bfghabd.flirtarea.link Open in urlscan Pro
158.69.126.131 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://2024dating.info/?dmvet
Effective URL:
https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf
Submission: On August 12 via api (August 12th 2024, 6:05:31 pm UTC) from US — Scanned from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 158.69.126.131, located in Montreal, Canada and belongs to OVH, FR. The main domain is bfghabd.flirtarea.link.
TLS certificate: Issued by R11 on June 27th 2024. Valid for: 3 months.

This is the only time bfghabd.flirtarea.link was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Porn Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
2	172.67.142.155 172.67.142.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	158.69.126.131 158.69.126.131	16276 (OVH) (OVH)
17	2

2 172.67.142.155 (United States)

ASN13335 (CLOUDFLARENET, US)

2024dating.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 158.69.126.131 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns522380.ip-158-69-126.net

bfghabd.flirtarea.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	flirtarea.link bfghabd.flirtarea.link	331 KB
2	2024dating.info 2024dating.info	1 KB
17	2

	Domain	Requested by
15	bfghabd.flirtarea.link	bfghabd.flirtarea.link
2	2024dating.info
17	2

This site contains no links.

Subject Issuer	Validity	Valid
2024dating.info WE1	`2024-07-28` - `2024-10-26`	3 months	crt.sh
flirtarea.link R11	`2024-06-27` - `2024-09-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf
Frame ID: 194755AF8504B2C713FE0CD41B924C5A
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Which boobs do you prefer?

Page URL History Show full URLs

http://2024dating.info/?dmvet HTTP 307
https://2024dating.info/?dmvet Page URL
https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

332 kB
Transfer

416 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://2024dating.info/?dmvet HTTP 307
https://2024dating.info/?dmvet Page URL
https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://2024dating.info/?dmvet HTTP 307
https://2024dating.info/?dmvet

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	/ 2024dating.info/ Redirect Chain http://2024dating.info/?dmvet https://2024dating.info/?dmvet	111 B 537 B	785ms 283ms	Document text/html	172.67.142.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://2024dating.info/?dmvet Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.142.155 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8b2264ae8d8d9acb-MIA content-encoding br content-type text/html; charset=UTF-8 date Mon, 12 Aug 2024 18:05:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AtijxDwdo%2F2x6hiaXxYj9huEfp6fU7H0DhIFP77clzta6D1lrh%2BCDA2UrUcWp2C2E0NfEH7E4oISRalKUYq6HHMGdLicpvYK%2BHIFc6KOSFHEssXHVTgS4QlZz8JekxohNFY%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers Location https://2024dating.info/?dmvet Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 OK	Primary Request 75a694c44e329 Show response bfghabd.flirtarea.link/s/	42 KB 17 KB	1514ms 852ms	Document text/html	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `9d53dac34da49eea7ed2ef405c9cbf62fb05934d70a1dfb1f05ae9f5a6f26b4d` Request headers Referer https://2024dating.info/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Mon, 12 Aug 2024 18:05:25 GMT Expires 0 Pragma no-cache Server openresty/1.19.3.1 Transfer-Encoding chunked Vary Accept-Encoding Accept-Encoding
GET H3	200	favicon.ico 2024dating.info/	111 B 540 B	301ms 301ms	Other text/html	172.67.142.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://2024dating.info/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.142.155 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://2024dating.info/?dmvet User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 12 Aug 2024 18:05:24 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 12 Aug 2024 18:05:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2BzO3AdtpMlx0VVQLPZvTyYJ%2FvISS1NJoA4sneX%2B98nt8FKMQhjmhVSGy5GaG1j9motAxAEIG5rPPxByfzhs9Ay0R2NxOCKRAn2CJ44iJECq9KrZDAA5HkzBYVURQFeeuzc%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 8b2264b0efea9acb-MIA alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	style.css bfghabd.flirtarea.link/bundle/219/assets/css/	3 KB 1 KB	82ms 81ms	Stylesheet text/css	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL https://bfghabd.flirtarea.link/bundle/219/assets/css/style.css Requested by Host: bfghabd.flirtarea.link URL: https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `e7c46a1c35a4dcde4f855ecfb2dbf363b1b97acaf61a28b6a1962efb72e881dd` Request headers Referer https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Mon, 12 Aug 2024 18:05:25 GMT Content-Encoding gzip Last-Modified Tue, 22 Oct 2019 09:34:33 GMT Server openresty/1.19.3.1 ETag W/"5daecd29-b96" Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding Content-Type text/css Cache-Control max-age=2592000, private Connection keep-alive Expires Wed, 11 Sep 2024 18:05:25 GMT
GET H/1.1	200 OK	1-1.jpg bfghabd.flirtarea.link/bundle/219/assets/img/	27 KB 27 KB	322ms 133ms	Image image/jpeg	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://bfghabd.flirtarea.link/bundle/219/assets/img/1-1.jpg Requested by Host: bfghabd.flirtarea.link URL: https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `afee828deb4f8539735da36032c0d3ecb40fa5251129ecc432af7a675b299bfb` Request headers Referer https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Mon, 12 Aug 2024 18:05:25 GMT Last-Modified Tue, 22 Oct 2019 09:34:33 GMT Server openresty/1.19.3.1 ETag "5daecd29-6b12" Content-Type image/jpeg Cache-Control max-age=2592000, private Connection keep-alive Accept-Ranges bytes Content-Length 27410 Expires Wed, 11 Sep 2024 18:05:25 GMT
GET H/1.1	200 OK	1-2.jpg bfghabd.flirtarea.link/bundle/219/assets/img/	21 KB 21 KB	356ms 150ms	Image image/jpeg	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://bfghabd.flirtarea.link/bundle/219/assets/img/1-2.jpg Requested by Host: bfghabd.flirtarea.link URL: https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `762d6a41d701d26adefa79edb51320a456b5394b50510a4dc1d70acbdbb24d0f` Request headers Referer https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Mon, 12 Aug 2024 18:05:25 GMT Last-Modified Tue, 22 Oct 2019 09:34:33 GMT Server openresty/1.19.3.1 ETag "5daecd29-5475" Content-Type image/jpeg Cache-Control max-age=2592000, private Connection keep-alive Accept-Ranges bytes Content-Length 21621 Expires Wed, 11 Sep 2024 18:05:25 GMT
GET H/1.1	200 OK	1-3.jpg bfghabd.flirtarea.link/bundle/219/assets/img/	20 KB 20 KB	297ms 77ms	Image image/jpeg	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://bfghabd.flirtarea.link/bundle/219/assets/img/1-3.jpg Requested by Host: bfghabd.flirtarea.link URL: https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `5e60e6637e6525bd535b050fcceda17a970e00b7fd50bb8165f3e66ad2dd4f27` Request headers Referer https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Mon, 12 Aug 2024 18:05:25 GMT Last-Modified Tue, 22 Oct 2019 09:34:33 GMT Server openresty/1.19.3.1 ETag "5daecd29-5070" Content-Type image/jpeg Cache-Control max-age=2592000, private Connection keep-alive Accept-Ranges bytes Content-Length 20592 Expires Wed, 11 Sep 2024 18:05:25 GMT
GET H/1.1	200 OK	2-1.jpg bfghabd.flirtarea.link/bundle/219/assets/img/	28 KB 29 KB	405ms 117ms	Image image/jpeg	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://bfghabd.flirtarea.link/bundle/219/assets/img/2-1.jpg Requested by Host: bfghabd.flirtarea.link URL: https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `b3bdd197284dbd9df257cd9c5afc1b355791130ed158fddf7cbdd24bcc7211b8` Request headers Referer https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Mon, 12 Aug 2024 18:05:25 GMT Last-Modified Tue, 22 Oct 2019 09:34:33 GMT Server openresty/1.19.3.1 ETag "5daecd29-70bb" Content-Type image/jpeg Cache-Control max-age=2592000, private Connection keep-alive Accept-Ranges bytes Content-Length 28859 Expires Wed, 11 Sep 2024 18:05:25 GMT
GET H/1.1	200 OK	2-2.jpg bfghabd.flirtarea.link/bundle/219/assets/img/	31 KB 32 KB	413ms 116ms	Image image/jpeg	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://bfghabd.flirtarea.link/bundle/219/assets/img/2-2.jpg Requested by Host: bfghabd.flirtarea.link URL: https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `770349c1793e9805dd4c1ee0f965bdd04997dba4beea08867cdae72fe191d5e9` Request headers Referer https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Mon, 12 Aug 2024 18:05:25 GMT Last-Modified Tue, 22 Oct 2019 09:34:33 GMT Server openresty/1.19.3.1 ETag "5daecd29-7d5d" Content-Type image/jpeg Cache-Control max-age=2592000, private Connection keep-alive Accept-Ranges bytes Content-Length 32093 Expires Wed, 11 Sep 2024 18:05:25 GMT
GET H/1.1	200 OK	2-3.jpg bfghabd.flirtarea.link/bundle/219/assets/img/	27 KB 28 KB	78ms 77ms	Image image/jpeg	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://bfghabd.flirtarea.link/bundle/219/assets/img/2-3.jpg Requested by Host: bfghabd.flirtarea.link URL: https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `57e92412a2113197019947b2ee0b8346207c303d7c4e64ebb847565be6e453c3` Request headers Referer https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Mon, 12 Aug 2024 18:05:25 GMT Last-Modified Tue, 22 Oct 2019 09:34:33 GMT Server openresty/1.19.3.1 ETag "5daecd29-6d38" Content-Type image/jpeg Cache-Control max-age=2592000, private Connection keep-alive Accept-Ranges bytes Content-Length 27960 Expires Wed, 11 Sep 2024 18:05:25 GMT
GET H/1.1	200 OK	jquery.js Show response bfghabd.flirtarea.link/bundle/219/assets/js/	95 KB 34 KB	141ms 110ms	Script application/javascript	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL https://bfghabd.flirtarea.link/bundle/219/assets/js/jquery.js Requested by Host: bfghabd.flirtarea.link URL: https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18` Request headers Referer https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Mon, 12 Aug 2024 18:05:25 GMT Content-Encoding gzip Last-Modified Tue, 22 Oct 2019 09:34:33 GMT Server openresty/1.19.3.1 ETag W/"5daecd29-17b8a" Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000, private Connection keep-alive Expires Wed, 11 Sep 2024 18:05:25 GMT
GET H/1.1	200 OK	functions.js Show response bfghabd.flirtarea.link/bundle/219/assets/js/	610 B 746 B	109ms 66ms	Script application/javascript	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL https://bfghabd.flirtarea.link/bundle/219/assets/js/functions.js Requested by Host: bfghabd.flirtarea.link URL: https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `e0580c7e340250dd1410969336ccf9892505d29d813c8d493b1e34044831f0d4` Request headers Referer https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Mon, 12 Aug 2024 18:05:25 GMT Content-Encoding gzip Last-Modified Tue, 22 Oct 2019 09:34:33 GMT Server openresty/1.19.3.1 ETag W/"5daecd29-262" Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000, private Connection keep-alive Expires Wed, 11 Sep 2024 18:05:25 GMT
GET H/1.1	200 OK	bg1.jpg bfghabd.flirtarea.link/bundle/219/assets/img/	36 KB 37 KB	220ms 127ms	Image image/jpeg	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://bfghabd.flirtarea.link/bundle/219/assets/img/bg1.jpg Requested by Host: bfghabd.flirtarea.link URL: https://bfghabd.flirtarea.link/bundle/219/assets/css/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `76f4995baba6266e4762ec0a790351b295237367dbd898e5853e8066097f4f84` Request headers Referer https://bfghabd.flirtarea.link/bundle/219/assets/css/style.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Mon, 12 Aug 2024 18:05:25 GMT Last-Modified Tue, 22 Oct 2019 09:34:33 GMT Server openresty/1.19.3.1 ETag "5daecd29-91a8" Content-Type image/jpeg Cache-Control max-age=2592000, private Connection keep-alive Accept-Ranges bytes Content-Length 37288 Expires Wed, 11 Sep 2024 18:05:25 GMT
GET H/1.1	200 OK	bg2.jpg bfghabd.flirtarea.link/bundle/219/assets/img/	38 KB 38 KB	178ms 135ms	Image image/jpeg	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://bfghabd.flirtarea.link/bundle/219/assets/img/bg2.jpg Requested by Host: bfghabd.flirtarea.link URL: https://bfghabd.flirtarea.link/bundle/219/assets/css/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `1752673c0e49d18a681123b02599cfabd55916187431de4f36f50c1323806cc7` Request headers Referer https://bfghabd.flirtarea.link/bundle/219/assets/css/style.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Mon, 12 Aug 2024 18:05:25 GMT Last-Modified Tue, 22 Oct 2019 09:34:33 GMT Server openresty/1.19.3.1 ETag "5daecd29-9688" Content-Type image/jpeg Cache-Control max-age=2592000, private Connection keep-alive Accept-Ranges bytes Content-Length 38536 Expires Wed, 11 Sep 2024 18:05:25 GMT
GET H/1.1	200 OK	bg3.jpg bfghabd.flirtarea.link/bundle/219/assets/img/	45 KB 45 KB	199ms 145ms	Image image/jpeg	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://bfghabd.flirtarea.link/bundle/219/assets/img/bg3.jpg Requested by Host: bfghabd.flirtarea.link URL: https://bfghabd.flirtarea.link/bundle/219/assets/css/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `cf615e80032f96193c070a4dfbc4d3c240e8604a53ee51a5a7abf6719cb2ad31` Request headers Referer https://bfghabd.flirtarea.link/bundle/219/assets/css/style.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Mon, 12 Aug 2024 18:05:25 GMT Last-Modified Tue, 22 Oct 2019 09:34:33 GMT Server openresty/1.19.3.1 ETag "5daecd29-b3ca" Content-Type image/jpeg Cache-Control max-age=2592000, private Connection keep-alive Accept-Ranges bytes Content-Length 46026 Expires Wed, 11 Sep 2024 18:05:25 GMT
GET H/1.1	200 OK	favicon.png bfghabd.flirtarea.link/bundle/219/assets/img/	2 KB 2 KB	76ms 75ms	Other image/png	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL https://bfghabd.flirtarea.link/bundle/219/assets/img/favicon.png Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `9022860c59152989dd2a1f990274d907c87b3da595aee3b43d0bab6eadf2b2a5` Request headers Referer https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Mon, 12 Aug 2024 18:05:26 GMT Last-Modified Tue, 22 Oct 2019 09:34:33 GMT Server openresty/1.19.3.1 ETag "5daecd29-627" Content-Type image/png Cache-Control max-age=2592000, private Connection keep-alive Accept-Ranges bytes Content-Length 1575 Expires Wed, 11 Sep 2024 18:05:26 GMT
POST H/1.1	200 OK	track.php Show response bfghabd.flirtarea.link/	0 277 B	308ms 306ms	XHR text/html	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL https://bfghabd.flirtarea.link/track.php Requested by Host: bfghabd.flirtarea.link URL: https://bfghabd.flirtarea.link/bundle/219/assets/js/jquery.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Mon, 12 Aug 2024 18:05:26 GMT Content-Encoding gzip Server openresty/1.19.3.1 Connection keep-alive Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding Content-Type text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.flirtarea.link/	1970-01-20 22:46:12	Name: s Value: d12vl9wAAR6pY4t1lBBJAeyxn%2FXJ5yupV6q6nh9iCwt4hLbUHLqBSN5fHgKYEJBuvc1P%2B15RowRCrzhWlCsELyB%2B3vkRH5tb%2FTdQQiJj4faWGOkP1Zbul9xlLVp3oLUzbyFOIX7hS%2F50vMQz4%2Bq8pXxTopSvXkfwCa62%2BhdDYH9pgc9Siv354fDSHc%2F6%2FrXj%2BHC%2Fa2jD3k%2FBrDkVJMPMFU2IhLxb8tQFq7prp0%2B1sF%2BSfQJrpHC%2BD4YmMVlsA4jYtsWRJ5kQI2ocwe9QY7mlGMMM2%2Bpl3304zRZQw07MeT9YGJFxPkcc6TEi3pFVlw8SBO4yRE4WMHYGL9ABAj1d8eA3v00yf%2BHgSvOlwgzR6RbrdVWDKwP%2FYgSqYj1VpjO936ImY%2B6z3d1GwMay7%2BckAA8TH2W8hkpIIgO1gCa4ocK7R8STKMsGsnCBvhPd2fpZkF%2BKxeg4bP26fU2d42oRMvuUkU1XEz6lPJU7nuxywBEqQPuZFIhQYYHsJdpYgM%2BuFYwNQHOvmDT6ruiHpG8yIjrpAFQuddTfxJJQ9Jt5AhfyA5k9o%2BQclOmchtzC5KjcgeGXP48djGBTQdMtI4QC1s9SPeZGJsupTyxtrJGzS7e9OVC7OiZlAS%2FqfYY4EhbT%2FNIint4cGecZxnj2Ua0x7K%2FPJa%2B%2Fx4En%2B20LoWEkyavvEcdtZ0s%2F6g9BDM9gEyvjEy6zyyHfQFySwad1zmc6ff0TtYpXaMfdnl8G%2FSKOPDUDfgHSgJ11xL6P%2BUu9q0kGY4bCbgQHxsvksVV4yClIvdkGY9dUql1Lwv%2BY%2BlI4oy%2BDPOcfopUGv%2F2UW8duQNzR1uOOmVhOQFYhZzqaN677SeVZMdB%2BPmfzt4M1JkuOqXp8RpVACAEXQfFwmheFXmTGEFCdJRspgtXHlQTA%2BGwXL6AJHJ7iW15BtHG41q74%2BWvTGA6pdsQt2gAJJzsKVqLGUnUcx6f9g%2FkP4frW%2FPO0zGthXJhs7ENLPptL5u%2B0i7Bzh4gpeg8LEukbiyr2JwEiH3wqj6UFxXc6Wd5xf4qSb5EqbChQgERIhFXqN92qMWRx6e%2BGaW5u442%2BZN6RS%2Fmob1UmPx7QZqSjLOigWQezrkSjusBqtiZTaFaTXco2BTjNayk2P2ZZae6l6KV2mCyULZl%2BK%2B1wnJ6dI9RoBhlfC%2FOP3yIsxFQJkwSQKGq29tFpM0VMe9jVCa8Rhy9Fh8TwyAeLuXF5iVgWMSn0g0On4Ol6ePTbCMik8SYQDN%2BlRASE%2FcdygcIew%2FoZauyrlbRhN2n4f93vb2NnTLtJNIhUpqkGv9Sgbx1Pq%2BeKW5yFOtSbGp76baxrgFc7DU3k2Yg6dBuqgDERQZsr%2F10NFzUvthlkSKgK0otfaNcg6GLa2kXpL3y%2FbWAzsbGCYfFjjBKmlD4jHENK%2FGZ7KBrX9PfQrulXfP4bclhzJmG%2Bw4qa8DF%2BzLeCIoh6CryRBjIG7kVahZYHVmQBkJ9Cfnt%2F910RMn%2FAfLYSfVBoITFPEwiuEuOEnAJOIke8R0J38gYbRUm4YnFQPGZ6wSGvTA9fjYY%2Bj%2FiciqCWPeQ0XBGboNKnoxjibapwVZQeaHnIhnS2pZjcWXDIT2bmyagU63smZyvm16mkGNrhVhc8tnDFYPWop1XUHGNvylzYwmMabvQwLgEKJXBMv9E8f6Nf5kkHNv9xfVo9%2FjNdtY64augArx6wLbcr6T9sLWFNonvdV0xRRhv2pgA1hGMQidhrNY%2BKO%2F0chPN%2BSEJQ8VDJNFfWHbI79solVVG5Aj1uU%2F3mED%2FQtmCT%2B02KL1wuxti1l11KQ5ajKwibklc%2BtPilfsSiC9KG5UCZLEJVbD1sPGkS3vh725OMowXR%2FuRat0NBBJu3kqX9
			bfghabd.flirtarea.link/	1969-12-31 23:59:59	Name: CF Value: VpTPr5exDIwOmzrc0T1x3A__

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://bfghabd.flirtarea.link/s/75a694c44e329?sub2=ppdf&track=ppdf(Line 5) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2024dating.info
bfghabd.flirtarea.link
158.69.126.131
172.67.142.155
1752673c0e49d18a681123b02599cfabd55916187431de4f36f50c1323806cc7
57e92412a2113197019947b2ee0b8346207c303d7c4e64ebb847565be6e453c3
5e60e6637e6525bd535b050fcceda17a970e00b7fd50bb8165f3e66ad2dd4f27
762d6a41d701d26adefa79edb51320a456b5394b50510a4dc1d70acbdbb24d0f
76f4995baba6266e4762ec0a790351b295237367dbd898e5853e8066097f4f84
770349c1793e9805dd4c1ee0f965bdd04997dba4beea08867cdae72fe191d5e9
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
9022860c59152989dd2a1f990274d907c87b3da595aee3b43d0bab6eadf2b2a5
9d53dac34da49eea7ed2ef405c9cbf62fb05934d70a1dfb1f05ae9f5a6f26b4d
afee828deb4f8539735da36032c0d3ecb40fa5251129ecc432af7a675b299bfb
b3bdd197284dbd9df257cd9c5afc1b355791130ed158fddf7cbdd24bcc7211b8
cf615e80032f96193c070a4dfbc4d3c240e8604a53ee51a5a7abf6719cb2ad31
e0580c7e340250dd1410969336ccf9892505d29d813c8d493b1e34044831f0d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c46a1c35a4dcde4f855ecfb2dbf363b1b97acaf61a28b6a1962efb72e881dd

bfghabd.flirtarea.link Open in urlscan Pro 158.69.126.131 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

332 kBTransfer

416 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

16 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

bfghabd.flirtarea.link Open in urlscan Pro
158.69.126.131 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

332 kB
Transfer

416 kB
Size

2
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!