bend-me-over.com
Open in
urlscan Pro
18.155.68.30
Malicious Activity!
Public Scan
Effective URL: https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d0...
Submission: On June 27 via api from KR — Scanned from SG
Summary
TLS certificate: Issued by Amazon RSA 2048 M03 on November 1st 2023. Valid for: a year.
This is the only time bend-me-over.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Porn Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 172.104.187.4 172.104.187.4 | 63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud) | |
1 1 | 172.67.140.202 172.67.140.202 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 172.67.155.31 172.67.155.31 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 172.67.165.172 172.67.165.172 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 2 | 52.215.125.97 52.215.125.97 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 34.160.108.161 34.160.108.161 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 2 | 172.67.187.194 172.67.187.194 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 2 | 3.110.19.166 3.110.19.166 | 16509 (AMAZON-02) (AMAZON-02) | |
2 34 | 18.155.68.30 18.155.68.30 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 54.206.158.243 54.206.158.243 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 142.251.175.97 142.251.175.97 | 15169 (GOOGLE) (GOOGLE) | |
1 | 13.33.30.40 13.33.30.40 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 64.233.170.102 64.233.170.102 | 15169 (GOOGLE) (GOOGLE) | |
1 | 74.125.24.94 74.125.24.94 | 15169 (GOOGLE) (GOOGLE) | |
44 | 9 |
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: pigeon.rapidplex.com
cupang.online |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-125-97.eu-west-1.compute.amazonaws.com
da.off3riz.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 161.108.160.34.bc.googleusercontent.com
www.h-trck.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-110-19-166.ap-south-1.compute.amazonaws.com
vasy.clickmoileclito.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-30.sin52.r.cloudfront.net
bend-me-over.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-206-158-243.ap-southeast-2.compute.amazonaws.com
bts.insigit.com |
ASN15169 (GOOGLE, US)
PTR: sh-in-f97.1e100.net
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-33-30-40.sin2.r.cloudfront.net
retarget2core.com |
ASN15169 (GOOGLE, US)
PTR: sg-in-f102.1e100.net
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
34 |
bend-me-over.com
2 redirects
bend-me-over.com |
363 KB |
4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71 |
21 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81 |
170 KB |
2 |
clickmoileclito.com
2 redirects
vasy.clickmoileclito.com |
984 B |
2 |
harem-smrt.com
1 redirects
harem-smrt.com |
2 KB |
2 |
off3riz.com
2 redirects
da.off3riz.com |
3 KB |
1 |
gstatic.com
www.gstatic.com |
11 KB |
1 |
retarget2core.com
retarget2core.com — Cisco Umbrella Rank: 589451 |
678 B |
1 |
insigit.com
bts.insigit.com — Cisco Umbrella Rank: 657345 |
9 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268 |
6 KB |
1 |
h-trck.com
1 redirects
www.h-trck.com |
490 B |
1 |
luvmenow.com
1 redirects
m.luvmenow.com |
650 B |
1 |
meet4singles.com
1 redirects
meet4singles.com |
1011 B |
1 |
wa.sv
1 redirects
wa.sv |
458 B |
1 |
cupang.online
1 redirects
cupang.online |
173 B |
0 |
freshmarketer.com
Failed
cdn.freshmarketer.com Failed |
|
44 | 16 |
Domain | Requested by | |
---|---|---|
34 | bend-me-over.com |
2 redirects
harem-smrt.com
bend-me-over.com |
4 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com bend-me-over.com |
2 | www.googletagmanager.com |
bend-me-over.com
www.google-analytics.com |
2 | vasy.clickmoileclito.com | 2 redirects |
2 | harem-smrt.com | 1 redirects |
2 | da.off3riz.com | 2 redirects |
1 | www.gstatic.com |
bend-me-over.com
|
1 | retarget2core.com |
bend-me-over.com
|
1 | bts.insigit.com |
bend-me-over.com
|
1 | cdnjs.cloudflare.com |
harem-smrt.com
|
1 | www.h-trck.com | 1 redirects |
1 | m.luvmenow.com | 1 redirects |
1 | meet4singles.com | 1 redirects |
1 | wa.sv | 1 redirects |
1 | cupang.online | 1 redirects |
0 | cdn.freshmarketer.com Failed |
bend-me-over.com
|
44 | 16 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
harem-smrt.com E1 |
2024-05-23 - 2024-08-21 |
3 months | crt.sh |
cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
bend-me-over.com Amazon RSA 2048 M03 |
2023-11-01 - 2024-11-29 |
a year | crt.sh |
*.google-analytics.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
retarget2core.com Amazon RSA 2048 M02 |
2023-11-02 - 2024-11-30 |
a year | crt.sh |
*.gstatic.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm
Frame ID: 84D6305C116F5280F90B22E070A1E7F5
Requests: 44 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://cupang.online/
HTTP 307
https://cupang.online/ HTTP 307
http://cupang.online/ HTTP 302
https://wa.sv/3edeqp HTTP 302
https://meet4singles.com/hcQDg8bk?aid=bdzhdkgdab&kid=ghdaazzxadh&clickid=awur&sub1=awur HTTP 302
https://m.luvmenow.com/click?pid=35851&offer_id=6422&sub1=2tc1bou2kbpih&sub2=35851&sub3=212605&sub4... HTTP 302
https://da.off3riz.com/aff_c?offer_id=1543&aff_id=3062&aff_sub2=a_667d14f75ed4d600019b9614&source=3... HTTP 302
https://www.h-trck.com/9W598/3QQG7/?sub1={email}&sub2=3062&sub3=35851&sub5=102409037193b39b16167696... HTTP 302
https://harem-smrt.com/offers/?id=39&affid=7&source=3062&clickid=4dcb72ea106747618da149a33bdb470a&m... Page URL
-
https://harem-smrt.com/offers/index.php?id=39&affid=7&source=3062&clickid=4dcb72ea106747618da149a33...
HTTP 302
https://vasy.clickmoileclito.com/cae58461-fd83-48ff-afa2-d8d89c2ca4be?affid=7_3062&source=&mail=&clickid=8566... HTTP 307
https://vasy.clickmoileclito.com/cae58461-fd83-48ff-afa2-d8d89c2ca4be/2?affid=7_3062&source=&mail=&clickid=85... HTTP 302
https://da.off3riz.com/aff_c?offer_id=1617&aff_id=4719&aff_sub2=wus9eoddnl82sfa2js4ep6bc&source= HTTP 302
https://bend-me-over.com/tds?tdsId=s9038shm_r&tds_campaign=s9038shm&email={email46}&utm_source=ddm&ut... HTTP 302
https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=... Page URL
Detected technologies
Firebase (Databases) ExpandDetected patterns
- /firebasejs/([\d.]+)/firebase
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://cupang.online/
HTTP 307
https://cupang.online/ HTTP 307
http://cupang.online/ HTTP 302
https://wa.sv/3edeqp HTTP 302
https://meet4singles.com/hcQDg8bk?aid=bdzhdkgdab&kid=ghdaazzxadh&clickid=awur&sub1=awur HTTP 302
https://m.luvmenow.com/click?pid=35851&offer_id=6422&sub1=2tc1bou2kbpih&sub2=35851&sub3=212605&sub4=awur&sub5=awur&sub6=&sub7=&sub8= HTTP 302
https://da.off3riz.com/aff_c?offer_id=1543&aff_id=3062&aff_sub2=a_667d14f75ed4d600019b9614&source=35851 HTTP 302
https://www.h-trck.com/9W598/3QQG7/?sub1={email}&sub2=3062&sub3=35851&sub5=102409037193b39b1616769600063a HTTP 302
https://harem-smrt.com/offers/?id=39&affid=7&source=3062&clickid=4dcb72ea106747618da149a33bdb470a&mail=%7Bemail%7D Page URL
-
https://harem-smrt.com/offers/index.php?id=39&affid=7&source=3062&clickid=4dcb72ea106747618da149a33bdb470a&mail=%7Bemail%7D&r=1&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36&ua_pm=Windows&fw=1600&fh=1200&wdw_d={%22name%22:%22%22,%22status%22:%22%22,%22closed%22:false,%22length%22:0,%22origin%22:%22https://harem-smrt.com%22,%22innerWidth%22:1600,%22innerHeight%22:1200,%22scrollX%22:0,%22pageXOffset%22:0,%22scrollY%22:0,%22pageYOffset%22:0,%22screenX%22:190,%22screenY%22:190,%22outerWidth%22:1600,%22outerHeight%22:1200,%22devicePixelRatio%22:1,%22screenLeft%22:190,%22screenTop%22:190,%22isSecureContext%22:true,%22crossOriginIsolated%22:false,%22originAgentCluster%22:true,%22credentialless%22:false,%22fhe%22:%22Asia/Singapore%22,%22prop%22:%22prop%22,%22TEMPORARY%22:0,%22PERSISTENT%22:1}&ngt_d={%22vendorSub%22:%22%22,%22productSub%22:%2220030107%22,%22vendor%22:%22Google%20Inc.%22,%22maxTouchPoints%22:0,%22scheduling%22:{},%22userActivation%22:{},%22doNotTrack%22:null,%22geolocation%22:{},%22connection%22:{},%22plugins%22:{%220%22:{%220%22:{},%221%22:{}},%221%22:{%220%22:{},%221%22:{}},%222%22:{%220%22:{},%221%22:{}},%223%22:{%220%22:{},%221%22:{}},%224%22:{%220%22:{},%221%22:{}}},%22mimeTypes%22:{%220%22:{},%221%22:{}},%22pdfViewerEnabled%22:true,%22webkitTemporaryStorage%22:{},%22webkitPersistentStorage%22:{},%22windowControlsOverlay%22:{},%22hardwareConcurrency%22:16,%22cookieEnabled%22:true,%22appCodeName%22:%22Mozilla%22,%22appName%22:%22Netscape%22,%22appVersion%22:%225.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36%22,%22platform%22:%22Win32%22,%22product%22:%22Gecko%22,%22userAgent%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36%22,%22language%22:%22en-SG%22,%22languages%22:[%22en-US%22,%22en%22],%22onLine%22:true,%22webdriver%22:false,%22storageBuckets%22:{},%22clipboard%22:{},%22credentials%22:{},%22keyboard%22:{},%22managed%22:{},%22mediaDevices%22:{},%22storage%22:{},%22serviceWorker%22:{},%22virtualKeyboard%22:{},%22wakeLock%22:{},%22deviceMemory%22:8,%22userAgentData%22:{%22brands%22:[{%22brand%22:%22Google%20Chrome%22,%22version%22:%22126%22},{%22brand%22:%22Not:A-Brand%22,%22version%22:%228%22},{%22brand%22:%22Chromium%22,%22version%22:%22126%22}],%22mobile%22:false,%22platform%22:%22Win32%22},%22login%22:{},%22ink%22:{},%22mediaCapabilities%22:{},%22hid%22:{},%22locks%22:{},%22gpu%22:{},%22mediaSession%22:{},%22permissions%22:{},%22presentation%22:{},%22usb%22:{},%22xr%22:{},%22serial%22:{}}&hs_d={%22length%22:2,%22scrollRestoration%22:%22auto%22,%22state%22:null}&sc_d={%22availWidth%22:1600,%22availHeight%22:1200,%22width%22:1600,%22height%22:1200,%22colorDepth%22:24,%22pixelDepth%22:24,%22availLeft%22:0,%22availTop%22:0,%22orientation%22:{},%22onchange%22:null,%22isExtended%22:false}&fhe_d=Asia/Singapore&plg_d=[%22PDF%20Viewer%22,%22Chrome%20PDF%20Viewer%22,%22Chromium%20PDF%20Viewer%22,%22Microsoft%20Edge%20PDF%20Viewer%22,%22WebKit%20built-in%20PDF%22]
HTTP 302
https://vasy.clickmoileclito.com/cae58461-fd83-48ff-afa2-d8d89c2ca4be?affid=7_3062&source=&mail=&clickid=85668323 HTTP 307
https://vasy.clickmoileclito.com/cae58461-fd83-48ff-afa2-d8d89c2ca4be/2?affid=7_3062&source=&mail=&clickid=85668323 HTTP 302
https://da.off3riz.com/aff_c?offer_id=1617&aff_id=4719&aff_sub2=wus9eoddnl82sfa2js4ep6bc&source= HTTP 302
https://bend-me-over.com/tds?tdsId=s9038shm_r&tds_campaign=s9038shm&email={email46}&utm_source=ddm&utm_campaign=6b175b51&utm_content=4719&s1=dd&p5={p5}&data2=10211d8cd7b29c05c00402f9c02df7&data3=&s3=&email={email} HTTP 302
https://bend-me-over.com/jump?tds_campaign=b9918shm&utm_term=web_fl_sgp_b9918shm_cpl_remnant&tds_oid=21241&tds_cid=4691d094f5dc97e86170b39f92b3c06576de3552&utm_campaign=6b175b51&dci=a78338c54c31f13eed1ead04b8be05c7efb8bc51&id=21241&utm_content=4719&s1=dd&data2=10211d8cd7b29c05c00402f9c02df7&s3=%7Bs3%7D&tds_ac_id=s9038shm&tds_id=b9918shm_jump_a_1595249771824&tds_host=bend-me-over.com&tds_ao=1&_tgUrl=aHR0cHM6Ly9iZW5kLW1lLW92ZXIuY29tL3Rkcy90Zy9zLzFjN2YyYjgxZGU4MDAwM2RmYzg1N2FkODg3NTdiNmE0P19fdD0xNzE5NDczNDEwMjY1Jl9fbD0zNjAwJl9fYz00NjkxZDA5NGY1ZGM5N2U4NjE3MGIzOWY5MmIzYzA2NTc2ZGUzNTUy&utm_source=ddm Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://cupang.online/ HTTP 307
- https://cupang.online/ HTTP 307
- http://cupang.online/ HTTP 302
- https://wa.sv/3edeqp HTTP 302
- https://meet4singles.com/hcQDg8bk?aid=bdzhdkgdab&kid=ghdaazzxadh&clickid=awur&sub1=awur HTTP 302
- https://m.luvmenow.com/click?pid=35851&offer_id=6422&sub1=2tc1bou2kbpih&sub2=35851&sub3=212605&sub4=awur&sub5=awur&sub6=&sub7=&sub8= HTTP 302
- https://da.off3riz.com/aff_c?offer_id=1543&aff_id=3062&aff_sub2=a_667d14f75ed4d600019b9614&source=35851 HTTP 302
- https://www.h-trck.com/9W598/3QQG7/?sub1={email}&sub2=3062&sub3=35851&sub5=102409037193b39b1616769600063a HTTP 302
- https://harem-smrt.com/offers/?id=39&affid=7&source=3062&clickid=4dcb72ea106747618da149a33bdb470a&mail=%7Bemail%7D
- https://bend-me-over.com/bts.js HTTP 301
- https://bts.insigit.com/bts.js
44 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
harem-smrt.com/offers/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.min.js
cdnjs.cloudflare.com/ajax/libs/platform/1.3.6/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
jump
bend-me-over.com/ Redirect Chain
|
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
92c97a777dfc5bf845bb98ab709d7d6b.css
bend-me-over.com/landings/21241/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e1138afd220502ed383190caf83afa43.js
bend-me-over.com/landings/21241/js/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1-1.jpg
bend-me-over.com/landings/21241/images/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1-2.jpg
bend-me-over.com/landings/21241/images/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1-3.jpg
bend-me-over.com/landings/21241/images/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2-1.jpg
bend-me-over.com/landings/21241/images/ |
28 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2-2.jpg
bend-me-over.com/landings/21241/images/ |
31 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2-3.jpg
bend-me-over.com/landings/21241/images/ |
27 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
intg.js
bend-me-over.com/bridge/ |
339 B 741 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-vitals.iife.js
bend-me-over.com/web-vitals@3.3.0/dist/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bts.js
bts.insigit.com/ Redirect Chain
|
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
218 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1047486.js
cdn.freshmarketer.com/399348/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg1.jpg
bend-me-over.com/landings/21241/images/ |
36 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg2.jpg
bend-me-over.com/landings/21241/images/ |
38 KB 38 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg3.jpg
bend-me-over.com/landings/21241/images/ |
45 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
bend-me-over.com/bridge/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integration.js
bend-me-over.com/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ac3fc68831981c704535980c826941a5
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ |
35 B 678 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tr
bend-me-over.com/b/ |
0 268 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tr
bend-me-over.com/b/ |
0 269 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tr
bend-me-over.com/b/ |
0 268 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tr
bend-me-over.com/b/ |
0 267 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tr
bend-me-over.com/b/ |
0 268 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tr
bend-me-over.com/b/ |
0 268 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tr
bend-me-over.com/b/ |
0 270 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tr
bend-me-over.com/b/ |
0 267 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tr
bend-me-over.com/b/ |
0 269 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
bend-me-over.com/ufis/ |
125 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
interlayer
bend-me-over.com/tds/ |
0 499 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-messaging.js
www.gstatic.com/firebasejs/8.6.8/ |
40 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rtr
bend-me-over.com/ufis/ |
10 B 373 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bend-me-over.com
bend-me-over.com/ufis/recaptcha/inject/ |
27 B 425 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
15 B 222 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 132 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
260 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tr
bend-me-over.com/b/ |
0 267 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jump-favicon.ico
bend-me-over.com/images/ |
1 KB 502 B |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
bend-me-over.com/ufis/webpush/ |
30 B 428 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cdn.freshmarketer.com
- URL
- https://cdn.freshmarketer.com/399348/1047486.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Porn Scam (Online)30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| $ function| jQuery object| bts object| __bts_p object| adsLayer function| zargetTimeout boolean| zarget number| zargetTimer number| current function| bgChange function| goNextStep function| changeFirstStep object| webVitals object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| attachScript function| getMainScriptUrl function| checkIsIpad function| onRecaptchaLoadCallback object| ufApp object| firebase object| gaplugins object| gaGlobal object| gaData object| dataLayer20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
meet4singles.com/ | Name: _subid Value: 2tc1bou2kbpih |
|
meet4singles.com/ | Name: b0608 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjUzNTgxN1wiOjE3MTk0NzMzOTcsXCI1MjgzMjZcIjoxNzE5NDczMzk3fSxcImNhbXBhaWduc1wiOntcIjIxMjYwNVwiOjE3MTk0NzMzOTcsXCIxXCI6MTcxOTQ3MzM5N30sXCJ0aW1lXCI6MTcxOTQ3MzM5N30ifQ.GeqMolC8iqIa-a1RIEXrnnqegVSxKEmKXCgL5-DRMyA |
|
meet4singles.com/ | Name: _token Value: uuid_2tc1bou2kbpih_2tc1bou2kbpih667d14f58a5174.62499440 |
|
m.luvmenow.com/ | Name: afclick Value: 667d14f75ed4d600019b9614 |
|
m.luvmenow.com/ | Name: afoffers Value: {"6422":1719473399} |
|
da.off3riz.com/ | Name: enc_aff_session_1543 Value: ENC03faabf932605995da9168bc7de3bb64c7ccd31fc833d5ab2e730fb42427e1d232730e5d0d144b487530e0e3ca5d65f28f69db586941825a9920dcf434a1d15662c482ef49a5a33ea24434f1355be06f95959ad9a96e50907d5f4683e7536997de4af0dcd48ca0a3c579af286fb2d63fe51a5efc9bb01cc92224375fdc239949f718786479 |
|
da.off3riz.com/ | Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyNi4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiYWNjZXB0X2xhbmd1YWdlIjoiZW4tU0csZW47cT0wLjk7cT0wLjkiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0= |
|
www.h-trck.com/ | Name: uniqueClick_3QQG7 Value: 6cef01de-ee22-4804-b0a2-ed3774331e21:1719473402 |
|
www.h-trck.com/ | Name: transaction_id Value: 4dcb72ea106747618da149a33bdb470a |
|
.vasy.clickmoileclito.com/ | Name: cae58461-fd83-48ff-afa2-d8d89c2ca4be-v4 Value: ebgHnwvOV-XSwh_pvIUpoxM9-yOLphjXH58X_0tWack |
|
.vasy.clickmoileclito.com/ | Name: cc-v4 Value: v6YdgWGWQgPOcceKq5DZKOpQ0jYVORN5sYs%2Bw7Zc%2FKiAA48quLHqmcY%2BRyAgBd6is0Ba7tn3%2FSAVRAmaqtxX20WLifhKx4q1dcwUeiREBkOO90MhNaO%2BKSJasIooFaBQ1GnQAjGR2KrDR55D0wbAvA%3D%3D |
|
da.off3riz.com/ | Name: enc_aff_session_1617 Value: ENC03c3d55308ba26903c3d02d5d5d06f5f8265a254f65dc09c9037898517460f7752d9bcd8ad657123e1a21a8c8ef5a3bab73fdff536ffcf775f8bcf9b93d2ef1f925716b930a50f68817e986bd8a9dde99d2d3d5c3f012a5c20f946054bbabb96f5189bdbc03a3782a61ee322e6e191527c1ab5339c926fb79d049f8461fd8ce56cc7cb0063f6bfc91bca6beda2e92e940f96aae6ff146023a7ee27cd545ab439f01820da1aadb18ddaf56444bf789c288f44a235f896833134023a94eebc11d07719613ae2 |
|
.bend-me-over.com/ | Name: dci Value: a78338c54c31f13eed1ead04b8be05c7efb8bc51 |
|
bend-me-over.com/ | Name: dm Value: fe450dd0d1dadc615429144d33241f42 |
|
bend-me-over.com/ | Name: __bts_cid Value: b640a0aecfa9432e914eacbc21667be4 |
|
.retarget2core.com/ | Name: dci Value: 3027f93b1ede74d1da999095e9836ace76b816ef |
|
.bend-me-over.com/ | Name: _ga Value: GA1.2.620911047.1719473418 |
|
.bend-me-over.com/ | Name: _gid Value: GA1.2.1948236816.1719473418 |
|
.bend-me-over.com/ | Name: _gat_UA-56815649-9 Value: 1 |
|
.bend-me-over.com/ | Name: _ga_2Y0VGLH9ZH Value: GS1.2.1719473420.1.1.1719473420.0.0.0 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bend-me-over.com
bts.insigit.com
cdn.freshmarketer.com
cdnjs.cloudflare.com
cupang.online
da.off3riz.com
harem-smrt.com
m.luvmenow.com
meet4singles.com
retarget2core.com
vasy.clickmoileclito.com
wa.sv
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.h-trck.com
cdn.freshmarketer.com
104.17.24.14
13.33.30.40
142.251.175.97
172.104.187.4
172.67.140.202
172.67.155.31
172.67.165.172
172.67.187.194
18.155.68.30
3.110.19.166
34.160.108.161
52.215.125.97
54.206.158.243
64.233.170.102
74.125.24.94
0a3161eb0b1a159ab6b0ce6d926521160d2d1eca60d8f038d6733cc9161929c2
0d891cd61411a07f3c3be0426f9cfdd76d1c8c84955cdd9d3a8e3b95d986b5d6
1752673c0e49d18a681123b02599cfabd55916187431de4f36f50c1323806cc7
1ae9fb176443c493ce4901688cec3bc82da949e4fc6945c5a499e4e48fbc4dd0
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64
341891286e02aad359716b2976363f926c510a574f3ec042f10fb056f629f9af
36765069dc707a1f004301bbc55ee5359b317ab1f2cb66ebfff536522c82fc78
57e92412a2113197019947b2ee0b8346207c303d7c4e64ebb847565be6e453c3
5cf3585f2f040f381d74c4d23f4ba5b34ec30cf9301ff94774a1ce70c1be26bc
5e60e6637e6525bd535b050fcceda17a970e00b7fd50bb8165f3e66ad2dd4f27
5fce9212be00180c170ce972175e92605c090c4ecf2f103c3e3197a3527ed4cf
72e69358fa344f2bd1be00400a74600766cf4af15f71abf9b968b3fc3dfc9440
762d6a41d701d26adefa79edb51320a456b5394b50510a4dc1d70acbdbb24d0f
76f4995baba6266e4762ec0a790351b295237367dbd898e5853e8066097f4f84
770349c1793e9805dd4c1ee0f965bdd04997dba4beea08867cdae72fe191d5e9
785ca45f55afe0da33676ebf10e0a2daa261324089a0155393fc60e0e4f1b649
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d293ecdf0404e43a7f5caea9bf3755d3264daee36c52a7e4aa3318fb68df1f
8c039b6e245af3041933a2e283eb929be6c05618616e34ef2b8e3ca2bb368007
9a275f7d4a61150dee22e10a07d68229c1e493000870b5f176011d6f5965e66b
afee828deb4f8539735da36032c0d3ecb40fa5251129ecc432af7a675b299bfb
b2ece5d28dcf047582c05c122e3bf0ed4905a965026a9940c289682620b76a2f
b3bdd197284dbd9df257cd9c5afc1b355791130ed158fddf7cbdd24bcc7211b8
b4890f2b54deb4a6fd1b290794fca27ca0a67af66184453eacd99532474f60b3
c9161ba2797a5024ac95900d8e5aaa27e62b7856c151c96410db2e8e3cc5ce63
cf615e80032f96193c070a4dfbc4d3c240e8604a53ee51a5a7abf6719cb2ad31
dc6cc3048edb1453178c0ceb5798edcb9ae6e54eeca91311b17b95a77dffc734
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dedda483c1ee58da9fb3d6f9f9ba972db18d893554a53673a32221bb3d93a701
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe26228f1a864cab3d5ec46c99bed380a8194c2c3ec19ad0f82b2910e901ca54