bilberryfreight.com Open in urlscan Pro
34.73.207.175 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bilberryfreight.com/.java/boerspay.htm
Submission Tags: 7310169
Submission: On October 04 via api (October 4th 2021, 7:55:27 am UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 34.73.207.175, located in North Charleston, United States and belongs to GOOGLE, US. The main domain is bilberryfreight.com.
TLS certificate: Issued by cPanel, Inc. ECC Certification Authority on September 13th 2021. Valid for: 3 months.

This is the only time bilberryfreight.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nedbank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
14	34.73.207.175 34.73.207.175		15169 (GOOGLE) (GOOGLE)
14	1

14 34.73.207.175 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: host.bilberryfreight.com

bilberryfreight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	bilberryfreight.com bilberryfreight.com	535 KB
14	1

	Domain	Requested by
14	bilberryfreight.com	bilberryfreight.com
14	1

This site contains no links.

Subject Issuer	Validity	Valid
bilberryfreight.com cPanel, Inc. ECC Certification Authority	`2021-09-13` - `2021-12-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bilberryfreight.com/.java/boerspay.htm
Frame ID: 3ED4C46A44693F5195D58C095E1FB437
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

535 kB
Transfer

1184 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request boerspay.htm Show response
bilberryfreight.com/.java/ 375 KB
19 KB 322ms
113ms Document
text/html 34.73.207.175
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bilberryfreight.com/.java/boerspay.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.73.207.175 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

host.bilberryfreight.com

Software

Apache /

Resource Hash

b2e3cf4829da7cebe6656d9a168427a372e55c57465019a74d321250383ec649

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300

Request headers

Host: bilberryfreight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 04 Oct 2021 07:55:19 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests
Last-Modified: Mon, 04 Oct 2021 04:53:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 03 Nov 2021 07:55:19 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=300
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
Content-Length: 18423
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK styles.css
bilberryfreight.com/.java/metaela/ 173 KB
30 KB 110ms
110ms Stylesheet
text/css 34.73.207.175
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bilberryfreight.com/.java/metaela/styles.css

Requested by

Host: bilberryfreight.com
URL: https://bilberryfreight.com/.java/boerspay.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.73.207.175 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

host.bilberryfreight.com

Software

Apache /

Resource Hash

8887a3e0dea10c649e723d160fcac04d7432910580a8c0f2726c0c27ef8ee9cc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bilberryfreight.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://bilberryfreight.com/.java/boerspay.htm
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://bilberryfreight.com/.java/boerspay.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 07:55:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Length: 30475
Access-Control-Allow-Headers: Content-Type, Authorization
Last-Modified: Wed, 08 Jan 2020 14:47:12 GMT
Server: Apache
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Wed, 03 Nov 2021 07:55:20 GMT

GET
H/1.1 200
OK jquery.min.js Show response
bilberryfreight.com/.java/metaela/ 95 KB
34 KB 310ms
109ms Script
application/javascript 34.73.207.175
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bilberryfreight.com/.java/metaela/jquery.min.js

Requested by

Host: bilberryfreight.com
URL: https://bilberryfreight.com/.java/boerspay.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.73.207.175 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

host.bilberryfreight.com

Software

Apache /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bilberryfreight.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://bilberryfreight.com/.java/boerspay.htm
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://bilberryfreight.com/.java/boerspay.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 07:55:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Length: 33760
Access-Control-Allow-Headers: Content-Type, Authorization
Last-Modified: Wed, 08 Jan 2020 14:47:12 GMT
Server: Apache
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Wed, 03 Nov 2021 07:55:20 GMT

GET
H/1.1 404
Not Found bffdre443d2ews2317366ter54ref.php
bilberryfreight.com/.java/diskripti/ 0
0 675ms
470ms Script
text/html 34.73.207.175
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bilberryfreight.com/.java/diskripti/bffdre443d2ews2317366ter54ref.php

Requested by

Host: bilberryfreight.com
URL: https://bilberryfreight.com/.java/boerspay.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.73.207.175 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

host.bilberryfreight.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bilberryfreight.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://bilberryfreight.com/.java/boerspay.htm
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://bilberryfreight.com/.java/boerspay.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 07:55:20 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Link: <https://bilberryfreight.com/wp-json/>; rel="https://api.w.org/"
Content-Length: 14776
Keep-Alive: timeout=5, max=100
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found Icon.ef111dcaf7b1952d120f.svg
bilberryfreight.com/.java/ 31 KB
31 KB 1166ms
1164ms Image
text/html 34.73.207.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bilberryfreight.com/.java/Icon.ef111dcaf7b1952d120f.svg

Requested by

Host: bilberryfreight.com
URL: https://bilberryfreight.com/.java/boerspay.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.73.207.175 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

host.bilberryfreight.com

Software

Apache /

Resource Hash

3a647544db1601ff8ff43d6a86a6b1fc266f4189509a4934c03571e23ab83b22

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bilberryfreight.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://bilberryfreight.com/.java/boerspay.htm
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://bilberryfreight.com/.java/boerspay.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 07:55:20 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Link: <https://bilberryfreight.com/wp-json/>; rel="https://api.w.org/"
Content-Length: 14720
Keep-Alive: timeout=5, max=97
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found location-blank-green.4b8e66bca4aac4a2aad6.svg
bilberryfreight.com/.java/ 31 KB
31 KB 1160ms
1157ms Image
text/html 34.73.207.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bilberryfreight.com/.java/location-blank-green.4b8e66bca4aac4a2aad6.svg

Requested by

Host: bilberryfreight.com
URL: https://bilberryfreight.com/.java/boerspay.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.73.207.175 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

host.bilberryfreight.com

Software

Apache /

Resource Hash

3a647544db1601ff8ff43d6a86a6b1fc266f4189509a4934c03571e23ab83b22

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bilberryfreight.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://bilberryfreight.com/.java/boerspay.htm
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://bilberryfreight.com/.java/boerspay.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 07:55:20 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Link: <https://bilberryfreight.com/wp-json/>; rel="https://api.w.org/"
Content-Length: 14720
Keep-Alive: timeout=5, max=100
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found contact-blank-green.a180fba4b897921edd0b.svg
bilberryfreight.com/.java/ 31 KB
31 KB 2185ms
1654ms Image
text/html 34.73.207.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bilberryfreight.com/.java/contact-blank-green.a180fba4b897921edd0b.svg

Requested by

Host: bilberryfreight.com
URL: https://bilberryfreight.com/.java/boerspay.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.73.207.175 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

host.bilberryfreight.com

Software

Apache /

Resource Hash

3a647544db1601ff8ff43d6a86a6b1fc266f4189509a4934c03571e23ab83b22

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bilberryfreight.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://bilberryfreight.com/.java/boerspay.htm
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://bilberryfreight.com/.java/boerspay.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 07:55:21 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Link: <https://bilberryfreight.com/wp-json/>; rel="https://api.w.org/"
Content-Length: 14720
Keep-Alive: timeout=5, max=99
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK KenaKahare_v2.png
bilberryfreight.com/.java/difoto/ 100 KB
101 KB 1476ms
110ms Image
image/png 34.73.207.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bilberryfreight.com/.java/difoto/KenaKahare_v2.png

Requested by

Host: bilberryfreight.com
URL: https://bilberryfreight.com/.java/boerspay.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.73.207.175 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

host.bilberryfreight.com

Software

Apache /

Resource Hash

354cb0a75fdc0745134b7809a64030764e4b22c5161d679fdd9ad01b4d8386ca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bilberryfreight.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://bilberryfreight.com/.java/boerspay.htm
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://bilberryfreight.com/.java/boerspay.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 07:55:22 GMT
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Length: 102656
Access-Control-Allow-Headers: Content-Type, Authorization
Last-Modified: Wed, 30 Dec 2020 22:17:42 GMT
Server: Apache
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Wed, 03 Nov 2021 07:55:22 GMT

GET
H/1.1 404
Not Found Eye-Show.e1de9570f043be4db21c.svg
bilberryfreight.com/.java/metaela/ 31 KB
31 KB 2516ms
1144ms Image
text/html 34.73.207.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bilberryfreight.com/.java/metaela/Eye-Show.e1de9570f043be4db21c.svg

Requested by

Host: bilberryfreight.com
URL: https://bilberryfreight.com/.java/metaela/styles.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.73.207.175 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

host.bilberryfreight.com

Software

Apache /

Resource Hash

85881ee7adcfdc0f9fe9e172e2a1eab265afe7939ad6959a548100d2eb2b71ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bilberryfreight.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://bilberryfreight.com/.java/metaela/styles.css
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://bilberryfreight.com/.java/metaela/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 07:55:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Link: <https://bilberryfreight.com/wp-json/>; rel="https://api.w.org/"
Content-Length: 14776
Keep-Alive: timeout=5, max=100
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found contact-footer.ff0deb4d99b5c501e332.svg
bilberryfreight.com/.java/ 60 KB
60 KB 2533ms
778ms Image
text/html 34.73.207.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bilberryfreight.com/.java/contact-footer.ff0deb4d99b5c501e332.svg

Requested by

Host: bilberryfreight.com
URL: https://bilberryfreight.com/.java/boerspay.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.73.207.175 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

host.bilberryfreight.com

Software

Apache /

Resource Hash

859c1d3f598d481abcd2ac43d33804b04aaf19c9a8b82e2b9c98aacc3b3a973e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bilberryfreight.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://bilberryfreight.com/.java/boerspay.htm
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://bilberryfreight.com/.java/boerspay.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 07:55:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Link: <https://bilberryfreight.com/wp-json/>; rel="https://api.w.org/"
Content-Length: 14720
Keep-Alive: timeout=5, max=99
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found location-blank.e36d304f8628a21886d3.svg
bilberryfreight.com/.java/ 31 KB
31 KB 1869ms
1684ms Image
text/html 34.73.207.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bilberryfreight.com/.java/location-blank.e36d304f8628a21886d3.svg

Requested by

Host: bilberryfreight.com
URL: https://bilberryfreight.com/.java/boerspay.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.73.207.175 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

host.bilberryfreight.com

Software

Apache /

Resource Hash

3a647544db1601ff8ff43d6a86a6b1fc266f4189509a4934c03571e23ab83b22

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bilberryfreight.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://bilberryfreight.com/.java/boerspay.htm
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://bilberryfreight.com/.java/boerspay.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 07:55:21 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Link: <https://bilberryfreight.com/wp-json/>; rel="https://api.w.org/"
Content-Length: 14720
Keep-Alive: timeout=5, max=100
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found phoneicon.d20aa97e94487e70b840.svg
bilberryfreight.com/.java/ 31 KB
31 KB 1654ms
1469ms Image
text/html 34.73.207.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bilberryfreight.com/.java/phoneicon.d20aa97e94487e70b840.svg

Requested by

Host: bilberryfreight.com
URL: https://bilberryfreight.com/.java/boerspay.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.73.207.175 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

host.bilberryfreight.com

Software

Apache /

Resource Hash

3a647544db1601ff8ff43d6a86a6b1fc266f4189509a4934c03571e23ab83b22

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bilberryfreight.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://bilberryfreight.com/.java/boerspay.htm
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://bilberryfreight.com/.java/boerspay.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 07:55:21 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Link: <https://bilberryfreight.com/wp-json/>; rel="https://api.w.org/"
Content-Length: 14720
Keep-Alive: timeout=5, max=100
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found tncs.04b64534a4bbcb7c2676.svg
bilberryfreight.com/.java/ 31 KB
31 KB 1639ms
1453ms Image
text/html 34.73.207.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bilberryfreight.com/.java/tncs.04b64534a4bbcb7c2676.svg

Requested by

Host: bilberryfreight.com
URL: https://bilberryfreight.com/.java/boerspay.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.73.207.175 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

host.bilberryfreight.com

Software

Apache /

Resource Hash

3a647544db1601ff8ff43d6a86a6b1fc266f4189509a4934c03571e23ab83b22

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bilberryfreight.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://bilberryfreight.com/.java/boerspay.htm
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://bilberryfreight.com/.java/boerspay.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 07:55:21 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Link: <https://bilberryfreight.com/wp-json/>; rel="https://api.w.org/"
Content-Length: 14720
Keep-Alive: timeout=5, max=100
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK FontFont%20-%20MarkPro.12d6724a254d3be629fc.otf
bilberryfreight.com/.java/difonto/ 162 KB
72 KB 316ms
110ms Font
font/otf 34.73.207.175
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bilberryfreight.com/.java/difonto/FontFont%20-%20MarkPro.12d6724a254d3be629fc.otf

Requested by

Host: bilberryfreight.com
URL: https://bilberryfreight.com/.java/boerspay.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.73.207.175 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

host.bilberryfreight.com

Software

Apache /

Resource Hash

eaa561f9f8ef5b69bd39e15e332dc3700decacebf48e08b0640ad3a5d8711f65

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://bilberryfreight.com
Accept-Encoding: gzip, deflate, br
Host: bilberryfreight.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://bilberryfreight.com/.java/boerspay.htm
Connection: keep-alive
Referer: https://bilberryfreight.com/.java/boerspay.htm
Origin: https://bilberryfreight.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 07:55:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Access-Control-Allow-Headers: Content-Type, Authorization
Last-Modified: Wed, 08 Jan 2020 14:47:12 GMT
Server: Apache
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: font/otf
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Wed, 03 Nov 2021 07:55:21 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nedbank (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bilberryfreight.com/.java/diskripti/bffdre443d2ews2317366ter54ref.php Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://bilberryfreight.com/.java/location-blank-green.4b8e66bca4aac4a2aad6.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://bilberryfreight.com/.java/Icon.ef111dcaf7b1952d120f.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://bilberryfreight.com/.java/tncs.04b64534a4bbcb7c2676.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://bilberryfreight.com/.java/phoneicon.d20aa97e94487e70b840.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://bilberryfreight.com/.java/location-blank.e36d304f8628a21886d3.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://bilberryfreight.com/.java/contact-blank-green.a180fba4b897921edd0b.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://bilberryfreight.com/.java/metaela/Eye-Show.e1de9570f043be4db21c.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://bilberryfreight.com/.java/contact-footer.ff0deb4d99b5c501e332.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bilberryfreight.com
34.73.207.175
354cb0a75fdc0745134b7809a64030764e4b22c5161d679fdd9ad01b4d8386ca
3a647544db1601ff8ff43d6a86a6b1fc266f4189509a4934c03571e23ab83b22
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
85881ee7adcfdc0f9fe9e172e2a1eab265afe7939ad6959a548100d2eb2b71ce
859c1d3f598d481abcd2ac43d33804b04aaf19c9a8b82e2b9c98aacc3b3a973e
8887a3e0dea10c649e723d160fcac04d7432910580a8c0f2726c0c27ef8ee9cc
b2e3cf4829da7cebe6656d9a168427a372e55c57465019a74d321250383ec649
eaa561f9f8ef5b69bd39e15e332dc3700decacebf48e08b0640ad3a5d8711f65

bilberryfreight.com Open in urlscan Pro 34.73.207.175 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

535 kBTransfer

1184 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

0 Cookies

9 Console Messages

Security Headers

Indicators

bilberryfreight.com Open in urlscan Pro
34.73.207.175 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

535 kB
Transfer

1184 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!