sk.eznamksaticket.ocry.com
Open in
urlscan Pro
162.62.119.142
Public Scan
Effective URL: https://sk.eznamksaticket.ocry.com/message
Submission Tags: @phish_report
Submission: On July 16 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by R10 on July 5th 2024. Valid for: 3 months.
This is the only time sk.eznamksaticket.ocry.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 67.199.248.10 67.199.248.10 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 1 | 162.62.227.189 162.62.227.189 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
8 | 162.62.119.142 162.62.119.142 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
9 | 2 |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
osquick.xyz |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
sk.eznamksaticket.ocry.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
ocry.com
sk.eznamksaticket.ocry.com |
151 KB |
1 |
osquick.xyz
1 redirects
osquick.xyz |
124 B |
1 |
bit.ly
1 redirects
bit.ly — Cisco Umbrella Rank: 6373 |
405 B |
9 | 3 |
Domain | Requested by | |
---|---|---|
8 | sk.eznamksaticket.ocry.com |
sk.eznamksaticket.ocry.com
|
1 | osquick.xyz | 1 redirects |
1 | bit.ly | 1 redirects |
9 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sk.eznamksaticket.ocry.com R10 |
2024-07-05 - 2024-10-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://sk.eznamksaticket.ocry.com/message
Frame ID: 1095BDC9DA2468FBF2B120DCA331CC0A
Requests: 9 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://bit.ly/3LpU94b?hTP=9FGjrr8dDY
HTTP 301
https://osquick.xyz/JFVuzs HTTP 302
https://sk.eznamksaticket.ocry.com/message Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://bit.ly/3LpU94b?hTP=9FGjrr8dDY
HTTP 301
https://osquick.xyz/JFVuzs HTTP 302
https://sk.eznamksaticket.ocry.com/message Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
message
sk.eznamksaticket.ocry.com/ Redirect Chain
|
796 B 888 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.min.css
sk.eznamksaticket.ocry.com/static/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.min.css
sk.eznamksaticket.ocry.com/static/css/ |
207 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
sk.eznamksaticket.ocry.com/static/picture/ |
27 KB 27 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.7.1.min.js
sk.eznamksaticket.ocry.com/admin/js/ |
85 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
sk.eznamksaticket.ocry.com/admin/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zero.min.js
sk.eznamksaticket.ocry.com/admin/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
subset-roboto-regular.woff
sk.eznamksaticket.ocry.com/static/fonts/ |
42 KB 42 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST |
message
sk.eznamksaticket.ocry.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sk.eznamksaticket.ocry.com
- URL
- https://sk.eznamksaticket.ocry.com/message
Verdicts & Comments Add Verdict or Comment
16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| WebsocketHeartbeatJs function| default object| a function| b function| f function| e function| d function| c string| uuid number| active string| page object| websocketHeartbeatJs function| sendWithMsg function| doWithMsg1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bit.ly/ | Name: _bit Value: o6g9pb-b8c36fea6245cb4f92-00h |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bit.ly
osquick.xyz
sk.eznamksaticket.ocry.com
sk.eznamksaticket.ocry.com
162.62.119.142
162.62.227.189
67.199.248.10
031fcbeac0fc0d98bba1f649f95a40ea89b7c7f78583918515cdfb7abc63da51
10158a152f0dedcfa48c89ee6c7cf93fbf8e055f851278f5bba3bb84480b8b67
10ba87dad3f6fd322f2f3e13f6bdf739c1d0de516469360dbff6a08f955804f5
2d4add2bb8e64cc3bfcff0aab13bc84bfb4106c0c17f3dcbb5780c9b8c05e8ea
af4f81253367cf33b76c5190c05a8260869b2a074162fc6b0fad1ab2d05c5e68
edb17701de6b79b6da7db85b6fd14cb3f6aa77e9b2980c0e9ae8a805cb731cbb
f55ff0a07390cddd46f5d7667aa92790501c112e42460e07ea20898d4c6c5e82
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a