mee6-verification.xyz

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 6 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is mee6-verification.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 13th 2023. Valid for: a year.

This is the only time mee6-verification.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	162.159.128.232 162.159.128.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4832	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	5

1 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

mee6-verification.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.128.232 (None, )

ASN13335 (CLOUDFLARENET, US)

media.discordapp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4832 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	discordapp.net media.discordapp.net — Cisco Umbrella Rank: 5781	2 MB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 440 p.typekit.net — Cisco Umbrella Rank: 577	1 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2334	25 KB
1	mee6-verification.xyz mee6-verification.xyz	1 KB
6	4

	Domain	Requested by
2	media.discordapp.net	mee6-verification.xyz
1	p.typekit.net	use.typekit.net
1	use.typekit.net	mee6-verification.xyz
1	stackpath.bootstrapcdn.com	mee6-verification.xyz
1	mee6-verification.xyz
6	5

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-13` - `2024-02-12`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
discordapp.net Cloudflare Inc ECC CA-3	`2022-10-03` - `2023-10-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mee6-verification.xyz/
Frame ID: 41FF308C47EB84AE0937CAFC70022D23
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Discord Confirmation

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

6
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

4
Countries

2404 kB
Transfer

2538 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mee6-verification.xyz/ 2 KB
1 KB 257ms
64ms Document
text/html 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mee6-verification.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8c0386b9e97ef5f685a69ebda001e2cc21fd9ca77ed1025bed07bd31ef71ed41

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 79ca76307c033651-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 20 Feb 2023 21:51:06 GMT
last-modified: Thu, 29 Dec 2022 01:40:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aENrtUtsHb%2FrT4cK%2B%2B6XG9tLpdKuLCsQlmlRB3cKZhyhx1nSFuE1iKu3FnTMNzAoFdTfdLmldHTI%2F2gsR1kwJdTbIIjN0l%2B2pHoPM%2BRr43oMoFI0YsmRDHDvRNTD2189Bk5zTkoimDr2UK4463GScdiogI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/ 157 KB
25 KB 547ms
477ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

Requested by

Host: mee6-verification.xyz
URL: https://mee6-verification.xyz/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mee6-verification.xyz/
Origin: https://mee6-verification.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 21:51:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cdn-edgestorageid: 845
cdn-cachedat: 11/24/2022 02:27:52
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"3afe15e976734d9daac26310110c4594"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f52ad519bb9bfdf82b38f0aa1149d309
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 79ca763159962c7e-FRA
cdn-requestpullsuccess: True

GET
H2 200 joc7wli.css
use.typekit.net/ 6 KB
1 KB 92ms
21ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/joc7wli.css

Requested by

Host: mee6-verification.xyz
URL: https://mee6-verification.xyz/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

82d5c8126fceb14a7c701ee0410044b256bfcdc7aaf147d6c3186bca42709061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mee6-verification.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 20 Feb 2023 21:51:06 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 895

GET
H2 200 755244169898885160.gif
media.discordapp.net/attachments/851389970840944640/851390759998586910/ 1 MB
1 MB 94ms
47ms Image
image/gif 162.159.128.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.discordapp.net/attachments/851389970840944640/851390759998586910/755244169898885160.gif
Requested by: Host: mee6-verification.xyz
URL: https://mee6-verification.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.128.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f81e626efeacfaacbf060eb78a0bbe6daa0d1de15cb9ab4a31578b60d715ef4e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mee6-verification.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 21:51:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 361134
content-length: 1257502
last-modified: Mon, 07 Jun 2021 09:22:55 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FD3fPpH3ocbSskU9tP9S9KAEFPXPQ3Zf6I%2BbehUSVUxOZDJ%2FNc%2BzmNqFK8Bs2I6Xn3AOhzHpnaQUmf7NXub8FTJtlV%2FGkIQznjby2q9QVe9aEHbB6gGNxUgBOAOf7Z54jHiIL9Hm"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79ca76315e0e30db-FRA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 20 Feb 2024 21:51:06 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 162ms
31ms Stylesheet
text/css 2a02:26f0:11a::6867:4832
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=joc7wli&ht=tk&f=139.140.173.174.175.176.25136.25137&a=9862910&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/joc7wli.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 21:51:06 GMT
last-modified: Sun, 01 May 2022 15:58:42 GMT
server: nginx
etag: "626eae32-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 755243061088616458.gif
media.discordapp.net/attachments/851389970840944640/851390664788934656/ 1 MB
1 MB 35ms
35ms Image
image/gif 162.159.128.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.discordapp.net/attachments/851389970840944640/851390664788934656/755243061088616458.gif
Requested by: Host: mee6-verification.xyz
URL: https://mee6-verification.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.128.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 114e67405826448c9a4cbde3d543c2382e40dcab06dfa046889a8decfb7cdc57

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mee6-verification.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 21:51:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 704306
content-length: 1172828
last-modified: Mon, 07 Jun 2021 09:22:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNQl7Tl9oQhz%2BdYwg1VPQYmerkg4NRiUBdsHOHOYY6CAjxQGnebIdQPTcpG6IsTqVtEnpkhlhliG0quW7DS0XvW5VksCMq3zlM2Zt%2FActrck3oIYTtBzGfFZvbC8uNPGkqYhRp7V"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79ca763479e430db-FRA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 20 Feb 2024 21:51:06 GMT

Verdicts & Comments Add Verdict or Comment

Malicious task.url
Submitted on February 20th 2023, 9:51:15 pm UTC — From United States

Threats: Phishing Scam
Comment: This domain is present in the Sinking Yachts anti-phishing list. More Info: https://sinking.yachts

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.discordapp.net/	1969-12-31 23:59:59	Name: __cfruid Value: 89741a67868731589bf0258c3cd726798e1781ea-1676929866

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

media.discordapp.net
mee6-verification.xyz
p.typekit.net
stackpath.bootstrapcdn.com
use.typekit.net
162.159.128.232
2606:4700::6812:bcf
2a02:26f0:11a::6867:4832
2a02:26f0:3500:16::215:148f
2a06:98c1:3121::c
114e67405826448c9a4cbde3d543c2382e40dcab06dfa046889a8decfb7cdc57
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
82d5c8126fceb14a7c701ee0410044b256bfcdc7aaf147d6c3186bca42709061
8c0386b9e97ef5f685a69ebda001e2cc21fd9ca77ed1025bed07bd31ef71ed41
f81e626efeacfaacbf060eb78a0bbe6daa0d1de15cb9ab4a31578b60d715ef4e

mee6-verification.xyz Open in urlscan Pro 2a06:98c1:3121::c Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

80 %IPv6

4 Domains

5 Subdomains

5 IPs

4 Countries

2404 kBTransfer

2538 kBSize

1 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Malicious task.url Submitted on February 20th 2023, 9:51:15 pm UTC — From United States

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

2 JavaScript Global Variables

1 Cookies

Indicators

mee6-verification.xyz Open in urlscan Pro
2a06:98c1:3121::c Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

4
Countries

2404 kB
Transfer

2538 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions

Malicious task.url
Submitted on February 20th 2023, 9:51:15 pm UTC — From United States

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!