yourbestmen.life
Open in
urlscan Pro
31.184.202.105
Malicious Activity!
Public Scan
Effective URL: https://yourbestmen.life/?u=775wwwr&o=e66p9zh&t=48332_14486&cid=102214f46618914e0c1786775673d4&p=0&b=0
Submission Tags: @phishunt_io
Submission: On December 22 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 22nd 2021. Valid for: 3 months.
This is the only time yourbestmen.life was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Porn Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 143.204.98.8 143.204.98.8 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 205.185.216.10 205.185.216.10 | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 13 | 31.184.202.105 31.184.202.105 | 209813 (FASTCONTENT) (FASTCONTENT) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
16 | 5 |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-8.fra50.r.cloudfront.net
s.slext.link |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
yourbestmen.life
1 redirects
yourbestmen.life |
195 KB |
1 |
gstatic.com
fonts.gstatic.com |
24 KB |
1 |
googleapis.com
fonts.googleapis.com |
857 B |
1 |
ckstatic.com
ckstatic.com |
7 KB |
1 |
slext.link
s.slext.link |
2 KB |
16 | 5 |
Domain | Requested by | |
---|---|---|
13 | yourbestmen.life |
1 redirects
s.slext.link
yourbestmen.life |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
yourbestmen.life
|
1 | ckstatic.com |
s.slext.link
|
1 | s.slext.link | |
16 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.ajrkm.link Amazon |
2021-07-01 - 2022-07-30 |
a year | crt.sh |
ckstatic.com R3 |
2021-10-12 - 2022-01-10 |
3 months | crt.sh |
yourbestmen.life R3 |
2021-12-22 - 2022-03-22 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://yourbestmen.life/?u=775wwwr&o=e66p9zh&t=48332_14486&cid=102214f46618914e0c1786775673d4&p=0&b=0
Frame ID: 77F01F42AC491D4BBBD36C62F16AEDAC
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
Finde ein örtliches Sexdate in Frankfurt am MainPage URL History Show full URLs
- https://s.slext.link/48332/6104/0?aff_sub=&aff_sub2=14486&aff_sub3=wv6m7ikbbuuim2qc2ntsfq9s&sourc... Page URL
-
http://yourbestmen.life/?u=775wwwr&o=e66p9zh&t=48332_14486&cid=102214f46618914e0c1786775673d4&p=0&b=0
HTTP 301
https://yourbestmen.life/?u=775wwwr&o=e66p9zh&t=48332_14486&cid=102214f46618914e0c1786775673d4&p=0&b=0 Page URL
Detected technologies
animate.css (Web Frameworks) ExpandDetected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://s.slext.link/48332/6104/0?aff_sub=&aff_sub2=14486&aff_sub3=wv6m7ikbbuuim2qc2ntsfq9s&source=102b4da5128d5db1db470979a33ecd&bo=2772,2771,2770,2769,2768 Page URL
-
http://yourbestmen.life/?u=775wwwr&o=e66p9zh&t=48332_14486&cid=102214f46618914e0c1786775673d4&p=0&b=0
HTTP 301
https://yourbestmen.life/?u=775wwwr&o=e66p9zh&t=48332_14486&cid=102214f46618914e0c1786775673d4&p=0&b=0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
0
s.slext.link/48332/6104/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
history.js
ckstatic.com/js/historyjs/ |
23 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
yourbestmen.life/ Redirect Chain
|
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
animate.min.css
yourbestmen.life/media/gay-dating/casualyellow/ |
52 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
yourbestmen.life/media/gay-dating/casualyellow/ |
16 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js.cookie12.js
yourbestmen.life/cookie/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utils-gd.js
yourbestmen.life/util/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.min.js
yourbestmen.life/media/gay-dating/casualyellow/ |
253 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bbg.js
yourbestmen.life/media/ |
1 KB 788 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
664 B 857 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
no.png
yourbestmen.life/media/gay-dating/casualyellow/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yes.png
yourbestmen.life/media/gay-dating/casualyellow/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.jpg
yourbestmen.life/media/gay-dating/casualyellow/ |
94 KB 94 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pattern.png
yourbestmen.life/media/gay-dating/casualyellow/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
alert.mp3
yourbestmen.life/media/gay-dating/casualyellow/ |
2 KB 2 KB |
XHR
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Porn Scam (Online)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| requestLink object| geoData string| ip number| exDays boolean| validNavigation function| wireUpEvents function| Cookies function| docReady function| getParameterByName function| languageDetection function| writeLocation object| geoRefData function| showLocation function| getCookie function| getBackendParamsByName function| addSessionId function| changeTitle function| $ function| jQuery function| faviconPulse string| sMobile string| sDesktop function| isMobileDevice string| sound boolean| PreventBb string| curX string| nextX function| getUrlParameter function| getUrlWithParam3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
s.slext.link/ | Name: enc_aff_session_6104 Value: ENC0388548143a97b7693bb3273d55a95507156c033561b3ffcbdf7b91fd501f5685c856aef03be82fb3e2d6b4a9c67023b2c1959d34f09a83dc79cc78afa1fa9b5bb292adf44a3b8ca86775120b998235a61d7336d08b45c46bff9fb8f03d90fc4681f059dd008d776e261feb17846dc5a29d621971e4dfb0f5b38bd0972410431135067ced7c646a7c099399212e09fbc2cdb1f49438fba27fd4ab5f62fbee657902631cfc9 |
|
s.slext.link/ | Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Ni4wIiwibW9iaWxlX2NhcnJpZXIiOiI%2FIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D |
|
yourbestmen.life/ | Name: sid Value: t3~c1s5mscw1ociwodhpqgjgoh3 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15724800; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ckstatic.com
fonts.googleapis.com
fonts.gstatic.com
s.slext.link
yourbestmen.life
143.204.98.8
205.185.216.10
2a00:1450:4001:802::200a
2a00:1450:4001:830::2003
31.184.202.105
022eba65c89ae881ddd7ec551559b17ba1015651651c8a694f0e8daa00443c69
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045
319de1e3cf3481d86391f61bb2d19df584f42ce75803d98f42e381b1f731d5d8
4d514fde1c5c1c12a1eef2aa4c1c1b85dceb01fd15a5ba39c18d0a5c4103555b
5cbc28ef1cf07ab8956014b581aa2b96baac861237975813702e63c886b0c004
67a6dc7e24f4a3c142724bb37a358037538befb731478c33d58f236ba836ed78
6bfdecff876226c1e233f71e7b0b1a6e0eb238281a52156c39f051691dd88a43
847114c72993c1a2198bc005e59e44b9888f28550849997cb900ea8d743fb047
849900a64e526bb21510a736d77aeee11470f4ccbde97e7675f15db0ffb44642
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
937b56fed15e05e9c90f278f2bef06f3969f3333a0b0d8be998ab22a13f9d673
9e564c40e93cda0a49bc0f9f46538d95fe7343c56f3c5ed63fa0c35911163dd3
aa5d1b6067126f0258e1eb7d49c12332eada6e0faa6d12780c5c7cceb7c2917b
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32
fedd7527d1cceee3052bf4bb62e76d56e8200a115d8a2affae23a125578b7ad1