335 (CLOUDFLARENET, US)

geoip.joinsafelyonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.12.61 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com

admarz.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.131.50 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.land-secure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.127.50 (United States)

ASN13335 (CLOUDFLARENET, US)

www.mainentrypoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	taggedaccount.xyz www.alexa.webcam.indmesnapchat.xyz.taggedaccount.xyz	3 MB
3	gstatic.com fonts.gstatic.com	34 KB
1	mainentrypoint.com www.mainentrypoint.com
1	land-secure.com 1 redirects www.land-secure.com	406 B
1	go2cloud.org 1 redirects admarz.go2cloud.org	2 KB
1	joinsafelyonline.com geoip.joinsafelyonline.com	520 B
1	googleapis.com fonts.googleapis.com	608 B
0	ip2phrase.com Failed www.ip2phrase.com Failed
28	8

	Domain	Requested by
21	www.alexa.webcam.indmesnapchat.xyz.taggedaccount.xyz	www.alexa.webcam.indmesnapchat.xyz.taggedaccount.xyz
3	fonts.gstatic.com	www.alexa.webcam.indmesnapchat.xyz.taggedaccount.xyz
1	www.mainentrypoint.com	www.alexa.webcam.indmesnapchat.xyz.taggedaccount.xyz
1	www.land-secure.com	1 redirects
1	admarz.go2cloud.org	1 redirects
1	geoip.joinsafelyonline.com	www.alexa.webcam.indmesnapchat.xyz.taggedaccount.xyz
1	fonts.googleapis.com	www.alexa.webcam.indmesnapchat.xyz.taggedaccount.xyz
0	www.ip2phrase.com Failed	www.alexa.webcam.indmesnapchat.xyz.taggedaccount.xyz
28	8

This site contains no links.

Subject Issuer	Validity	Valid
alexa.webcam.indmesnapchat.xyz.taggedaccount.xyz Sectigo RSA Domain Validation Secure Server CA	`2020-03-20` - `2021-03-20`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-31` - `2020-10-09`	8 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.mainentrypoint.com CloudFlare Inc ECC CA-2	`2019-09-04` - `2020-09-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.alexa.webcam.indmesnapchat.xyz.taggedaccount.xyz/
Frame ID: B5E27294BD13D470D7A7CADBB1B8BC22
Requests: 27 HTTP requests in this frame

Frame: https://www.mainentrypoint.com/spam.html?id=64592
Frame ID: 70F5CA95766B9D2518100A60369B1DE1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

28
Requests

96 %
HTTPS

29 %
IPv6

8
Domains

8
Subdomains

6
IPs

3
Countries

2648 kB
Transfer

2676 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://admarz.go2cloud.org/aff_c?offer_id=1101&aff_id=10460 HTTP 302
https://www.land-secure.com/ep.php/frinvcams:24941/64592:10460_.1022d8f749ca065b0fda3d695a7265 HTTP 302
https://www.mainentrypoint.com/spam.html?id=64592

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.alexa.webcam.indmesnapchat.xyz.taggedaccount.xyz/ 11 KB
3 KB 586ms
171ms Document
text/html 162.213.253.54
NAMECHEAP-NET

General

www.alexa.webcam.indmesnapchat.xyz.taggedaccount.xyz Open in urlscan Pro 162.213.253.54 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

28 Requests

96 %HTTPS

29 %IPv6

8 Domains

8 Subdomains

6 IPs

3 Countries

2648 kBTransfer

2676 kBSize

0 Cookies

0 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

www.alexa.webcam.indmesnapchat.xyz.taggedaccount.xyz Open in urlscan Pro
162.213.253.54 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

96 %
HTTPS

29 %
IPv6

8
Domains

8
Subdomains

6
IPs

3
Countries

2648 kB
Transfer

2676 kB
Size

0
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!