sk.eznamksaticket.ocry.com Open in urlscan Pro
162.62.119.142 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3LpU94b?hTP=9FGjrr8dDY
Effective URL:
https://sk.eznamksaticket.ocry.com/message
Submission Tags: @phish_report
Submission: On July 16 via api (July 16th 2024, 9:25:20 am UTC) from FI — Scanned from FI

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 162.62.119.142, located in Frankfurt am Main, Germany and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is sk.eznamksaticket.ocry.com.
TLS certificate: Issued by R10 on July 5th 2024. Valid for: 3 months.

This is the only time sk.eznamksaticket.ocry.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	162.62.227.189 162.62.227.189	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
8	162.62.119.142 162.62.119.142	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
9	2

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.62.227.189 (Frankfurt am Main, Germany) 1 redirects

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

osquick.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 162.62.119.142 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

sk.eznamksaticket.ocry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	ocry.com sk.eznamksaticket.ocry.com	151 KB
1	osquick.xyz 1 redirects osquick.xyz	124 B
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 6373	405 B
9	3

	Domain	Requested by
8	sk.eznamksaticket.ocry.com	sk.eznamksaticket.ocry.com
1	osquick.xyz	1 redirects
1	bit.ly	1 redirects
9	3

This site contains no links.

Subject Issuer	Validity	Valid
sk.eznamksaticket.ocry.com R10	`2024-07-05` - `2024-10-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sk.eznamksaticket.ocry.com/message
Frame ID: 1095BDC9DA2468FBF2B120DCA331CC0A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/3LpU94b?hTP=9FGjrr8dDY HTTP 301
https://osquick.xyz/JFVuzs HTTP 302
https://sk.eznamksaticket.ocry.com/message Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

89 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

151 kB
Transfer

380 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3LpU94b?hTP=9FGjrr8dDY HTTP 301
https://osquick.xyz/JFVuzs HTTP 302
https://sk.eznamksaticket.ocry.com/message Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request message Show response sk.eznamksaticket.ocry.com/ Redirect Chain https://bit.ly/3LpU94b?hTP=9FGjrr8dDY https://osquick.xyz/JFVuzs https://sk.eznamksaticket.ocry.com/message	796 B 888 B	1349ms 535ms	Document text/html	162.62.119.142 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://sk.eznamksaticket.ocry.com/message Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.62.119.142 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `edb17701de6b79b6da7db85b6fd14cb3f6aa77e9b2980c0e9ae8a805cb731cbb` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers cache-control no-cache content-length 796 content-type text/html;charset=utf-8 date Tue, 16 Jul 2024 09:25:14 GMT server nginx Redirect headers cache-control no-cache content-length 0 content-type text/html;charset=utf-8 date Tue, 16 Jul 2024 09:25:13 GMT location https://sk.eznamksaticket.ocry.com/message server nginx
GET H2	200	common.min.css sk.eznamksaticket.ocry.com/static/css/	10 KB 2 KB	1418ms 1415ms	Stylesheet text/css	162.62.119.142 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://sk.eznamksaticket.ocry.com/static/css/common.min.css Requested by Host: sk.eznamksaticket.ocry.com URL: https://sk.eznamksaticket.ocry.com/message Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.62.119.142 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `10158a152f0dedcfa48c89ee6c7cf93fbf8e055f851278f5bba3bb84480b8b67` Request headers Referer https://sk.eznamksaticket.ocry.com/message User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 16 Jul 2024 09:25:15 GMT content-encoding gzip last-modified Fri, 05 Apr 2024 23:45:06 GMT server nginx vary Accept-Encoding x-cache MISS content-type text/css cache-control max-age=60 expires Tue, 16 Jul 2024 09:26:15 GMT
GET H2	200	theme.min.css sk.eznamksaticket.ocry.com/static/css/	207 KB 41 KB	1433ms 1430ms	Stylesheet text/css	162.62.119.142 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://sk.eznamksaticket.ocry.com/static/css/theme.min.css Requested by Host: sk.eznamksaticket.ocry.com URL: https://sk.eznamksaticket.ocry.com/message Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.62.119.142 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `f55ff0a07390cddd46f5d7667aa92790501c112e42460e07ea20898d4c6c5e82` Request headers Referer https://sk.eznamksaticket.ocry.com/message User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 16 Jul 2024 09:25:15 GMT content-encoding gzip last-modified Sun, 07 Apr 2024 14:36:36 GMT server nginx vary Accept-Encoding x-cache MISS content-type text/css cache-control max-age=60 expires Tue, 16 Jul 2024 09:26:15 GMT
GET H2	200	loading.gif sk.eznamksaticket.ocry.com/static/picture/	27 KB 27 KB	1328ms 1325ms	Image image/gif	162.62.119.142 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://sk.eznamksaticket.ocry.com/static/picture/loading.gif Requested by Host: sk.eznamksaticket.ocry.com URL: https://sk.eznamksaticket.ocry.com/message Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.62.119.142 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `031fcbeac0fc0d98bba1f649f95a40ea89b7c7f78583918515cdfb7abc63da51` Request headers Referer https://sk.eznamksaticket.ocry.com/message User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 16 Jul 2024 09:25:15 GMT last-modified Fri, 05 Apr 2024 23:45:14 GMT server nginx x-cache MISS content-type image/gif cache-control max-age=60 accept-ranges bytes content-length 27842 expires Tue, 16 Jul 2024 09:26:15 GMT
GET H2	200	jquery-3.7.1.min.js Show response sk.eznamksaticket.ocry.com/admin/js/	85 KB 34 KB	904ms 901ms	Script application/javascript	162.62.119.142 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://sk.eznamksaticket.ocry.com/admin/js/jquery-3.7.1.min.js Requested by Host: sk.eznamksaticket.ocry.com URL: https://sk.eznamksaticket.ocry.com/message Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.62.119.142 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a` Request headers Referer https://sk.eznamksaticket.ocry.com/message User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 16 Jul 2024 09:25:15 GMT content-encoding gzip last-modified Mon, 04 Mar 2024 23:23:04 GMT server nginx vary Accept-Encoding x-cache MISS content-type application/javascript cache-control max-age=60 expires Tue, 16 Jul 2024 09:26:15 GMT
GET H2	200	index.js Show response sk.eznamksaticket.ocry.com/admin/js/	3 KB 1 KB	371ms 371ms	Script application/javascript	162.62.119.142 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://sk.eznamksaticket.ocry.com/admin/js/index.js Requested by Host: sk.eznamksaticket.ocry.com URL: https://sk.eznamksaticket.ocry.com/message Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.62.119.142 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `af4f81253367cf33b76c5190c05a8260869b2a074162fc6b0fad1ab2d05c5e68` Request headers Referer https://sk.eznamksaticket.ocry.com/message User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 16 Jul 2024 09:25:16 GMT content-encoding gzip last-modified Tue, 27 Feb 2024 01:40:40 GMT server nginx vary Accept-Encoding x-cache MISS content-type application/javascript cache-control max-age=60 expires Tue, 16 Jul 2024 09:26:16 GMT
GET H2	200	zero.min.js Show response sk.eznamksaticket.ocry.com/admin/js/	4 KB 2 KB	420ms 420ms	Script application/javascript	162.62.119.142 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://sk.eznamksaticket.ocry.com/admin/js/zero.min.js Requested by Host: sk.eznamksaticket.ocry.com URL: https://sk.eznamksaticket.ocry.com/message Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.62.119.142 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `2d4add2bb8e64cc3bfcff0aab13bc84bfb4106c0c17f3dcbb5780c9b8c05e8ea` Request headers Referer https://sk.eznamksaticket.ocry.com/message User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 16 Jul 2024 09:25:16 GMT content-encoding gzip last-modified Thu, 07 Mar 2024 10:16:56 GMT server nginx vary Accept-Encoding x-cache MISS content-type application/javascript cache-control max-age=60 expires Tue, 16 Jul 2024 09:26:16 GMT
GET H2	200	subset-roboto-regular.woff sk.eznamksaticket.ocry.com/static/fonts/	42 KB 42 KB	705ms 704ms	Font application/font-woff	162.62.119.142 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://sk.eznamksaticket.ocry.com/static/fonts/subset-roboto-regular.woff Requested by Host: sk.eznamksaticket.ocry.com URL: https://sk.eznamksaticket.ocry.com/static/css/theme.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.62.119.142 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `10ba87dad3f6fd322f2f3e13f6bdf739c1d0de516469360dbff6a08f955804f5` Request headers Referer https://sk.eznamksaticket.ocry.com/static/css/theme.min.css Origin https://sk.eznamksaticket.ocry.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 16 Jul 2024 09:25:16 GMT last-modified Fri, 05 Apr 2024 23:45:10 GMT server nginx x-cache MISS content-type application/font-woff cache-control max-age=60 accept-ranges bytes content-length 43248 expires Tue, 16 Jul 2024 09:26:16 GMT
POST		message sk.eznamksaticket.ocry.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sk.eznamksaticket.ocry.com
URL: https://sk.eznamksaticket.ocry.com/message

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bit.ly/	1970-01-21 02:24:33	Name: _bit Value: o6g9pb-b8c36fea6245cb4f92-00h

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
intervention	info	URL: https://sk.eznamksaticket.ocry.com/message(Line 18) Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://sk.eznamksaticket.ocry.com/static/fonts/subset-roboto-regular.woff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
osquick.xyz
sk.eznamksaticket.ocry.com
sk.eznamksaticket.ocry.com
162.62.119.142
162.62.227.189
67.199.248.10
031fcbeac0fc0d98bba1f649f95a40ea89b7c7f78583918515cdfb7abc63da51
10158a152f0dedcfa48c89ee6c7cf93fbf8e055f851278f5bba3bb84480b8b67
10ba87dad3f6fd322f2f3e13f6bdf739c1d0de516469360dbff6a08f955804f5
2d4add2bb8e64cc3bfcff0aab13bc84bfb4106c0c17f3dcbb5780c9b8c05e8ea
af4f81253367cf33b76c5190c05a8260869b2a074162fc6b0fad1ab2d05c5e68
edb17701de6b79b6da7db85b6fd14cb3f6aa77e9b2980c0e9ae8a805cb731cbb
f55ff0a07390cddd46f5d7667aa92790501c112e42460e07ea20898d4c6c5e82
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

sk.eznamksaticket.ocry.com Open in urlscan Pro 162.62.119.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

89 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

151 kBTransfer

380 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

sk.eznamksaticket.ocry.com Open in urlscan Pro
162.62.119.142 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

151 kB
Transfer

380 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions