bestdates-here.life Open in urlscan Pro
46.161.31.59 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://me2.kr/5a66u
Effective URL:
https://bestdates-here.life/?u=t5npae2&o=zrtkn92
Submission: On June 15 via manual (June 15th 2022, 6:13:58 pm UTC) from EC — Scanned from NL

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 21 HTTP transactions. The main IP is 46.161.31.59, located in Haarlem, Netherlands and belongs to FASTCONTENT, DE. The main domain is bestdates-here.life.
TLS certificate: Issued by R3 on April 16th 2022. Valid for: 3 months.

This is the only time bestdates-here.life was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.237.47.210 34.237.47.210	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
1	207.244.226.196 207.244.226.196	40021 (CONTABO) (CONTABO)
2	67.202.114.212 67.202.114.212	32748 (STEADFAST) (STEADFAST)
10	46.161.31.59 46.161.31.59	209813 (FASTCONTENT) (FASTCONTENT)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
21	7

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

me2.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.47.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-47-210.compute-1.amazonaws.com

mandarin12085351.brizy.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

b-cloud.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.244.226.196 (St Louis, United States)

ASN40021 (CONTABO, US)
PTR: vmi852240.contaboserver.net

drakgonindustries.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.114.212 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 46.161.31.59 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)

bestdates-here.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	bestdates-here.life bestdates-here.life	317 KB
3	b-cdn.net b-cloud.b-cdn.net — Cisco Umbrella Rank: 334348	128 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	amung.us whos.amung.us — Cisco Umbrella Rank: 12783	55 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	3 KB
1	drakgonindustries.com drakgonindustries.com	2 KB
1	brizy.site mandarin12085351.brizy.site	3 KB
1	me2.kr 1 redirects me2.kr	1 KB
21	8

	Domain	Requested by
10	bestdates-here.life	mandarin12085351.brizy.site bestdates-here.life
3	b-cloud.b-cdn.net	mandarin12085351.brizy.site
2	fonts.gstatic.com	fonts.googleapis.com
2	whos.amung.us
2	fonts.googleapis.com	mandarin12085351.brizy.site bestdates-here.life
1	drakgonindustries.com	mandarin12085351.brizy.site
1	mandarin12085351.brizy.site
1	me2.kr	1 redirects
21	8

This site contains no links.

Subject Issuer	Validity	Valid
*.brizy.site Sectigo RSA Domain Validation Secure Server CA	`2022-04-01` - `2023-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-07` - `2022-11-11`	a year	crt.sh
drakgonindustries.com ZeroSSL RSA Domain Secure Site CA	`2022-03-24` - `2022-06-22`	3 months	crt.sh
*.amung.us Sectigo RSA Domain Validation Secure Server CA	`2022-05-18` - `2023-06-17`	a year	crt.sh
bestdates-here.life R3	`2022-04-16` - `2022-07-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bestdates-here.life/?u=t5npae2&o=zrtkn92
Frame ID: 871F5FB40C76DA012694A50FAB097A1C
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zum scheissen heute Frauen aus deiner Umgebung

Page URL History Show full URLs

https://me2.kr/5a66u HTTP 301
https://mandarin12085351.brizy.site/ Page URL
https://bestdates-here.life/?u=t5npae2&o=zrtkn92 Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

38 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

500 kB
Transfer

1094 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://me2.kr/5a66u HTTP 301
https://mandarin12085351.brizy.site/ Page URL
https://bestdates-here.life/?u=t5npae2&o=zrtkn92 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://me2.kr/5a66u HTTP 301
https://mandarin12085351.brizy.site/

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
mandarin12085351.brizy.site/
Redirect Chain

https://me2.kr/5a66u
https://mandarin12085351.brizy.site/

16 KB
3 KB

330ms
104ms

Document
text/html

34.237.47.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mandarin12085351.brizy.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.237.47.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-47-210.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 012ceecd05e547f2c1c743dc694a56f153511e449edc38b08dc9b26b272a4d8c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 12508
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-length: 2873
content-type: text/html; charset=UTF-8
date: Wed, 15 Jun 2022 18:13:52 GMT
expires: -1
pragma: no-cache
server: nginx
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.2)
x-brizy-preview: 1
x-cache: HIT
x-cache-hits: 3681
x-varnish: 21740694 17431929

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: must-revalidate, no-cache, no-store, private
cf-cache-status: DYNAMIC
cf-ray: 71bd48333f599217-FRA
content-type: text/html; charset=UTF-8
date: Wed, 15 Jun 2022 18:13:52 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://mandarin12085351.brizy.site/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0%2F%2B%2Bkt47E64JubqeTz5%2B4e2MWvEt9VA48EAwg7m3Q%2FB%2F%2FC8EM%2F8uoDHi1eXnzObc4XqSX1gFFHP92nhxVZHWOjTyjaSdJRQsHc5UlIYPtc7asL5qsMTPzqbo2YMrS1VFgsMfmA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 34 KB
2 KB 90ms
34ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Overpass:100,100italic,200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap

Requested by

Host: mandarin12085351.brizy.site
URL: https://mandarin12085351.brizy.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a19fc5244f2c5bd7f96ebefe24cdb3bbb9759140e04df643ff68e132c162d428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mandarin12085351.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 18:13:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 15 Jun 2022 18:13:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Jun 2022 18:13:52 GMT

GET
H2 200 preview.css
b-cloud.b-cdn.net/builds/free/237-cloud/editor/css/ 238 KB
37 KB 95ms
40ms Stylesheet
text/css 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b-cloud.b-cdn.net/builds/free/237-cloud/editor/css/preview.css
Requested by: Host: mandarin12085351.brizy.site
URL: https://mandarin12085351.brizy.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: b342c02cf1b71aed9e48e8f28e24df74a833a8b3a2265839a7df3308f85a9ac0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mandarin12085351.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:13:52 GMT
content-encoding: br
cdn-edgestorageid: 879
x-amz-request-id: W9KQEPBJZ75CYS6Y
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 06/02/2022 08:46:20
cdn-pullzone: 246147
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: vR5Gt4QIFmui+4KNCYQDWJdTpSRfmob6JJBuSJaNqocs5FjjOXXhHyS88wbGaxmfD7k0YSh5/eo=
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Thu, 26 May 2022 13:26:10 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"545ed72c486d3a8de75bfe549653cec4"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cache-control: public, max-age=31919000
cdn-requestid: 512cbaf170c86682a0a4a7ac3a57d6b8
cdn-requestcountrycode: NL
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/237-cloud/editor/css/preview.css>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK scViejo2 Show response
drakgonindustries.com/api/scripts/ 2 KB
2 KB 614ms
227ms Script
application/javascript 207.244.226.196
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drakgonindustries.com:3069/api/scripts/scViejo2?contador=probar01&owner=neyking&isbot=false&before=true&selectedcountry=Ecuador
Requested by: Host: mandarin12085351.brizy.site
URL: https://mandarin12085351.brizy.site/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.226.196 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi852240.contaboserver.net
Software: / Express
Resource Hash: 0905c73af713f4e6899c97c9f2e0e2acfec13a693f2ec22462a61503b922ff70

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mandarin12085351.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 15 Jun 2022 18:13:52 GMT
Connection: keep-alive
X-Powered-By: Express
Transfer-Encoding: chunked
Keep-Alive: timeout=5
Content-Type: application/javascript

GET
H2 200 group-jq.js Show response
b-cloud.b-cdn.net/builds/free/237-cloud/editor/js/ 89 KB
34 KB 94ms
39ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b-cloud.b-cdn.net/builds/free/237-cloud/editor/js/group-jq.js
Requested by: Host: mandarin12085351.brizy.site
URL: https://mandarin12085351.brizy.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 3b443e63989cfbf4f92fe13acbaf14cf4423c2f63f378cb23c955b4dbfd1036c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mandarin12085351.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:13:52 GMT
content-encoding: br
cdn-edgestorageid: 879
x-amz-request-id: W9KTVR9DNGBKFVTJ
cdn-cachedat: 06/02/2022 08:46:20
cdn-pullzone: 246147
x-amz-id-2: /Hbty/g+/Epe7VjeWiJUnOowjch41hBMzZ4sHimjcCROrwyTQ88aY5lhMVo0WAJrWJoCGCVOsmE=
server: BunnyCDN-AMS1-879
last-modified: Thu, 26 May 2022 13:28:26 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"ed710a097ec10ed3e2e1403b9380da89"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cache-control: public, max-age=31919000
cdn-requestid: fdc1b07f902a94fb726fe0be9f063ca8
cdn-requestcountrycode: NL
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/237-cloud/editor/js/group-jq.js>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 preview.js Show response
b-cloud.b-cdn.net/builds/free/237-cloud/editor/js/ 181 KB
57 KB 70ms
15ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b-cloud.b-cdn.net/builds/free/237-cloud/editor/js/preview.js
Requested by: Host: mandarin12085351.brizy.site
URL: https://mandarin12085351.brizy.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 9ba2b2408fc39bca2b4b7f77744aa1ee4b4d027b583f8c866eabbea3de13161a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mandarin12085351.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:13:52 GMT
content-encoding: br
cdn-edgestorageid: 883
x-amz-request-id: W9KVJHW29GN4V99C
cdn-cachedat: 06/02/2022 08:46:20
cdn-pullzone: 246147
x-amz-id-2: Y9EHMSZvdkUmLOiirh/n9z75ShT0YT1YSe+OJSwLWAMyNFq2dBPW980GQ9b6EOrxXPaaXL1LbIs=
server: BunnyCDN-AMS1-879
last-modified: Thu, 26 May 2022 13:28:27 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"5b7cd1279af27a4f74579700bd09a222"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cache-control: public, max-age=31919000
cdn-requestid: 35bbaa258c32ffe7c6d2ea8e3ef810ad
cdn-requestcountrycode: NL
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/237-cloud/editor/js/preview.js>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 /
whos.amung.us/pingjs/ 28 B
28 B 332ms
108ms Image
text/javascript 67.202.114.212
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whos.amung.us/pingjs/?k=probar01&t=LA%20CORBATICA%20DIRECT&c=s&x=https://twitter.com&y=https://twitter.com&a=-1&d=0&v=27&r=2981
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.114.212 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mandarin12085351.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:13:53 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H2 200 /
whos.amung.us/pingjs/ 27 B
27 B 331ms
108ms Image
text/javascript 67.202.114.212
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whos.amung.us/pingjs/?k=jeltax&t=Drakgon%20Industries&c=s&x=https://twitter.com/&y=https://twitter.com/&a=-1&d=0&v=27&r=8894
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.114.212 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mandarin12085351.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:13:53 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK Primary Request / Show response
bestdates-here.life/ 7 KB
3 KB 1157ms
25ms Document
text/html 46.161.31.59
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://bestdates-here.life/?u=t5npae2&o=zrtkn92
Requested by: Host: mandarin12085351.brizy.site
URL: https://mandarin12085351.brizy.site/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 46.161.31.59 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 6423bdca1372c5e636988b095aa02b9de5956758f4cfa8cfe3e111e2a5a4b9c3

Request headers

Referer: https://mandarin12085351.brizy.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-transform
Connection: keep-alive
Content-Length: 2386
Content-Type: text/html
Date: Wed, 15 Jun 2022 18:13:55 GMT
Server: nginx
cache-control: private
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK animate.min.css
bestdates-here.life/media/dating/toon2/css/ 52 KB
4 KB 22ms
21ms Stylesheet
text/css 46.161.31.59
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://bestdates-here.life/media/dating/toon2/css/animate.min.css
Requested by: Host: bestdates-here.life
URL: https://bestdates-here.life/?u=t5npae2&o=zrtkn92
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 46.161.31.59 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bestdates-here.life/?u=t5npae2&o=zrtkn92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 15 Jun 2022 18:13:55 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:53 GMT
Server: nginx
ETag: W/"60a50cf5-ce35"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK style.css
bestdates-here.life/media/dating/toon2/css/ 8 KB
2 KB 61ms
17ms Stylesheet
text/css 46.161.31.59
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://bestdates-here.life/media/dating/toon2/css/style.css
Requested by: Host: bestdates-here.life
URL: https://bestdates-here.life/?u=t5npae2&o=zrtkn92
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 46.161.31.59 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: b28722475035fc8fdc751034c2df8f49d66eb25cf28cf031c4e7357414a131da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bestdates-here.life/?u=t5npae2&o=zrtkn92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 15 Jun 2022 18:13:55 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:53 GMT
Server: nginx
ETag: W/"60a50cf5-21a0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK js.cookie.js Show response
bestdates-here.life/cookie/ 4 KB
2 KB 57ms
14ms Script
application/javascript 46.161.31.59
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://bestdates-here.life/cookie/js.cookie.js
Requested by: Host: bestdates-here.life
URL: https://bestdates-here.life/?u=t5npae2&o=zrtkn92
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 46.161.31.59 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bestdates-here.life/?u=t5npae2&o=zrtkn92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 15 Jun 2022 18:13:55 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 12:38:46 GMT
Server: nginx
ETag: W/"60a506d6-10a8"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK utils.js Show response
bestdates-here.life/util/ 7 KB
3 KB 58ms
14ms Script
application/javascript 46.161.31.59
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://bestdates-here.life/util/utils.js
Requested by: Host: bestdates-here.life
URL: https://bestdates-here.life/?u=t5npae2&o=zrtkn92
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 46.161.31.59 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9d3e2b083b6e120ba261fe376a4ccd4effde642640e8af81036ecaff262a68d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bestdates-here.life/?u=t5npae2&o=zrtkn92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 15 Jun 2022 18:13:55 GMT
Content-Encoding: br
Last-Modified: Mon, 21 Jun 2021 15:49:01 GMT
Server: nginx
ETag: W/"60d0b4ed-1d57"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK 123.jpg
bestdates-here.life/media/dating/toon2/images/ 175 KB
166 KB 59ms
20ms Image
image/jpeg 46.161.31.59
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bestdates-here.life/media/dating/toon2/images/123.jpg
Requested by: Host: bestdates-here.life
URL: https://bestdates-here.life/?u=t5npae2&o=zrtkn92
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 46.161.31.59 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bestdates-here.life/?u=t5npae2&o=zrtkn92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 15 Jun 2022 18:13:55 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:54 GMT
Server: nginx
ETag: W/"60a50cf6-2bbe8"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK jquery-2.2.4.min.js Show response
bestdates-here.life/media/dating/toon2/js/ 84 KB
29 KB 65ms
24ms Script
application/javascript 46.161.31.59
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://bestdates-here.life/media/dating/toon2/js/jquery-2.2.4.min.js
Requested by: Host: bestdates-here.life
URL: https://bestdates-here.life/?u=t5npae2&o=zrtkn92
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 46.161.31.59 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bestdates-here.life/?u=t5npae2&o=zrtkn92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 15 Jun 2022 18:13:55 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:54 GMT
Server: nginx
ETag: W/"60a50cf6-14e4a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK bb.js Show response
bestdates-here.life/media/ 639 B
642 B 55ms
13ms Script
application/javascript 46.161.31.59
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://bestdates-here.life/media/bb.js
Requested by: Host: bestdates-here.life
URL: https://bestdates-here.life/?u=t5npae2&o=zrtkn92
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 46.161.31.59 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bestdates-here.life/?u=t5npae2&o=zrtkn92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 15 Jun 2022 18:13:55 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 12:39:28 GMT
Server: nginx
ETag: W/"60a50700-27f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H/1.1 200
OK exit1.js Show response
bestdates-here.life/media/exit-new/ 3 KB
1 KB 52ms
13ms Script
application/javascript 46.161.31.59
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://bestdates-here.life/media/exit-new/exit1.js
Requested by: Host: bestdates-here.life
URL: https://bestdates-here.life/?u=t5npae2&o=zrtkn92
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 46.161.31.59 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bestdates-here.life/?u=t5npae2&o=zrtkn92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 15 Jun 2022 18:13:55 GMT
Content-Encoding: br
Last-Modified: Mon, 31 May 2021 11:57:39 GMT
Server: nginx
ETag: W/"60b4cf33-d91"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-transform
Connection: close

GET
H2 200 css
fonts.googleapis.com/ 30 KB
1 KB 32ms
31ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext

Requested by

Host: bestdates-here.life
URL: https://bestdates-here.life/media/dating/toon2/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f1ff9c98e8501501384a084e1257d6509264d70286f637b8f605e8cd7fed8fb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bestdates-here.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 18:13:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 15 Jun 2022 18:13:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Jun 2022 18:13:55 GMT

GET
H/1.1 200
OK bg.jpg
bestdates-here.life/media/dating/toon2/images/ 117 KB
108 KB 62ms
22ms Image
image/jpeg 46.161.31.59
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bestdates-here.life/media/dating/toon2/images/bg.jpg
Requested by: Host: bestdates-here.life
URL: https://bestdates-here.life/media/dating/toon2/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 46.161.31.59 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bestdates-here.life/media/dating/toon2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 15 Jun 2022 18:13:55 GMT
Content-Encoding: br
Last-Modified: Wed, 19 May 2021 13:04:54 GMT
Server: nginx
ETag: W/"60a50cf6-1d3ca"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: no-transform
Connection: close

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 77ms
20ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bestdates-here.life
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 90346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 17:08:09 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 90ms
41ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bestdates-here.life
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 90346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 17:08:09 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
me2.kr/	1970-01-20 03:48:44	Name: XSRF-TOKEN Value: eyJpdiI6ImhYam9OSjd2bkFoWlNtZzFVT2w5cnc9PSIsInZhbHVlIjoiRFp3QVd1cHowdmQ4YUpqUUFkU2FHYmZkaXFQRUVHaFhhVTJwVmtUcDFwQWh1QTg3MThMdHNQYW5FT2JjNXFVbkxXTXJTWXBFVnpoS0V6UEVUNjlFUU9TeFlybjJkalJ3WUw5cklOaTFJQWFwTnFTY0I0aktpT3dKKzFZbjZPT3oiLCJtYWMiOiJjNWUzNzU1Y2RiOTM2MmUyOGY5YmMxMjRiNWJiZmI4ODAzMWI1MTYzZWExMjM3ZDE5MmI2MzY5ODkwZGRhZGM0In0%3D
me2.kr/	1970-01-20 03:48:44	Name: phpshort_session Value: eyJpdiI6Ikc1TXRMSU1qMVc3WjdXaCtsM2dzWVE9PSIsInZhbHVlIjoieXorV0phazg5ZWxhMWhKRkMzZWNWRW9lQ1pcL0lVZEp3dVN4eHdWcngrXC9jaGNTdUpJYTY0cnp6MlhIU0lIdkZDQlwva0s2MVRKdTI2TTNRcmx0RUVFbDBOSlBoaURcL1NQRWN1d0ZvSWlkdmtEcU1YanVRK000MzE3M3dMb1FobHU5IiwibWFjIjoiOGQ0Y2FlODk2OWM2NmY2NDYxOWJlNWEwYzI5MDE0NWJiNDA4MGY1NjUxOTg4MTVkZjYzZTY0NzY2ODAzNDBmNyJ9
bestdates-here.life/	1969-12-31 23:59:59	Name: sid Value: t1~ylx4nnch2gwubsazcygsstnq

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b-cloud.b-cdn.net
bestdates-here.life
drakgonindustries.com
fonts.googleapis.com
fonts.gstatic.com
mandarin12085351.brizy.site
me2.kr
whos.amung.us
207.244.226.196
2a00:1450:4001:809::2003
2a00:1450:4001:813::200a
2a06:98c1:3121::3
34.237.47.210
46.161.31.59
67.202.114.212
84.17.46.53
012ceecd05e547f2c1c743dc694a56f153511e449edc38b08dc9b26b272a4d8c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0905c73af713f4e6899c97c9f2e0e2acfec13a693f2ec22462a61503b922ff70
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4
3b443e63989cfbf4f92fe13acbaf14cf4423c2f63f378cb23c955b4dbfd1036c
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
6423bdca1372c5e636988b095aa02b9de5956758f4cfa8cfe3e111e2a5a4b9c3
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
9ba2b2408fc39bca2b4b7f77744aa1ee4b4d027b583f8c866eabbea3de13161a
9d3e2b083b6e120ba261fe376a4ccd4effde642640e8af81036ecaff262a68d7
a19fc5244f2c5bd7f96ebefe24cdb3bbb9759140e04df643ff68e132c162d428
b28722475035fc8fdc751034c2df8f49d66eb25cf28cf031c4e7357414a131da
b342c02cf1b71aed9e48e8f28e24df74a833a8b3a2265839a7df3308f85a9ac0
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1ff9c98e8501501384a084e1257d6509264d70286f637b8f605e8cd7fed8fb4
f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57

bestdates-here.life Open in urlscan Pro 46.161.31.59 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

38 %IPv6

8 Domains

8 Subdomains

7 IPs

3 Countries

500 kBTransfer

1094 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

38 JavaScript Global Variables

3 Cookies

Indicators

bestdates-here.life Open in urlscan Pro
46.161.31.59 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

38 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

500 kB
Transfer

1094 kB
Size

3
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!