ebacfb.meetdats.com Open in urlscan Pro
158.69.126.131 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://countrygirl2.online/
Effective URL:
https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9
Submission: On September 26 via manual (September 26th 2022, 7:50:41 pm UTC) from US — Scanned from US

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 12 HTTP transactions. The main IP is 158.69.126.131, located in Montreal, Canada and belongs to OVH, FR. The main domain is ebacfb.meetdats.com.
TLS certificate: Issued by R3 on September 24th 2022. Valid for: 3 months.

This is the only time ebacfb.meetdats.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 2 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.152.147 3.33.152.147	16509 (AMAZON-02) (AMAZON-02)
9	158.69.126.131 158.69.126.131	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
12	4

1 3.33.152.147 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

countrygirl2.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 158.69.126.131 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns522380.ip-158-69-126.net

ebacfb.meetdats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200a (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	meetdats.com ebacfb.meetdats.com	376 KB
1	gstatic.com fonts.gstatic.com	13 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 209	54 KB
1	countrygirl2.online 1 redirects countrygirl2.online	312 B
12	5

	Domain	Requested by
9	ebacfb.meetdats.com	ebacfb.meetdats.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	ebacfb.meetdats.com
1	cdnjs.cloudflare.com	ebacfb.meetdats.com
1	countrygirl2.online	1 redirects
12	5

This site contains no links.

Subject Issuer	Validity	Valid
meetdats.com R3	`2022-09-24` - `2022-12-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9
Frame ID: 0E52B18575C7B766A42BAF88322F18F6
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The most popular dating site of this month

Page URL History Show full URLs

http://countrygirl2.online/ HTTP 301
https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9 Page URL

Detected technologies

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

444 kB
Transfer

727 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://countrygirl2.online/ HTTP 301
https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 5ee74e7bd6cab Show response
ebacfb.meetdats.com/s/
Redirect Chain

http://countrygirl2.online/
https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9

14 KB
3 KB

1194ms
913ms

Document
text/html

158.69.126.131
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522380.ip-158-69-126.net
Software: openresty/1.19.3.1 /
Resource Hash: 2b7d615e108f3374ff08730a059cef8ffbe0bf8cb2344d07a2da1cfdf5963a51

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 26 Sep 2022 19:50:35 GMT
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 88
Content-Type: text/html; charset=utf-8
Date: Mon, 26 Sep 2022 19:50:34 GMT
Location: https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9
Server: ip-10-123-123-205.ec2.internal
X-Request-Id: 01e96d1b-702b-4c0f-9ddd-adb7a4b5cac3

GET
H/1.1 200
OK style.css
ebacfb.meetdats.com/bundle/376/assets/css/ 12 KB
12 KB 105ms
105ms Stylesheet
text/css 158.69.126.131
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ebacfb.meetdats.com/bundle/376/assets/css/style.css
Requested by: Host: ebacfb.meetdats.com
URL: https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522380.ip-158-69-126.net
Software: openresty/1.19.3.1 /
Resource Hash: 06e35df45c2f72eb938183edcfedce2c5db9263c304ee83cd66fb41505782e0a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 19:50:35 GMT
Last-Modified: Sat, 21 Nov 2020 15:48:50 GMT
Server: openresty/1.19.3.1
ETag: "5fb936e2-2fa9"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12201

GET
H2 200 moment-with-locales.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 329 KB
54 KB 122ms
53ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment-with-locales.min.js

Requested by

Host: ebacfb.meetdats.com
URL: https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d40df7c31566ce3812adb24f0b682ae7e19d4fae67bbf69179c3e6fab3655a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ebacfb.meetdats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 19:50:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2161826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54791
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-52243"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JE0qwyLRRfFyExYUz%2FzRPeuhFKqAxakX4ZsSTBNgd7hkg%2FUkw3q9Xx1WeUQ7oA8SsP3tYwpIESg80DkoujZV0vYuGx2sT9pvlzHx5QTeMwoknpvlpG2ALWRByTAzTe4hH22c2bul2TDx5lsAr0ekeBsA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 750e8789da97226f-MIA
expires: Sat, 16 Sep 2023 19:50:35 GMT

GET
H/1.1 200
OK jquery.js Show response
ebacfb.meetdats.com/bundle/376/assets/js/ 85 KB
85 KB 177ms
71ms Script
application/javascript 158.69.126.131
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ebacfb.meetdats.com/bundle/376/assets/js/jquery.js
Requested by: Host: ebacfb.meetdats.com
URL: https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522380.ip-158-69-126.net
Software: openresty/1.19.3.1 /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 19:50:35 GMT
Last-Modified: Sat, 21 Nov 2020 15:48:50 GMT
Server: openresty/1.19.3.1
ETag: "5fb936e2-1538f"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 86927

GET
H/1.1 200
OK functions.js Show response
ebacfb.meetdats.com/bundle/376/assets/js/ 54 KB
54 KB 288ms
145ms Script
application/javascript 158.69.126.131
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ebacfb.meetdats.com/bundle/376/assets/js/functions.js
Requested by: Host: ebacfb.meetdats.com
URL: https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522380.ip-158-69-126.net
Software: openresty/1.19.3.1 /
Resource Hash: dd39a8c223a9e61ad7c0ee02095b1bb4695f3c7aaf32f3052b1882dd803b27e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 19:50:35 GMT
Last-Modified: Sat, 21 Nov 2020 15:48:50 GMT
Server: openresty/1.19.3.1
ETag: "5fb936e2-d68a"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54922

GET
H/1.1 200
OK click.js Show response
ebacfb.meetdats.com/js/ 5 KB
6 KB 294ms
294ms Script
application/javascript 158.69.126.131
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ebacfb.meetdats.com/js/click.js?7
Requested by: Host: ebacfb.meetdats.com
URL: https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522380.ip-158-69-126.net
Software: openresty/1.19.3.1 /
Resource Hash: 86c02a3e955f61e7f214876fd1a8bbb411969a2c4dd9c7d4edd45ed82e167f66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 19:50:36 GMT
Last-Modified: Thu, 22 Sep 2022 10:27:06 GMT
Server: openresty/1.19.3.1
ETag: "632c387a-1525"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5413

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 213ms
81ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat&subset=latin-ext

Requested by

Host: ebacfb.meetdats.com
URL: https://ebacfb.meetdats.com/bundle/376/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ebacfb.meetdats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 19:24:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 26 Sep 2022 19:50:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Sep 2022 19:50:36 GMT

GET
H/1.1 200
OK 1.jpg
ebacfb.meetdats.com/bundle/376/assets/img/ 93 KB
93 KB 173ms
173ms Image
image/jpeg 158.69.126.131
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ebacfb.meetdats.com/bundle/376/assets/img/1.jpg
Requested by: Host: ebacfb.meetdats.com
URL: https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522380.ip-158-69-126.net
Software: openresty/1.19.3.1 /
Resource Hash: bb5db4120848891a7c00b6f3df5defe5c9fcd115d4325c71f220d97b562a560e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 19:50:36 GMT
Last-Modified: Sat, 21 Nov 2020 15:48:50 GMT
Server: openresty/1.19.3.1
ETag: "5fb936e2-173e2"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95202

GET
H/1.1 200
OK 2.jpg
ebacfb.meetdats.com/bundle/376/assets/img/ 30 KB
30 KB 136ms
102ms Image
image/jpeg 158.69.126.131
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ebacfb.meetdats.com/bundle/376/assets/img/2.jpg
Requested by: Host: ebacfb.meetdats.com
URL: https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522380.ip-158-69-126.net
Software: openresty/1.19.3.1 /
Resource Hash: c1afdc837c7cc85a42ce41e56a87f8de6536300d298621635c5f9ed2e944cfe4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 19:50:36 GMT
Last-Modified: Sat, 21 Nov 2020 15:48:50 GMT
Server: openresty/1.19.3.1
ETag: "5fb936e2-76ae"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30382

GET
H/1.1 200
OK 3.jpg
ebacfb.meetdats.com/bundle/376/assets/img/ 63 KB
63 KB 209ms
72ms Image
image/jpeg 158.69.126.131
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ebacfb.meetdats.com/bundle/376/assets/img/3.jpg
Requested by: Host: ebacfb.meetdats.com
URL: https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522380.ip-158-69-126.net
Software: openresty/1.19.3.1 /
Resource Hash: 883e3ac1c3111c628130a7b5217f0027e35ea7a7155cbba134b0371a457fca48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ebacfb.meetdats.com/s/5ee74e7bd6cab?track=NW9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 19:50:36 GMT
Last-Modified: Sat, 21 Nov 2020 15:48:50 GMT
Server: openresty/1.19.3.1
ETag: "5fb936e2-fa77"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64119

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 12 KB
13 KB 208ms
70ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ebacfb.meetdats.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 05:25:56 GMT
x-content-type-options: nosniff
age: 397480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12708
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 05:25:56 GMT

GET
H/1.1 200
OK fp2.min.js Show response
ebacfb.meetdats.com/js/ 30 KB
30 KB 378ms
378ms Script
application/javascript 158.69.126.131
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ebacfb.meetdats.com/js/fp2.min.js
Requested by: Host: ebacfb.meetdats.com
URL: https://ebacfb.meetdats.com/js/click.js?7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 158.69.126.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns522380.ip-158-69-126.net
Software: openresty/1.19.3.1 /
Resource Hash: 6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ebacfb.meetdats.com/s/5ee74e7bd6cab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 19:50:36 GMT
Last-Modified: Thu, 01 Sep 2022 07:53:33 GMT
Server: openresty/1.19.3.1
ETag: "631064fd-77dd"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30685

Verdicts & Comments Add Verdict or Comment

Malicious page.url
Submitted on September 26th 2022, 7:52:39 pm UTC — From United States

Threats: Phishing Scam Misc
Comment: Russian porn scam spammed by bots on YouTube

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.meetdats.com/	1970-01-20 15:53:01	Name: SID Value: 9a3063a5ca309a3667323fed8e17456d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
countrygirl2.online
ebacfb.meetdats.com
fonts.googleapis.com
fonts.gstatic.com
158.69.126.131
2606:4700::6811:190e
2607:f8b0:4006:816::200a
2607:f8b0:4006:81e::2003
3.33.152.147
01d40df7c31566ce3812adb24f0b682ae7e19d4fae67bbf69179c3e6fab3655a
06e35df45c2f72eb938183edcfedce2c5db9263c304ee83cd66fb41505782e0a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2b7d615e108f3374ff08730a059cef8ffbe0bf8cb2344d07a2da1cfdf5963a51
6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e
86c02a3e955f61e7f214876fd1a8bbb411969a2c4dd9c7d4edd45ed82e167f66
883e3ac1c3111c628130a7b5217f0027e35ea7a7155cbba134b0371a457fca48
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
bb5db4120848891a7c00b6f3df5defe5c9fcd115d4325c71f220d97b562a560e
c1afdc837c7cc85a42ce41e56a87f8de6536300d298621635c5f9ed2e944cfe4
dd39a8c223a9e61ad7c0ee02095b1bb4695f3c7aaf32f3052b1882dd803b27e9
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

ebacfb.meetdats.com Open in urlscan Pro 158.69.126.131 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 2 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

4 IPs

2 Countries

444 kBTransfer

727 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Malicious page.url Submitted on September 26th 2022, 7:52:39 pm UTC — From United States

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

26 JavaScript Global Variables

1 Cookies

Indicators

ebacfb.meetdats.com Open in urlscan Pro
158.69.126.131 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

444 kB
Transfer

727 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions

Malicious page.url
Submitted on September 26th 2022, 7:52:39 pm UTC — From United States

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!