befjajh.hornydats.com Open in urlscan Pro
178.162.199.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3H2mcFt
Effective URL:
https://befjajh.hornydats.com/s/62cf1c2230951?track=locandhorn
Submission: On January 24 via manual (January 24th 2023, 10:16:40 pm UTC) from PL — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 11 HTTP transactions. The main IP is 178.162.199.80, located in and belongs to . The main domain is befjajh.hornydats.com.
TLS certificate: Issued by R3 on December 13th 2022. Valid for: 3 months.

This is the only time befjajh.hornydats.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	109.234.161.232 109.234.161.232	50474 (O2SWITCH) (O2SWITCH)
2	46.161.40.116 46.161.40.116	209272 (AS-ALVIVA) (AS-ALVIVA)
7	178.162.199.80 178.162.199.80	() ()
11	4

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.234.161.232 (France)

ASN50474 (O2SWITCH, FR)
PTR: 109-234-161-232.reverse.odns.fr

residencedesmedecins.grwv1900.odns.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.161.40.116 (Tighina, Moldova)

ASN209272 (AS-ALVIVA, SC)
PTR: hosting-by.ankas-group.net

localandhorny.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.162.199.80 (None, )

ASN- ()

befjajh.hornydats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	hornydats.com befjajh.hornydats.com	148 KB
2	localandhorny.com localandhorny.com	1 KB
1	odns.fr residencedesmedecins.grwv1900.odns.fr	340 B
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 5116	288 B
11	4

	Domain	Requested by
7	befjajh.hornydats.com	localandhorny.com befjajh.hornydats.com
2	localandhorny.com	localandhorny.com
1	residencedesmedecins.grwv1900.odns.fr
1	bit.ly	1 redirects
11	4

This site contains no links.

Subject Issuer	Validity	Valid
hornydats.com R3	`2022-12-13` - `2023-03-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://befjajh.hornydats.com/s/62cf1c2230951?track=locandhorn
Frame ID: 63937A8F1E48F4474404342396BC18DA
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/3H2mcFt HTTP 301
http://residencedesmedecins.grwv1900.odns.fr/wp-includes/block-supports/regatta/betis_skuse.html?it=c486culu Page URL
http://localandhorny.com/horny1/index.html Page URL
https://befjajh.hornydats.com/s/62cf1c2230951?track=locandhorn Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

64 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

149 kB
Transfer

184 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3H2mcFt HTTP 301
http://residencedesmedecins.grwv1900.odns.fr/wp-includes/block-supports/regatta/betis_skuse.html?it=c486culu Page URL
http://localandhorny.com/horny1/index.html Page URL
https://befjajh.hornydats.com/s/62cf1c2230951?track=locandhorn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bit.ly/3H2mcFt HTTP 301
http://residencedesmedecins.grwv1900.odns.fr/wp-includes/block-supports/regatta/betis_skuse.html?it=c486culu

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	betis_skuse.html Show response residencedesmedecins.grwv1900.odns.fr/wp-includes/block-supports/regatta/ Redirect Chain https://bit.ly/3H2mcFt http://residencedesmedecins.grwv1900.odns.fr/wp-includes/block-supports/regatta/betis_skuse.html?it=c486culu	114 B 340 B	132ms 32ms	Document text/html	109.234.161.232 O2SWITCH
General Check archive.org Show headers Download Go to Full URL http://residencedesmedecins.grwv1900.odns.fr/wp-includes/block-supports/regatta/betis_skuse.html?it=c486culu Protocol HTTP/1.1 Server 109.234.161.232 , France, ASN50474 (O2SWITCH, FR), Reverse DNS 109-234-161-232.reverse.odns.fr Software o2switch-PowerBoost-v3 / Resource Hash `e235d10a7f88d01cb7189e5307aa54db098811dfaa5392b4b219ac1691fb7eb0` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Length 114 Content-Type text/html Date Tue, 24 Jan 2023 22:16:35 GMT Last-Modified Mon, 15 Aug 2022 10:44:29 GMT Server o2switch-PowerBoost-v3 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=90 content-length 195 content-type text/html; charset=utf-8 date Tue, 24 Jan 2023 22:16:35 GMT location http://residencedesmedecins.grwv1900.odns.fr/wp-includes/block-supports/regatta/betis_skuse.html?it=c486culu server nginx via 1.1 google
GET H/1.1	200 OK	index.html Show response localandhorny.com/horny1/	124 B 473 B	226ms 73ms	Document text/html	46.161.40.116 AS-ALVIVA
General Check archive.org Show headers Download Go to Full URL http://localandhorny.com/horny1/index.html Protocol HTTP/1.1 Server 46.161.40.116 Tighina, Moldova, ASN209272 (AS-ALVIVA, SC), Reverse DNS hosting-by.ankas-group.net Software Apache/2 / Resource Hash `b8dda5bb93956f0e7ed6648828517825c31cf1efc1d237631ea07670caefa13c` Request headers Referer http://residencedesmedecins.grwv1900.odns.fr/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Upgrade, Keep-Alive Content-Encoding gzip Content-Length 114 Content-Type text/html Date Tue, 24 Jan 2023 22:16:36 GMT ETag "7c-5c33f97483100-gzip" Keep-Alive timeout=2, max=100 Last-Modified Wed, 26 May 2021 18:12:52 GMT Server Apache/2 Upgrade h2,h2c Vary Accept-Encoding,User-Agent
GET H/1.1	200 OK	obfuscated_redirect.js Show response localandhorny.com/horny1/	1 KB 990 B	73ms 73ms	Script application/javascript	46.161.40.116 AS-ALVIVA
General Check archive.org Show headers Download Go to Full URL http://localandhorny.com/horny1/obfuscated_redirect.js Requested by Host: localandhorny.com URL: http://localandhorny.com/horny1/index.html Protocol HTTP/1.1 Server 46.161.40.116 Tighina, Moldova, ASN209272 (AS-ALVIVA, SC), Reverse DNS hosting-by.ankas-group.net Software Apache/2 / Resource Hash `6ce38803e4ba2f371634ff438803376ae989e6165a465bb0ebf680c00d3e0b85` Request headers accept-language de-DE,de;q=0.9 Referer http://localandhorny.com/horny1/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Tue, 24 Jan 2023 22:16:36 GMT Content-Encoding gzip Last-Modified Thu, 01 Sep 2022 09:49:00 GMT Server Apache/2 ETag "4e2-5e79a85d71b00-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=99 Content-Length 644
GET H/1.1	200 OK	Primary Request 62cf1c2230951 Show response befjajh.hornydats.com/s/	9 KB 5 KB	930ms 695ms	Document text/html	178.162.199.80
General Check archive.org Show headers Download Go to Full URL https://befjajh.hornydats.com/s/62cf1c2230951?track=locandhorn Requested by Host: localandhorny.com URL: http://localandhorny.com/horny1/obfuscated_redirect.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.199.80 -, , ASN (), Reverse DNS Software openresty/1.19.3.1 / Resource Hash `351d005ca454b20691afbda8199e0afe29cd1b9421378baa60cce1f0e06f63b7` Request headers Referer http://localandhorny.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 24 Jan 2023 22:16:40 GMT Server openresty/1.19.3.1 Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	style.css befjajh.hornydats.com/bundle/402/assets/css/	2 KB 3 KB	21ms 21ms	Stylesheet text/css	178.162.199.80
General Check archive.org Show headers Download Go to Full URL https://befjajh.hornydats.com/bundle/402/assets/css/style.css Requested by Host: befjajh.hornydats.com URL: https://befjajh.hornydats.com/s/62cf1c2230951?track=locandhorn Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.199.80 -, , ASN (), Reverse DNS Software openresty/1.19.3.1 / Resource Hash `4aed2aefaf7473abc212a5bf807c359fb66da1278e56d2ba3650190b38faaea8` Request headers accept-language de-DE,de;q=0.9 Referer https://befjajh.hornydats.com/s/62cf1c2230951?track=locandhorn User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Tue, 24 Jan 2023 22:16:40 GMT Last-Modified Tue, 27 Sep 2022 17:14:50 GMT Server openresty/1.19.3.1 ETag "63332f8a-91a" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 2330
GET H/1.1	200 OK	logo.png befjajh.hornydats.com/bundle/402/assets/img/	50 KB 50 KB	87ms 39ms	Image image/png	178.162.199.80
General Check archive.org Show headers Download Go to Show image Full URL https://befjajh.hornydats.com/bundle/402/assets/img/logo.png Requested by Host: befjajh.hornydats.com URL: https://befjajh.hornydats.com/s/62cf1c2230951?track=locandhorn Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.199.80 -, , ASN (), Reverse DNS Software openresty/1.19.3.1 / Resource Hash `56f58ed5d94c7800c22b720212b2421eb1efd13af49dd552a76abf3a5c817dbf` Request headers accept-language de-DE,de;q=0.9 Referer https://befjajh.hornydats.com/s/62cf1c2230951?track=locandhorn User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Tue, 24 Jan 2023 22:16:40 GMT Last-Modified Tue, 27 Sep 2022 17:14:51 GMT Server openresty/1.19.3.1 ETag "63332f8b-c80a" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 51210
GET H/1.1	200 OK	202.gif befjajh.hornydats.com/bundle/402/assets/img/	32 KB 0	88ms 48ms	Image image/gif	178.162.199.80
General Check archive.org Show headers Download Go to Show image Full URL https://befjajh.hornydats.com/bundle/402/assets/img/202.gif Requested by Host: befjajh.hornydats.com URL: https://befjajh.hornydats.com/s/62cf1c2230951?track=locandhorn Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.199.80 -, , ASN (), Reverse DNS Software openresty/1.19.3.1 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://befjajh.hornydats.com/s/62cf1c2230951?track=locandhorn User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Tue, 24 Jan 2023 22:16:40 GMT Last-Modified Tue, 27 Sep 2022 17:14:50 GMT Server openresty/1.19.3.1 ETag "63332f8a-181b2" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 98738
GET H/1.1	200 OK	jquery.js Show response befjajh.hornydats.com/bundle/402/assets/js/	82 KB 83 KB	55ms 41ms	Script application/javascript	178.162.199.80
General Check archive.org Show headers Download Go to Full URL https://befjajh.hornydats.com/bundle/402/assets/js/jquery.js Requested by Host: befjajh.hornydats.com URL: https://befjajh.hornydats.com/s/62cf1c2230951?track=locandhorn Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.199.80 -, , ASN (), Reverse DNS Software openresty/1.19.3.1 / Resource Hash `8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3` Request headers accept-language de-DE,de;q=0.9 Referer https://befjajh.hornydats.com/s/62cf1c2230951?track=locandhorn User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Tue, 24 Jan 2023 22:16:40 GMT Last-Modified Tue, 27 Sep 2022 17:14:51 GMT Server openresty/1.19.3.1 ETag "63332f8b-14960" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 84320
GET H/1.1	200 OK	functions.js Show response befjajh.hornydats.com/bundle/402/assets/js/	2 KB 2 KB	51ms 20ms	Script application/javascript	178.162.199.80
General Check archive.org Show headers Download Go to Full URL https://befjajh.hornydats.com/bundle/402/assets/js/functions.js Requested by Host: befjajh.hornydats.com URL: https://befjajh.hornydats.com/s/62cf1c2230951?track=locandhorn Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.199.80 -, , ASN (), Reverse DNS Software openresty/1.19.3.1 / Resource Hash `2fb22973fe2c61fe996ee14f1dc69545580ee7146e4c13231c8f9e47729c00c5` Request headers accept-language de-DE,de;q=0.9 Referer https://befjajh.hornydats.com/s/62cf1c2230951?track=locandhorn User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Tue, 24 Jan 2023 22:16:40 GMT Last-Modified Tue, 27 Sep 2022 17:14:51 GMT Server openresty/1.19.3.1 ETag "63332f8b-60c" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1548
GET H/1.1	200 OK	click.js Show response befjajh.hornydats.com/js/	5 KB 5 KB	62ms 21ms	Script application/javascript	178.162.199.80
General Check archive.org Show headers Download Go to Full URL https://befjajh.hornydats.com/js/click.js?8 Requested by Host: befjajh.hornydats.com URL: https://befjajh.hornydats.com/s/62cf1c2230951?track=locandhorn Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.199.80 -, , ASN (), Reverse DNS Software openresty/1.19.3.1 / Resource Hash `f71ae9723255b00dcc8e3631fe419cbbb56a80b3034f184ca5292127d7b3eea9` Request headers accept-language de-DE,de;q=0.9 Referer https://befjajh.hornydats.com/s/62cf1c2230951?track=locandhorn User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Tue, 24 Jan 2023 22:16:40 GMT Last-Modified Thu, 19 Jan 2023 12:26:11 GMT Server openresty/1.19.3.1 ETag "63c936e3-148c" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 5260
GET		fp2.min.js befjajh.hornydats.com/js/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: befjajh.hornydats.com
URL: https://befjajh.hornydats.com/js/fp2.min.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bit.ly/	1970-01-20 13:29:10	Name: _bit Value: n0omgz-69112fbf5dd5802384-00a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

befjajh.hornydats.com
bit.ly
localandhorny.com
residencedesmedecins.grwv1900.odns.fr
befjajh.hornydats.com
109.234.161.232
178.162.199.80
46.161.40.116
67.199.248.10
2fb22973fe2c61fe996ee14f1dc69545580ee7146e4c13231c8f9e47729c00c5
351d005ca454b20691afbda8199e0afe29cd1b9421378baa60cce1f0e06f63b7
4aed2aefaf7473abc212a5bf807c359fb66da1278e56d2ba3650190b38faaea8
56f58ed5d94c7800c22b720212b2421eb1efd13af49dd552a76abf3a5c817dbf
6ce38803e4ba2f371634ff438803376ae989e6165a465bb0ebf680c00d3e0b85
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
b8dda5bb93956f0e7ed6648828517825c31cf1efc1d237631ea07670caefa13c
e235d10a7f88d01cb7189e5307aa54db098811dfaa5392b4b219ac1691fb7eb0
f71ae9723255b00dcc8e3631fe419cbbb56a80b3034f184ca5292127d7b3eea9

befjajh.hornydats.com Open in urlscan Pro 178.162.199.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

64 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

149 kBTransfer

184 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

Indicators

befjajh.hornydats.com Open in urlscan Pro
178.162.199.80 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

64 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

149 kB
Transfer

184 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions