urlscan.io logo urlscan.io
SecurityTrails logo

hurghada-jewellery.com Open in urlscan Pro
64.20.37.242  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hurghada-jewellery.com/f35.php
Effective URL: https://hurghada-jewellery.com/f35.php
Submission Tags: @ecarlesi threat webshell Search All
Submission: On November 13 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 64.20.37.242, located in United States and belongs to IS-AS-1, US. The main domain is hurghada-jewellery.com.
TLS certificate: Issued by R10 on September 29th 2024. Valid for: 3 months.
This is the only time hurghada-jewellery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 64.20.37.242 19318 (IS-AS-1)
3 190.115.26.9 59692 (IQWEB)
4 3
Apex Domain
Subdomains		 Transfer
3 contents.codes
contents.codes
4 KB
1 hurghada-jewellery.com
hurghada-jewellery.com
40 KB
4 2
Domain Requested by
3 contents.codes hurghada-jewellery.com
1 hurghada-jewellery.com
4 2

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.exploit-db.com
Subject Issuer Validity Valid
hurghada-jewellery.com
R10		 2024-09-29 -
2024-12-28		 3 months crt.sh
mail.contents.codes
R10		 2024-10-31 -
2025-01-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hurghada-jewellery.com/f35.php
Frame ID: A4038128D9C0EAEF322EC281FA661C5E
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

hurghada-jewellery.com - F35 Manager C

Page URL History Show full URLs

  1. http://hurghada-jewellery.com/f35.php HTTP 307
    https://hurghada-jewellery.com/f35.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

44 kB
Transfer

58 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hurghada-jewellery.com/f35.php HTTP 307
    https://hurghada-jewellery.com/f35.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request f35.php
hurghada-jewellery.com/
Redirect Chain
  • http://hurghada-jewellery.com/f35.php
  • https://hurghada-jewellery.com/f35.php
40 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hurghada-jewellery.com/f35.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.20.37.242 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
ns8.it-eg.com
Software
Apache /
Resource Hash
b83d1642acab62b8b82b3ed38a89c8d31e095815bf6f4eb671ddb5c0e10311d9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Nov 2024 21:01:03 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Location
https://hurghada-jewellery.com/f35.php
Non-Authoritative-Reason
HttpsUpgrades
us.svg
contents.codes/images/fg/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contents.codes/images/fg/us.svg
Requested by
Host: hurghada-jewellery.com
URL: https://hurghada-jewellery.com/f35.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
190.115.26.9 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software
Apache /
Resource Hash
33ff8377c7d9b92e04396cfcdb6c414f90ae9702ce2d1efd9560c58c830ec831

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hurghada-jewellery.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive
Expires
0
Accept-Ranges
bytes
Content-Length
1713
Keep-Alive
timeout=5, max=100
Date
Wed, 13 Nov 2024 21:01:06 GMT
Last-Modified
Fri, 24 Mar 2023 16:24:26 GMT
Content-Type
image/svg+xml
Server
Apache
it.svg
contents.codes/images/fg/ 		489 B
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contents.codes/images/fg/it.svg
Requested by
Host: hurghada-jewellery.com
URL: https://hurghada-jewellery.com/f35.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
190.115.26.9 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software
Apache /
Resource Hash
115b005a02058ad84a5bea75a5f6019a9998a7a74b69d795f252929abae1fe22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hurghada-jewellery.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive
Expires
0
Accept-Ranges
bytes
Content-Length
489
Keep-Alive
timeout=5, max=100
Date
Wed, 13 Nov 2024 21:01:06 GMT
Last-Modified
Fri, 24 Mar 2023 16:24:28 GMT
Content-Type
image/svg+xml
Server
Apache
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0f48ac4a477f65a537ca18772ba64bcf671d81290253237afbd05a67948ead9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab95d1428b5d31e317b2e3b94f3c3f335fbdfbd6d13265f65e701710392fc107

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
login.png
contents.codes/images/ 		828 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contents.codes/images/login.png
Requested by
Host: hurghada-jewellery.com
URL: https://hurghada-jewellery.com/f35.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
190.115.26.9 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software
Apache /
Resource Hash
d4cfb8d08c0a62b9a8014f8c40ac94fd2725c7950959944b0785715c45cffd3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hurghada-jewellery.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive
Expires
0
Accept-Ranges
bytes
Content-Length
828
Keep-Alive
timeout=5, max=100
Date
Wed, 13 Nov 2024 21:01:06 GMT
Last-Modified
Thu, 25 Jul 2024 18:39:14 GMT
Content-Type
image/png
Server
Apache

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| c_ string| a_ string| charset_ object| d function| encrypt function| utf8_encode function| base64_encode function| set function| g function| a function| sr function| processReqChange function| sa

8 Cookies

Domain/Path Name / Value
hurghada-jewellery.com/ Name: 57a703f3056e26d5e5640274bc5bc071-fcs
Value: e70c069864ec1ceef7523c2cc9b41fcd
hurghada-jewellery.com/ Name: 6ccba47ab76e572d5d9000be89991293
Value: 63a9f0ea7bb98050796b649e85481845
hurghada-jewellery.com/ Name: servCO
Value: US
hurghada-jewellery.com/ Name: vistCO
Value: IT
hurghada-jewellery.com/ Name: domains
Value: 58
hurghada-jewellery.com/ Name: wget
Value: 1
hurghada-jewellery.com/ Name: perl
Value: 1
hurghada-jewellery.com/ Name: mailsend
Value: 1