prayandlove.club
Open in
urlscan Pro
18.219.255.245
Malicious Activity!
Public Scan
Effective URL: http://prayandlove.club/GP/mk.php?cep=SJtIqP7IWIuHe7diI4ZK0NwreMEYkQT3XMzj4A4R5QJz58UBp-rH6pBTIkNxpYzb27pJYigyIDTLvEVtcg...
Submission: On May 21 via manual from US
Summary
This is the only time prayandlove.club was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Weightloss Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 192.64.119.68 192.64.119.68 | 22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap) | |
1 1 | 52.29.197.42 52.29.197.42 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
22 | 18.219.255.245 18.219.255.245 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 69.167.167.14 69.167.167.14 | 32244 (LIQUIDWEB) (LIQUIDWEB - Liquid Web) | |
8 | 2a00:1450:400... 2a00:1450:4001:81f::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
32 | 4 |
ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
fdic.club |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-197-42.eu-central-1.compute.amazonaws.com
prinues-ordleyond.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-219-255-245.us-east-2.compute.amazonaws.com
prayandlove.club |
ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)
PTR: thor.gadgetpush.com
hera.gadgetpush.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
prayandlove.club
prayandlove.club |
986 KB |
8 |
gstatic.com
fonts.gstatic.com |
91 KB |
2 |
gadgetpush.com
hera.gadgetpush.com |
191 KB |
1 |
prinues-ordleyond.com
1 redirects
prinues-ordleyond.com |
1 KB |
1 |
fdic.club
1 redirects
fdic.club |
301 B |
32 | 5 |
Domain | Requested by | |
---|---|---|
22 | prayandlove.club |
prayandlove.club
|
8 | fonts.gstatic.com |
prayandlove.club
|
2 | hera.gadgetpush.com |
prayandlove.club
|
1 | prinues-ordleyond.com | 1 redirects |
1 | fdic.club | 1 redirects |
32 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
prinues-ordleyond.com |
www.facebook.com |
twitter.com |
www.instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google.com Google Internet Authority G3 |
2019-04-30 - 2019-07-23 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://prayandlove.club/GP/mk.php?cep=SJtIqP7IWIuHe7diI4ZK0NwreMEYkQT3XMzj4A4R5QJz58UBp-rH6pBTIkNxpYzb27pJYigyIDTLvEVtcgeoFBONab_Ya-exSHHbKgJ_oGn4o-8x1Hbh5apYoaesmpv2ObKnirAYEvHF2oNsSfcBaKclylBs-NEAp35FyLLncvaUOTt3eX9QrnNtCCGmtqOo1vnRZFk_cS8Bioo7Ytc4f8Hx61D7R_art316exCZjL0&ad=%7Bad%7D&s2=%7Bclickid%7D&dg=%7Bdg%7D
Frame ID: A001A81C2A55F713A66F136D904078A8
Requests: 34 HTTP requests in this frame
Frame:
http://prayandlove.club/GP/images/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html
Frame ID: FE429FBB35C1A1688955C37F7B2825A6
Requests: 2 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://fdic.club/
HTTP 302
http://prinues-ordleyond.com/6a090088-3c7e-49f2-96ab-2e672e753d58?ad={ad}&s2={clickid}&dg={dg} HTTP 302
http://prayandlove.club/GP/mk.php?cep=SJtIqP7IWIuHe7diI4ZK0NwreMEYkQT3XMzj4A4R5QJz58UBp-rH6pBTIkNxpY... Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- meta generator /WordPress( [\d.]+)?/i
PHP (Programming Languages) Expand
Detected patterns
- meta generator /WordPress( [\d.]+)?/i
Ubuntu (Operating Systems) Expand
Detected patterns
- headers server /Ubuntu/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: GadgetPush
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Gadgets
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://fdic.club/
HTTP 302
http://prinues-ordleyond.com/6a090088-3c7e-49f2-96ab-2e672e753d58?ad={ad}&s2={clickid}&dg={dg} HTTP 302
http://prayandlove.club/GP/mk.php?cep=SJtIqP7IWIuHe7diI4ZK0NwreMEYkQT3XMzj4A4R5QJz58UBp-rH6pBTIkNxpYzb27pJYigyIDTLvEVtcgeoFBONab_Ya-exSHHbKgJ_oGn4o-8x1Hbh5apYoaesmpv2ObKnirAYEvHF2oNsSfcBaKclylBs-NEAp35FyLLncvaUOTt3eX9QrnNtCCGmtqOo1vnRZFk_cS8Bioo7Ytc4f8Hx61D7R_art316exCZjL0&ad=%7Bad%7D&s2=%7Bclickid%7D&dg=%7Bdg%7D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
mk.php
prayandlove.club/GP/ Redirect Chain
|
71 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
merged.css
prayandlove.club/GP/images/ |
379 KB 99 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
prayandlove.club/GP/images/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-migrate.min.js
prayandlove.club/GP/images/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
be6b1ad7e6795b3c8ae8f9e88f4bf0f6.png
prayandlove.club/GP/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
den2.jpg
prayandlove.club/GP/images/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.jpg
prayandlove.club/GP/images/ |
138 KB 138 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
W1.png
prayandlove.club/GP/images/ |
54 KB 54 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mm.jpg
prayandlove.club/GP/images/ |
59 KB 59 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dc.jpg
hera.gadgetpush.com/wp-content/uploads/2018/04/ |
40 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Jennifer-Hudson.jpg
hera.gadgetpush.com/wp-content/uploads/2018/10/ |
150 KB 151 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
offer-1.jpg
prayandlove.club/GP/images/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
marathonketo.png
prayandlove.club/GP/images/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
at.jpg
prayandlove.club/GP/images/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ks.jpg
prayandlove.club/GP/images/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cb.png
prayandlove.club/GP/images/ |
160 KB 160 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dad.png
prayandlove.club/GP/images/ |
80 KB 80 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Susanne-before-and-after-weight-loss-500450.jpg
prayandlove.club/GP/images/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
157408_100003251945826_202385715_q.jpg
prayandlove.club/GP/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in.php
prayandlove.club/GP/images/ |
181 B 428 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html
prayandlove.club/GP/images/ Frame FE42 |
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
119 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
112 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
98 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite.png
prayandlove.club/GP/images/ |
92 KB 92 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VuJpdNDF2Yv9qppOePKYRP1-3R5NuGvQjjLkeQ.woff2
fonts.gstatic.com/s/noticiatext/v8/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nKKU-Go6G5tXcr5KPxWnVaFrNlJz.woff2
fonts.gstatic.com/s/kanit/v4/ |
10 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nKKZ-Go6G5tXcraVGwCKd6xB.woff2
fonts.gstatic.com/s/kanit/v4/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nKKU-Go6G5tXcr5mOBWnVaFrNlJz.woff2
fonts.gstatic.com/s/kanit/v4/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VuJ2dNDF2Yv9qppOePKYRP12ZjtYlUndpA.woff2
fonts.gstatic.com/s/noticiatext/v8/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VuJodNDF2Yv9qppOePKYRP12Ywtan07_pjjs.woff2
fonts.gstatic.com/s/noticiatext/v8/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VuJrdNDF2Yv9qppOePKYRP12YwPhulvShDXGe9ny.woff2
fonts.gstatic.com/s/noticiatext/v8/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nKKU-Go6G5tXcr4uPhWnVaFrNlJz.woff2
fonts.gstatic.com/s/kanit/v4/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff2
prayandlove.club/GP/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
14 KB 14 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
undefined
prayandlove.club/GP/images/ Frame FE42 |
299 B 515 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Weightloss Scam (Online)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask undefined| $ function| jQuery number| NO_PINGY_1011359110 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fdic.club
fonts.gstatic.com
hera.gadgetpush.com
prayandlove.club
prinues-ordleyond.com
18.219.255.245
192.64.119.68
2a00:1450:4001:81f::2003
52.29.197.42
69.167.167.14
19b42a034a6f8978e5774a746e2a0da52fda1fa1233dc04342d8dd606837fa61
1b3a969b80fc0f7c80619887e3de398a3e4da847ab89377034a3b1154be57ab2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
39e215a1e6d52967f7317d753908be825b17a22325f19c1864eba47521d48e88
3b958bb48703e673e1311c2b6094af4e90ef3a77e87b989bb2438fbf735b5265
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b5a0d925aef786ebd03801d87a33e9df340425d3add046dbdd19dc9cfa78280
515ad9e110e185f90bd0aef59138c02bb4a7c0b316f982b5226feb511d57988f
62dc4df0090c875ccfb19c551de4534c68cf67d4f848ce252badce980a1b5abc
6d0221e278f4cf2b0bb2dd2beb1542f7461c58e495f8bbfde9bfd72d6a3314b5
6ee3d2e596ae18ad264eb308ef45272358b526f6a83423aedd230b832fdb5a09
7318abdbd33a32a83dca00bb69ceb66110606688101b38bad7b1459f07297b40
78a0746c04fe3a005968c6bf1d10085c825683dcb8328c640d6cdc1ee799e110
817c66dd907f128d46ede6ca5303bb51c1edec0ad4b73354382c0dbd068c1283
869dae84d0e780868f83ad8e888a08e48d62c939ef6d55394ef35bc06a0a0fe6
87237a70418b7bb4db55bba18f4525daedcbf8d5e431d2a17c377c081e17a4fb
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
9ad36ab7e0650fca99a16a8dbcf201f7d8731d4decf666503b42e6fa83c97a8f
a6fbf9f9c70bc3080b2bc7419913a413c77ec58ef74f1a43ec4e8d4fe56dbb88
ae9a8ad84050d679d456e39545ccb2983808f078c835d2ff6a8bfafbd97a69b4
afef1fed3040f2bb3d4d811d0627ff65d22587c258046f22552f90c5a2d2ebfb
b2ec0b7cf1103ebcd7798d8b59f814f39d2487de67e177521590bd8a36e40007
b8bd23b81c05f187a601135319914307115701fca19f092403f5cf2d6ebfd737
b9c318072fad583a58c0a4055981ba56c8e351f7d77a13ae2a143b7c72289a61
bd5aaf974d43ffb85f07c9e16046d2a6d8be8b1744df024f453b5f1fd86d800e
c106e4fb034679b91ea376e26f69584ab9f9d851188e925ba3b8a4629becf88f
c5c3596952bfb3de9644bc4af074a61ef81ce670bea3b74abb5d71c5ed908189
c695baf22f4b6e88665f9046d30801761588574232f89d1d493e59894cab62ca
cf24dd0d067e043c6287fd425e37671cc9c39386c2281ba402c43beb63d64ae4
d63554f8766cc34b0e21fcb734a374c57e4f4986914b3579b1998f50ce0e1fe9
d881fe06f4993aea1baacf5738206c8bc4b2a37451b0babf3eb696ced830cdd1
dbe8e395b59e926309999af2bd8abd0d333ec71f3d63dd6978aa22657f810bd9
e58645c99d973c30ab91abff57b371370d48b9364f774bdf8650232329ed4861
f261c78309fddaa25d0e1e944f2327963d9534f185b4ca5730ad58f8ec2f1651
fa0ef232fc1794b893d2656ec0b117b12e4b5ae9b00629c0d97f626ebede9cde
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e