mytopdatings.life
Open in
urlscan Pro
185.155.186.15
Malicious Activity!
Public Scan
Effective URL: https://mytopdatings.life/?u=g1bk605&o=566pk8n&t=GSL-7993_51849&cid=10230ca11110309c55b76e4ed79438
Submission: On December 07 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on October 10th 2023. Valid for: 3 months.
This is the only time mytopdatings.life was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2001:df1:7800... 2001:df1:7800:2::4:4334 | 58487 (CRI-AS-AP...) (CRI-AS-AP CV. Rumahweb Indonesia) | |
2 2 | 2606:4700:303... 2606:4700:3035::6815:1391 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2606:4700:303... 2606:4700:3031::ac43:a5ac | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 52.206.218.219 52.206.218.219 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 2 | 2606:4700:303... 2606:4700:3030::ac43:883e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 34.192.207.49 34.192.207.49 | 14618 (AMAZON-AES) (AMAZON-AES) | |
8 | 185.155.186.15 185.155.186.15 | 203639 (TEKNOLOGY) (TEKNOLOGY) | |
15 | 2 |
ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID)
www.hellowhatsappme878.bnj.homes |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-218-219.compute-1.amazonaws.com
trk.securedconfirm.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-207-49.compute-1.amazonaws.com
clik.global-trk.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
mytopdatings.life
mytopdatings.life |
248 KB |
2 |
bestfreeofferz.com
2 redirects
bestfreeofferz.com |
2 KB |
2 |
sexforfuns.com
2 redirects
sexforfuns.com |
2 KB |
1 |
global-trk.com
1 redirects
clik.global-trk.com |
2 KB |
1 |
securedconfirm.com
1 redirects
trk.securedconfirm.com |
2 KB |
1 |
luvmenow.com
1 redirects
m.luvmenow.com |
664 B |
1 |
bnj.homes
1 redirects
www.hellowhatsappme878.bnj.homes |
145 B |
0 |
gstatic.com
Failed
fonts.gstatic.com Failed |
|
0 |
fling.com
Failed
promos.fling.com Failed |
|
15 | 9 |
Domain | Requested by | |
---|---|---|
8 | mytopdatings.life |
mytopdatings.life
|
2 | bestfreeofferz.com | 2 redirects |
2 | sexforfuns.com | 2 redirects |
1 | clik.global-trk.com | 1 redirects |
1 | trk.securedconfirm.com | 1 redirects |
1 | m.luvmenow.com | 1 redirects |
1 | www.hellowhatsappme878.bnj.homes | 1 redirects |
0 | fonts.gstatic.com Failed |
mytopdatings.life
|
0 | promos.fling.com Failed |
mytopdatings.life
|
15 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mytopdatings.life R3 |
2023-10-10 - 2024-01-08 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://mytopdatings.life/?u=g1bk605&o=566pk8n&t=GSL-7993_51849&cid=10230ca11110309c55b76e4ed79438
Frame ID: D9C178547B88DA42F93E3C1D71365BAF
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
Get Laid TonightPage URL History Show full URLs
-
https://www.hellowhatsappme878.bnj.homes/
HTTP 301
https://sexforfuns.com/wvSFHTv5?aid=dxzzfbzzab&kid=fkadkbxffxg&clickid=Lead&sub1=Jelita HTTP 302
https://sexforfuns.com/?_lp=1&_token= HTTP 302
https://m.luvmenow.com/click?pid=51849&offer_id=6561&sub1=2qmr481vmv2r&sub2=51849&sub3=197558&sub4=... HTTP 302
https://trk.securedconfirm.com/aff_c?offer_id=8826&aff_id=7919&aff_sub3=a_65720a56e2e88e0001c90e1a&aff_sub=... HTTP 302
http://bestfreeofferz.com/crDLO2GSL.php?cid=125&aff_id=7919&aff_sub=51849&aff_sub2=&aff_sub3=a_65720a5... HTTP 302
http://bestfreeofferz.com/cr.php?cid=8231&aff_id=7993&aff_sub=51849&aff_sub2=&aff_sub3=a_65720a56e2e88... HTTP 302
https://clik.global-trk.com/aff_c?offer_id=6791&aff_unique4=8231:32140&aff_unique5=CRPX&aff_id=7993&aff_... HTTP 302
https://mytopdatings.life/?u=g1bk605&o=566pk8n&t=GSL-7993_51849&cid=10230ca11110309c55b76e4ed79438 Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.hellowhatsappme878.bnj.homes/
HTTP 301
https://sexforfuns.com/wvSFHTv5?aid=dxzzfbzzab&kid=fkadkbxffxg&clickid=Lead&sub1=Jelita HTTP 302
https://sexforfuns.com/?_lp=1&_token= HTTP 302
https://m.luvmenow.com/click?pid=51849&offer_id=6561&sub1=2qmr481vmv2r&sub2=51849&sub3=197558&sub4=Lead&sub5=Jelita&sub6=&sub7=&sub8= HTTP 302
https://trk.securedconfirm.com/aff_c?offer_id=8826&aff_id=7919&aff_sub3=a_65720a56e2e88e0001c90e1a&aff_sub=51849 HTTP 302
http://bestfreeofferz.com/crDLO2GSL.php?cid=125&aff_id=7919&aff_sub=51849&aff_sub2=&aff_sub3=a_65720a56e2e88e0001c90e1a&aff_sub4=&aff_sub5=&aff_unique5=CRPX&trn=1029453daa4013750906f8789dc980 HTTP 302
http://bestfreeofferz.com/cr.php?cid=8231&aff_id=7993&aff_sub=51849&aff_sub2=&aff_sub3=a_65720a56e2e88e0001c90e1a&aff_sub4=&aff_sub5=&aff_unique5=CRPX&trn=1029453daa4013750906f8789dc980 HTTP 302
https://clik.global-trk.com/aff_c?offer_id=6791&aff_unique4=8231:32140&aff_unique5=CRPX&aff_id=7993&aff_sub=51849&aff_sub2=&aff_sub3=a_65720a56e2e88e0001c90e1a&aff_sub4=&aff_sub5=&aff_unique5=ns7q120765367&trn=1029453daa4013750906f8789dc980 HTTP 302
https://mytopdatings.life/?u=g1bk605&o=566pk8n&t=GSL-7993_51849&cid=10230ca11110309c55b76e4ed79438 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
mytopdatings.life/ Redirect Chain
|
9 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
mytopdatings.life/media/dating/timer/css/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
black.css
mytopdatings.life/media/dating/timer/css/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
mytopdatings.life/media/dating/timer/js/ |
91 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
en.js
mytopdatings.life/media/dating/timer/js/ |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utils.js
mytopdatings.life/util/ |
7 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
intro_black.gif
mytopdatings.life/media/dating/timer/images/ |
116 KB 117 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading0.gif
mytopdatings.life/media/dating/timer/images/ |
6 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
location.php
promos.fling.com/geo/txt/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff
fonts.gstatic.com/s/opensans/v10/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff
fonts.gstatic.com/s/opensans/v10/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
MTP_ySUJH_bn48VBG8sNSnhCUOGz7vYGh680lGh-uXM.woff
fonts.gstatic.com/s/opensans/v10/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff
fonts.gstatic.com/s/opensans/v10/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
xjAJXh38I15wypJXxuGMBobN6UDyHWBl620a-IRfuBk.woff
fonts.gstatic.com/s/opensans/v10/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
PRmiXeptR36kaC0GEAetxjqR_3kx9_hJXbbyU8S6IN0.woff
fonts.gstatic.com/s/opensans/v10/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- promos.fling.com
- URL
- http://promos.fling.com/geo/txt/location.php?testip=
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/s/opensans/v10/DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/s/opensans/v10/MTP_ySUJH_bn48VBG8sNSnhCUOGz7vYGh680lGh-uXM.woff
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/s/opensans/v10/xjAJXh38I15wypJXxuGMBobN6UDyHWBl620a-IRfuBk.woff
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/s/opensans/v10/PRmiXeptR36kaC0GEAetxjqR_3kx9_hJXbbyU8S6IN0.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| requestLink object| geoData string| ip function| $ function| jQuery function| Tick object| Timer number| TotalSeconds function| CreateTimer function| UpdateTimer function| LeadingZero object| now string| current function| getParameterByName function| hideUnsub function| languageDetection function| writeLocation object| geoRefData function| showLocation function| appendPixels function| getCookie function| getBackendParamsByName function| addSessionId undefined| randomNumber function| docReady object| dataLayer13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sexforfuns.com/ | Name: _subid Value: 2qmr481vmv2r |
|
sexforfuns.com/ | Name: b0608 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjUwNDk0NVwiOjE3MDE5NzI1NjUsXCI3XCI6MTcwMTk3MjU2NX0sXCJjYW1wYWlnbnNcIjp7XCIxOTc1NThcIjoxNzAxOTcyNTY1LFwiMVwiOjE3MDE5NzI1NjV9LFwidGltZVwiOjE3MDE5NzI1NjV9In0.Yk9M_UNbSILVe7U_0unZuLi-KDupi_WK7eifPE4SCRI |
|
sexforfuns.com/ | Name: _token Value: uuid_2qmr481vmv2r_2qmr481vmv2r65720a558fbe63.81784715 |
|
m.luvmenow.com/ | Name: afclick Value: 65720a56e2e88e0001c90e1a |
|
m.luvmenow.com/ | Name: afoffers Value: {"6561":1701972566} |
|
trk.securedconfirm.com/ | Name: enc_aff_session_8958 Value: ENC03cfc0223b5f852665b1fdab90d4659e715261ebf1e51c0966ff8ed692fbb773bdf1169c3b52aea0e0a3fdffc66b39514ade4c239770be819ba2a18fe2451095f248e32c7d898aeb443d636df73ce61b1d2f4051156bf82f2c1f261ab53e5b4b4509cc42cf425e3722ad0ab70ff857bab037bb00c18556aa1338b7822c6df307a3ba71c8611276d5f8ac02ad1108e39da68c8a99980182c045d7be5d7b514ff4ca025865c0 |
|
trk.securedconfirm.com/ | Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjAiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuNzEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9 |
|
bestfreeofferz.com/ | Name: hskp Value: ns7q120765367%2C |
|
bestfreeofferz.com/ | Name: skip Value: -1701972567%2C29966 |
|
bestfreeofferz.com/ | Name: 8231_29966_0 Value: 1701972567 |
|
clik.global-trk.com/ | Name: enc_aff_session_6791 Value: ENC0341e8c43edce400368c2da638fcfcca3f691d5946080abb5e009df67851d8489020d5ac07aa880572205088a7f7483d36eacba8411add565c90ba46c53ddb1a15ecc05090e70f84e0919bc3ad84f56f7fc3ebd93b6f2ff3a4f137458b8da12d1116e25b1e90e68bdcd6475c6f50cac07ee5d4c36f23b8697dba658e402256e43010c3983c12b8d4d53efc60b83131fda8083ee7e8a10f69ab710feb079291a23e023ebdf1 |
|
clik.global-trk.com/ | Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjAiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuNzEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9 |
|
mytopdatings.life/ | Name: sid Value: t1~iaskssvbosqhocpntwmbot0e |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bestfreeofferz.com
clik.global-trk.com
fonts.gstatic.com
m.luvmenow.com
mytopdatings.life
promos.fling.com
sexforfuns.com
trk.securedconfirm.com
www.hellowhatsappme878.bnj.homes
fonts.gstatic.com
promos.fling.com
185.155.186.15
2001:df1:7800:2::4:4334
2606:4700:3030::ac43:883e
2606:4700:3031::ac43:a5ac
2606:4700:3035::6815:1391
34.192.207.49
52.206.218.219
10a22221f39fb9751373863b175381b3b84de2315691ca2b2c277f66345469a8
372a69fee04e30bd0bec56898de8354559c63f46337f52f0fb86b91606ba23fa
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea
9306a182adf8e430b0b667162ae85ede56721fbdcc09b6d373c089c012699564
ad93ebf236149854e02b2dcb7ca0095033c5fb6b9fa3540da68cfb8ec8ec38d6
bf6a6bcd1a849bb95da78f5126325d51560d0a1041118bccccb472de6e04a5a2
dfa0ad12a293332f47c0c0b7c4d7681d3670915a2f75f086aaf61b9a2835b24a