biabfj.meetdats.com Open in urlscan Pro
158.69.126.131  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://xkos.pics/kimberlyha73632 Page URL
2. https://biabfj.meetdats.com/s/604129d0386ac Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	kimberlyha73632 Show response xkos.pics/	19 KB 8 KB	437ms 383ms	Document text/html	2606:4700:3033::6815:55eb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://xkos.pics/kimberlyha73632 Protocol HTTP/1.1 Server 2606:4700:3033::6815:55eb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4368337814d36aefeeb80c2e003735b1ca50a9630e02d93f275cf53c395653b5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language en-US,en;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 85e4e520bfce74ba-MIA Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sat, 02 Mar 2024 22:41:35 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Pragma no-cache Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OElGS5IylIvPx87XH0SAY2XJQ6HnP9sdVHkRoc%2FQNUketKWP%2FXPQLRHe5U%2BZJp6DfgZyP9DYe95JR5mlv2Pd3QjLzQ9L86iZSL6M6CZ9q8%2B7Ll9o804acDx2DB0WDP%2Fhke1eUw7Imxc%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	Primary Request 604129d0386ac Show response biabfj.meetdats.com/s/	44 KB 19 KB	1520ms 665ms	Document text/html	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL https://biabfj.meetdats.com/s/604129d0386ac Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash 9cca4f6d661c055b7ab1d9c641e8486f3842bbe56577996535337a3d9312c4d4 Request headers Referer http://xkos.pics/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sat, 02 Mar 2024 22:41:36 GMT Expires 0 Pragma no-cache Server openresty/1.19.3.1 Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	style.css biabfj.meetdats.com/bundle/536/assets/css/	6 KB 6 KB	108ms 90ms	Stylesheet text/css	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL https://biabfj.meetdats.com/bundle/536/assets/css/style.css Requested by Host: biabfj.meetdats.com URL: https://biabfj.meetdats.com/s/604129d0386ac Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash 1b5cba2f02c5d464192fe747c2fdd2619b5bed58f50041b56a2d41b1f30b7ee3 Request headers accept-language en-US,en;q=0.9 Referer https://biabfj.meetdats.com/s/604129d0386ac User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sat, 02 Mar 2024 22:41:36 GMT Last-Modified Tue, 14 Dec 2021 09:41:25 GMT Server openresty/1.19.3.1 ETag "61b866c5-187a" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 6266
GET H/1.1	200 OK	jquery.js Show response biabfj.meetdats.com/bundle/536/assets/js/	84 KB 84 KB	201ms 93ms	Script application/javascript	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL https://biabfj.meetdats.com/bundle/536/assets/js/jquery.js Requested by Host: biabfj.meetdats.com URL: https://biabfj.meetdats.com/s/604129d0386ac Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash c7e4dd5aed848878fa1b5856d5e6e674815034f0836f636f73093b14bae01388 Request headers accept-language en-US,en;q=0.9 Referer https://biabfj.meetdats.com/s/604129d0386ac User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sat, 02 Mar 2024 22:41:37 GMT Last-Modified Tue, 14 Dec 2021 09:41:27 GMT Server openresty/1.19.3.1 ETag "61b866c7-14f3e" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 85822
GET H/1.1	200 OK	functions.js Show response biabfj.meetdats.com/bundle/536/assets/js/	2 KB 2 KB	214ms 69ms	Script application/javascript	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL https://biabfj.meetdats.com/bundle/536/assets/js/functions.js Requested by Host: biabfj.meetdats.com URL: https://biabfj.meetdats.com/s/604129d0386ac Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash 8a7089c70c9247fed6f869ad728570503829745d859a22c862c37f42d1f165b9 Request headers accept-language en-US,en;q=0.9 Referer https://biabfj.meetdats.com/s/604129d0386ac User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sat, 02 Mar 2024 22:41:37 GMT Last-Modified Tue, 14 Dec 2021 09:41:26 GMT Server openresty/1.19.3.1 ETag "61b866c6-6b1" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1713
GET H/1.1	206 Partial Content	1.mp4 biabfj.meetdats.com/bundle/536/assets/images/	924 KB 924 KB	306ms 163ms	Media video/mp4	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL https://biabfj.meetdats.com/bundle/536/assets/images/1.mp4 Requested by Host: biabfj.meetdats.com URL: https://biabfj.meetdats.com/s/604129d0386ac Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash e279b8715485e679ed6de12e2515610c6a00179960db6d67c0375905e4756b78 Request headers Referer https://biabfj.meetdats.com/s/604129d0386ac Accept-Encoding identity;q=1, *;q=0 accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Range bytes=0- Response headers Date Sat, 02 Mar 2024 22:41:37 GMT Last-Modified Tue, 14 Dec 2021 09:41:26 GMT Server openresty/1.19.3.1 ETag "61b866c6-e6e01" Content-Type video/mp4 Content-Range bytes 0-945664/945665 Connection keep-alive Content-Length 945665
GET H2	200	color Show response guard.cdtbox.rocks/	123 B 297 B	193ms 56ms	XHR application/json	2600:1f18:2448:f220:108:d35c:d215:9072 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://guard.cdtbox.rocks/color?x=1&forScheme=aHR0cHM6Ly9iaWFiZmoubWVldGRhdHMuY29tL3MvNjA0MTI5ZDAzODZhYw== Requested by Host: biabfj.meetdats.com URL: https://biabfj.meetdats.com/bundle/536/assets/js/jquery.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:2448:f220:108:d35c:d215:9072 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash c9a1e2bb214a17df79173359c4b4d7f2a078c02b0e0b44d8b245b8c0fe040af1 Request headers accept-language en-US,en;q=0.9 Referer https://biabfj.meetdats.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers access-control-allow-origin * date Sat, 02 Mar 2024 22:41:37 GMT server nginx content-length 123 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json
POST H/1.1	200 OK	track.php Show response biabfj.meetdats.com/	0 254 B	316ms 313ms	XHR text/html	158.69.126.131 OVH
General Check archive.org Show headers Download Go to Full URL https://biabfj.meetdats.com/track.php Requested by Host: biabfj.meetdats.com URL: https://biabfj.meetdats.com/bundle/536/assets/js/jquery.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns522380.ip-158-69-126.net Software openresty/1.19.3.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://biabfj.meetdats.com/s/604129d0386ac X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Sat, 02 Mar 2024 22:41:37 GMT Content-Encoding gzip Server openresty/1.19.3.1 Connection keep-alive Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=UTF-8

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| xhttplp string| cf boolean| exitPopunder string| fpDataEncoded function| sendTrack function| Fingerprint2 function| fingerprintGo function| collectTrackParams function| closingConfirm function| handleError function| getParameterByName function| collectParams function| checkRequired function| setLeadInfo function| setCF

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			xkos.pics/	1969-12-31 23:59:59	Name: Redirect Value: i5phq7hrqj55dp2mea8603hul0
			xkos.pics/	1969-12-31 23:59:59	Name: QShESu1051VqS1gPzwxAGBN22d7i3Nf1XVugnsdvHEs Value: JU6L8yJSfDCkXGIpKGxadwvbI0ZzixAIJi6rVw9XRbk
			xkos.pics/	1970-01-20 18:50:22	Name: e591abf6326b2a6c9da38ba795496a84 Value: 1
			.meetdats.com/	1970-01-20 18:51:45	Name: s Value: tc9CmXV7BTBPXgPapRyXxtKBbQl3CX8LvV5dHVXSRNiNt%2Ffp8OGPl%2BtfUt%2F99ddWoCcIRyD7%2FkzWKtrgm40VOyB%2BJvmnHqJb%2FRS4H6kKZX3hr%2FsLtPedYh%2F%2FVwSSw4dR2fIH4kvOUDaIa2Xf49oc5L1ofV7QueAJBsG5KB31FdJ%2BE%2FmB8AeeCkCn8B3qkv%2FIOClplsNWEszaOasc1qJZntOJemG0LdgI9XZe8B3AN%2BikkpH2T61s0nPkooQ916HHhB4wM%2Flbbem7TxN0oTsloZ%2FzjixXdJGwKoPiunrpbtSxnOY9WJBq9WWqXLyrhdQKEXK8TiRsmNwG49g%2BavKLeABfn5LDnqoVsbhe35Gu4VQiubwZErQs3zxR%2BOpAuXRQjj2lhLKBKrxw633%2FSgRvvOef7e0SwjpenJsr4V829NVGQInBI%2BTU3U5ZcACmTC%2BYQNQuG4O12ace%2B5QdpF4BZAw8%2FjF5owChAzAn64RhDF2RPbQN4bFflXaKhQYcR5k6VVqHUvnK%2BkncwYsolDqE4afVqhTZ%2FOUfa9ohpEsJhFlP%2FAs%2F7k%2FPob%2BV9G%2F17a83In3JffHsgNfu26ocl4684040ZsXP6rEhx7kOzLwJ2zvPtBhm0lGdS0QYmEYBQkXP3QKu1a57b4iHQyKF5ma81Sk7K9ohi9GveuSlTXQNNmQh7RYOJkodJyqB17UgoS80ar3rDyC4FKmmfG8PfSkvFAO0YBLslyL0aN4xOhDr35Tv%2BYcr2Z8OJTOo9iK3ef6ePUDN0tCmRfOjJHkJWhPzk8cwmIdgLnk0%2Bnfc%2B2%2BTVFD1jCfJ3DKbwXeSsvhDSHqI7eZjhdGl747ECn8R20wTiegAxaNtmOGdUO%2FOocaIvciGKluzeaB%2BfCPRhtPxl8IKVotlfd6CJrliJr0NqH4ddA5hDAn%2FDC7EC2AeVSCpz0cfezowFppRNzbLtpye81yF78C9eW7Fr4%2BjsSjUTbEXEky9yGcuhIYXSZsNcVx5qZE9vQ%2BRHBuhNSxxjCpTbNbkEzrwCPeOueYU2uQME1%2B4NlgdIqC1Ospna8zYKy0clsbs6BFkSH7ai8noh1j7H%2B9N9zpxjfVyJjV2qrYBaZXk8qVDS7zgK7v76oMrWvbfqVCZFIVAQPYL2IPiZKjyBIouRaevrvUi3KdWf5Zx%2F3wglWW7aJxjtdLwrvGkggdCNyOOE3sw%2Ff5OVt%2BUld0tSrZ9%2F52BnA62h9H4FaoBf2M1tEwKWp6cbPEZT1vdUDt%2BSvlcfkEijYMLRk7ox1Ho4KkgMdcXT8n%2FC%2BKQeLJ%2BC6cvAwZeg4EYsSArIDEP%2FNz8RtzbFyl6IKInO53fGz0LImGyhxT1SmLMm5TXCT4yV%2FoS%2B3qQZ%2FLEWWGk%2FQW2%2FU5605g%2Fiskqal9o57cMYOrk5tDvDyZpy697vli0RD0fFoJ9z9fR%2B35dWFI5IOWdl4RhuYvRyp7f6x2QLlWJ57AuSiWJ1W9Sa45ViFSevUfVmfMrP%2B3kJZ4%2ByySXHYXAa4l6WZ%2FEDr1gH%2BlFRFafxcnuhaVeiFT8vb2UTfFff8xFZY4pa%2F%2F08MzVBkoOHtJTAUE%2FGg3ZRBDwgPGJehX0B7l0gCZOGTnIXCn5Sr5W3i%2Bd%2Fw6%2FMiNN19fMAjmSSjYtd3JWQgtGpZX74yIWCe2aD6Y23NebL4n7E5v5m5zOoj7ad6jBaltZPSkdvX72hipFkqVqJ7qthUOeRqOTdcHFpLrj7wXGsTkIb3knLAxck14eYPSlR8iQt79GWMBDk1KMpfk%2BzHRJgoCxi5UkbdLSeyMU7TqIon%2FQuJVyxo5Xq5EptLQz%2BBYsNao%3D
			biabfj.meetdats.com/	1969-12-31 23:59:59	Name: CF Value: YTzMBw83Y/LvIpx0huaABQ__

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

biabfj.meetdats.com
guard.cdtbox.rocks
xkos.pics
158.69.126.131
2600:1f18:2448:f220:108:d35c:d215:9072
2606:4700:3033::6815:55eb
1b5cba2f02c5d464192fe747c2fdd2619b5bed58f50041b56a2d41b1f30b7ee3
4368337814d36aefeeb80c2e003735b1ca50a9630e02d93f275cf53c395653b5
8a7089c70c9247fed6f869ad728570503829745d859a22c862c37f42d1f165b9
9cca4f6d661c055b7ab1d9c641e8486f3842bbe56577996535337a3d9312c4d4
c7e4dd5aed848878fa1b5856d5e6e674815034f0836f636f73093b14bae01388
c9a1e2bb214a17df79173359c4b4d7f2a078c02b0e0b44d8b245b8c0fe040af1
e279b8715485e679ed6de12e2515610c6a00179960db6d67c0375905e4756b78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855