URL: http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
Submission: On June 05 via automatic, source openphish

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 11 HTTP transactions. The main IP is 2606:4700:30::6818:7f5a, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is biletcagrimerkezi.com.
This is the only time biletcagrimerkezi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:30:... 13335 (CLOUDFLAR...)
1 198.54.115.111 22612 (NAMECHEAP...)
2 138.201.140.207 24940 (HETZNER-AS)
1 205.185.208.52 20446 (HIGHWINDS3)
1 1 213.209.17.176 8660 (MATRIX-AS)
1 2 213.209.17.182 8660 (MATRIX-AS)
4 2606:4700:30:... 13335 (CLOUDFLAR...)
11 6
Domain Requested by
6 biletcagrimerkezi.com biletcagrimerkezi.com
2 xoom.virgilio.it 1 redirects biletcagrimerkezi.com
2 romeoonweb.altervista.org biletcagrimerkezi.com
1 jnansbil.xoom.it 1 redirects
1 code.jquery.com biletcagrimerkezi.com
1 holacoin.us biletcagrimerkezi.com
11 6

This site contains no links.

Subject Issuer Validity Valid
*.virgilio.it
GlobalSign Organization Validation CA - SHA256 - G2
2018-05-30 -
2019-08-18
a year crt.sh

This page contains 1 frames:

Primary Page: http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
Frame ID: A9D34EF0D9EF5A60CD8739EC527F1B00
Requests: 11 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

11
Requests

9 %
HTTPS

29 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

116 kB
Transfer

320 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://jnansbil.xoom.it/js/jquery.js HTTP 302
  • http://xoom.virgilio.it/jump.html HTTP 302
  • https://xoom.virgilio.it/jump.html

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set phone.php
biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/
5 KB
2 KB
Document
General
Full URL
http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:7f5a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
389c7c72f37a332e0d75b265ec1f6641d5162a64938061fb4ac49a6b76135dab

Request headers

Host
biletcagrimerkezi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 11:03:29 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dc9dd415f920026976d0009a83759c9371559732609; expires=Thu, 04-Jun-20 11:03:29 GMT; path=/; domain=.biletcagrimerkezi.com; HttpOnly
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4e21a90b2f18c2ea-FRA
Content-Encoding
gzip
ds.css
holacoin.us/dev/test/css/
0
0
Stylesheet
General
Full URL
http://holacoin.us/dev/test/css/ds.css
Requested by
Host: biletcagrimerkezi.com
URL: http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
Protocol
HTTP/1.1
Server
198.54.115.111 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
server227-2.web-hosting.com
Software
/
Resource Hash

Request headers

Referer
http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

jquery-1-4-4-min.js
romeoonweb.altervista.org/dbox/3/
0
0
Script
General
Full URL
http://romeoonweb.altervista.org/dbox/3/jquery-1-4-4-min.js
Requested by
Host: biletcagrimerkezi.com
URL: http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
Protocol
HTTP/1.1
Server
138.201.140.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ns386.altervista.org
Software
/
Resource Hash

Request headers

Referer
http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

jquery-latest.js
code.jquery.com/
276 KB
82 KB
Script
General
Full URL
http://code.jquery.com/jquery-latest.js
Requested by
Host: biletcagrimerkezi.com
URL: http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
Protocol
HTTP/1.1
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

Referer
http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 11:03:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
"54499a48-4508e"
Vary
Accept-Encoding
X-HW
1559732610.dop013.lo4.t,1559732610.cds002.lo4.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
83875
jump.html
xoom.virgilio.it/
Redirect Chain
  • http://jnansbil.xoom.it/js/jquery.js
  • http://xoom.virgilio.it/jump.html
  • https://xoom.virgilio.it/jump.html
0
0
Script
General
Full URL
https://xoom.virgilio.it/jump.html
Requested by
Host: biletcagrimerkezi.com
URL: http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.209.17.182 Assago, Italy, ASN8660 (MATRIX-AS, IT),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Location
https://xoom.virgilio.it/jump.html
Server
BigIP
Connection
Keep-Alive
Content-Length
0
tab.css
biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/css/
2 KB
965 B
Stylesheet
General
Full URL
http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/css/tab.css
Requested by
Host: biletcagrimerkezi.com
URL: http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:7e5a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d582920d9c90fef2118de87eda620a20348162a946748bdc76a44a9abf207c38

Request headers

Referer
http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 11:03:29 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 05 Jun 2019 01:50:27 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e21a90c681c64c7-FRA
Content-Length
573
Expires
Fri, 05 Jul 2019 11:03:29 GMT
info_01.gif
biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/images/
18 KB
18 KB
Image
General
Full URL
http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/images/info_01.gif
Requested by
Host: biletcagrimerkezi.com
URL: http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:7e5a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee2d8c4384f67dc6980e55b4e6a22a880836435cce9ab320f9b454d1534fa8d

Request headers

Referer
http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 11:03:29 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 05 Jun 2019 01:50:27 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e21a90c6aa59748-FRA
Content-Length
18179
Expires
Fri, 05 Jul 2019 11:03:29 GMT
info_02.gif
biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/images/
5 KB
6 KB
Image
General
Full URL
http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/images/info_02.gif
Requested by
Host: biletcagrimerkezi.com
URL: http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:7f5a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fca5ec98a36acb46a3568a32cac03546bdf3e6342a30a6fcaba0c7d5fef93b50

Request headers

Referer
http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 11:03:29 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 05 Jun 2019 01:50:27 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e21a90c6bbdd6dd-FRA
Content-Length
5559
Expires
Fri, 05 Jul 2019 11:03:29 GMT
jquery-1-4-4-min.js
romeoonweb.altervista.org/dbox/3/
0
0
Script
General
Full URL
http://romeoonweb.altervista.org/dbox/3/jquery-1-4-4-min.js
Requested by
Host: biletcagrimerkezi.com
URL: http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
Protocol
HTTP/1.1
Server
138.201.140.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ns386.altervista.org
Software
/
Resource Hash

Request headers

Referer
http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

bg1.jpg
biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/images/
14 KB
6 KB
Image
General
Full URL
http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/images/bg1.jpg
Requested by
Host: biletcagrimerkezi.com
URL: http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:7e5a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4729fae0d705b375370bfacb82c70dd5a961af711ab7931c309ec42e1eb12c7

Request headers

Referer
http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 11:03:30 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 05 Jun 2019 01:50:27 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e21a90f4ab664c7-FRA
Content-Length
5412
Expires
Fri, 05 Jul 2019 11:03:30 GMT
bkg-thead34.png
biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/images/
290 B
706 B
Image
General
Full URL
http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/images/bkg-thead34.png
Requested by
Host: biletcagrimerkezi.com
URL: http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
Protocol
HTTP/1.1
Server
2606:4700:30::6818:7e5a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
da48fdb6ed67fd49d33084799b59315f2399c9d7030de058b349c721105dae9f

Request headers

Referer
http://biletcagrimerkezi.com/service/labanquepostale.fr/messervices-mobile-passecurite/31f06/phone.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 11:03:30 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 05 Jun 2019 01:50:27 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e21a90f5acb64c7-FRA
Content-Length
313
Expires
Fri, 05 Jul 2019 11:03:30 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| numbersonly function| startTimer function| checkSecond

1 Cookies

Domain/Path Name / Value
.biletcagrimerkezi.com/ Name: __cfduid
Value: dc9dd415f920026976d0009a83759c9371559732609