metalconstruction.ge
Open in
urlscan Pro
91.212.213.25
Public Scan
Submitted URL: http://www.stadsbakkerijdediamantenring.nl/wp-content/themes/twentytwenty/gam.php
Effective URL: http://metalconstruction.ge/home/uyt.php?login.idm.telekom.com/oauth2/authffhuwuri=search?client=firefox-b-d&ei=H67bXIWBIuW7...
Submission Tags: @ipnigh
Submission: On January 16 via api from GB
Effective URL: http://metalconstruction.ge/home/uyt.php?login.idm.telekom.com/oauth2/authffhuwuri=search?client=firefox-b-d&ei=H67bXIWBIuW7...
Submission Tags: @ipnigh
Submission: On January 16 via api from GB
Summary
This website contacted 4 IPs
in 3 countries
across 3 domains to perform 15 HTTP transactions.
The main IP is 91.212.213.25, located in
Georgia and
belongs to SERVGE-AS Data center and Hosting Provider, GE.
The main domain is metalconstruction.ge.
This is the only time metalconstruction.ge was scanned on urlscan.io!
This is the only time metalconstruction.ge was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 2 | 145.131.3.183 145.131.3.183 | 8315 (SENTIA) (SENTIA) | |
| 2 5 | 91.212.213.25 91.212.213.25 | 49364 (SERVGE-AS...) (SERVGE-AS Data center and Hosting Provider) | |
| 7 | 195.186.145.195 195.186.145.195 | 3303 (SWISSCOM ...) (SWISSCOM Swisscom (Switzerland) Ltd) | |
| 4 | 195.186.122.189 195.186.122.189 | 3303 (SWISSCOM ...) (SWISSCOM Swisscom (Switzerland) Ltd) | |
| 15 | 4 |
2
145.131.3.183
(IJsselstein, Netherlands)
ASN8315 (SENTIA, NL)
PTR: ahv-id-19927.vps.awcloud.nl
ASN8315 (SENTIA, NL)
PTR: ahv-id-19927.vps.awcloud.nl
| www.stadsbakkerijdediamantenring.nl |
5
91.212.213.25
(Georgia)
ASN49364 (SERVGE-AS Data center and Hosting Provider, GE)
PTR: www6.serv.ge
ASN49364 (SERVGE-AS Data center and Hosting Provider, GE)
PTR: www6.serv.ge
| metalconstruction.ge |
7
195.186.145.195
(Switzerland)
ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH)
ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH)
| login.sso.bluewin.ch |
4
195.186.122.189
(Switzerland)
ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH)
ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH)
| rich-v01.bluewin.ch |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 11 |
bluewin.ch
login.sso.bluewin.ch rich-v01.bluewin.ch |
148 KB |
| 5 |
metalconstruction.ge
2 redirects
metalconstruction.ge |
6 KB |
| 2 |
stadsbakkerijdediamantenring.nl
1 redirects
www.stadsbakkerijdediamantenring.nl |
708 B |
| 15 | 3 |
| Domain | Requested by | |
|---|---|---|
| 7 | login.sso.bluewin.ch |
metalconstruction.ge
|
| 5 | metalconstruction.ge |
2 redirects
metalconstruction.ge
|
| 4 | rich-v01.bluewin.ch |
login.sso.bluewin.ch
metalconstruction.ge |
| 2 | www.stadsbakkerijdediamantenring.nl | 1 redirects |
| 15 | 4 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| login.sso.bluewin.ch |
| registration.scl.swisscom.ch |
| www.swisscom.ch |
| swisscom.ch |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| stadsbakkerijdediamantenring.nl Let's Encrypt Authority X3 |
2020-01-06 - 2020-04-05 |
3 months | crt.sh |
| login.sso.bluewin.ch SwissSign EV Gold CA 2014 - G22 |
2018-03-21 - 2020-03-21 |
2 years | crt.sh |
| rich.bluewin.ch SwissSign EV Gold CA 2014 - G22 |
2019-01-24 - 2021-01-24 |
2 years | crt.sh |
This page contains 4 frames:
Primary Page:
http://metalconstruction.ge/home/uyt.php?login.idm.telekom.com/oauth2/authffhuwuri=search?client=firefox-b-d&ei=H67bXIWBIuW71fAPteOFqAU&q=Please+you+are+advice+to+unlock+and+update+your+account+by+the+following+Unlock+
Frame ID: 11671AED2E62821F823FFF5725961551
Requests: 12 HTTP requests in this frame
Frame:
https://rich-v01.bluewin.ch/login/loginheader/desktop/de/
Frame ID: 5A0FADC9D9F4C7104D1313AD00CC42C5
Requests: 1 HTTP requests in this frame
Frame:
https://rich-v01.bluewin.ch/login/logintitle/desktop/de/
Frame ID: 2F51ACF28322BB6FEEB9A7D51242CD53
Requests: 1 HTTP requests in this frame
Frame:
https://rich-v01.bluewin.ch/login/logintext/desktop/de/
Frame ID: 4ABC5445A18A41F589CB0EC192DEF2A9
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.stadsbakkerijdediamantenring.nl/wp-content/themes/twentytwenty/gam.php
HTTP 301
https://www.stadsbakkerijdediamantenring.nl/wp-content/themes/twentytwenty/gam.php Page URL
- http://metalconstruction.ge/home/uyt.php?login.idm.telekom.com/oauth2/authffhuwuri=search?client=firefox... Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /\.php(?:$|\?)/i
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
URL: https://login.sso.bluewin.ch/?SNA=webmail&RAL=0&RRL=0&RURL=https%3A%2F%2Frich-v01.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dde%26m%3Dfalse&keepLogin=false&LPR=yes&pps=desktop&L=fr
Title: fr
Title: fr
Search URL Search Domain Scan URL
URL: https://login.sso.bluewin.ch/?SNA=webmail&RAL=0&RRL=0&RURL=https%3A%2F%2Frich-v01.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dde%26m%3Dfalse&keepLogin=false&LPR=yes&pps=desktop&L=it
Title: it
Title: it
Search URL Search Domain Scan URL
URL: https://login.sso.bluewin.ch/?SNA=webmail&RAL=0&RRL=0&RURL=https%3A%2F%2Frich-v01.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dde%26m%3Dfalse&keepLogin=false&LPR=yes&pps=desktop&L=en
Title: en
Title: en
Search URL Search Domain Scan URL
URL: https://registration.scl.swisscom.ch/?SNA=webmail&RURL=https%3A%2F%2Frich-v01.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dde%26m%3Dfalse®istrationType=XS&lang=de
Title: Swisscom Login einrichten
Title: Swisscom Login einrichten
Search URL Search Domain Scan URL
URL: https://www.swisscom.ch/de/privatkunden/mobile/zusatzdienste/mobileid.t4.html
Title: Mobile ID nutzen
Title: Mobile ID nutzen
Search URL Search Domain Scan URL
URL: http://www.swisscom.ch/de/privatkunden/rechtliches.html
Title: Rechtliches
Title: Rechtliches
Search URL Search Domain Scan URL
URL: http://www.swisscom.ch/de/privatkunden/impressum.html
Title: Impressum
Title: Impressum
Search URL Search Domain Scan URL
URL: http://swisscom.ch/de/privatkunden/hilfe/kontakt.html
Title: Kontakt
Title: Kontakt
Search URL Search Domain Scan URL
URL: http://www.swisscom.ch/de/privatkunden/hilfe.html
Title: Hilfe
Title: Hilfe
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.stadsbakkerijdediamantenring.nl/wp-content/themes/twentytwenty/gam.php
HTTP 301
https://www.stadsbakkerijdediamantenring.nl/wp-content/themes/twentytwenty/gam.php Page URL
- http://metalconstruction.ge/home/uyt.php?login.idm.telekom.com/oauth2/authffhuwuri=search?client=firefox-b-d&ei=H67bXIWBIuW71fAPteOFqAU&q=Please+you+are+advice+to+unlock+and+update+your+account+by+the+following+Unlock+ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.stadsbakkerijdediamantenring.nl/wp-content/themes/twentytwenty/gam.php HTTP 301
- https://www.stadsbakkerijdediamantenring.nl/wp-content/themes/twentytwenty/gam.php
- http://metalconstruction.ge/resources/images/eye-icon.png HTTP 303
- http://metalconstruction.ge/index.php/ge/resources/images/eye-icon.png
- http://metalconstruction.ge/resources/styles/fonts.css HTTP 303
- http://metalconstruction.ge/index.php/ge/resources/styles/fonts.css
15 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
gam.php
www.stadsbakkerijdediamantenring.nl/wp-content/themes/twentytwenty/ Redirect Chain
|
334 B 458 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
uyt.php
metalconstruction.ge/home/ |
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
all-critical.css
login.sso.bluewin.ch/resources/styles/ |
17 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
eye-icon.png
metalconstruction.ge/index.php/ge/resources/images/ Redirect Chain
|
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
critical.js
login.sso.bluewin.ch/resources/scripts/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
all.js
login.sso.bluewin.ch/resources/scripts/ |
103 KB 35 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
print.css
login.sso.bluewin.ch/resources/styles/ |
219 B 716 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login-background-desktop.jpg
login.sso.bluewin.ch/resources/images/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-dark.png
login.sso.bluewin.ch/resources/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fonts.css
metalconstruction.ge/index.php/ge/resources/styles/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
all.css
login.sso.bluewin.ch/resources/styles/ |
36 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
rich-v01.bluewin.ch/login/loginheader/desktop/de/ Frame 5A0F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
rich-v01.bluewin.ch/login/logintitle/desktop/de/ Frame 2F51 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
rich-v01.bluewin.ch/login/logintext/desktop/de/ Frame 4ABC |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
rich-v01.bluewin.ch/login/loginbackground/desktop/de/ |
42 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| _jsQueue object| WebFontConfig boolean| Ba object| webfont object| WebFont object| PubSub2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| metalconstruction.ge/ | Name: 84ad9b3acc31eacf28b82346ab8b590e Value: ka-GE |
|
| metalconstruction.ge/ | Name: 15bb0fcf896cd8e7ff4481cee024fddf Value: lrmgamc3trtt8kkvd3q81smn70 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login.sso.bluewin.ch
metalconstruction.ge
rich-v01.bluewin.ch
www.stadsbakkerijdediamantenring.nl
145.131.3.183
195.186.122.189
195.186.145.195
91.212.213.25
15770879ffc00d5472cf644ba5ad657b1b6a7c8cc8718aed0ba9da9042f3d215
2a02914db5c07bc4abe1409ed6234bf24414862cdce46cb468b27d1c2ebf628a
4209d7e035803482049874ef71331e4765c6e16a1fa522997fb88b74ebc50a64
6a402a56b5296e86a5efbeb082e239abc31aa7b1550e32cc1947968fa9faebff
741ae230f89d9ad4d76c10a6ac88e0b0c349f6e794886984279a1d1cb7691dd7
8390fbc9533f4baba09fc5d92999ce77139e089c02991fd4e006f8ac19f1b9dc
91561a9b2bc027448ca63efa5c9eb6ea157c3c55b46d82630e06cc304b3585a5
b7312452dac2d97e4e51b8bb0af9f6750b35866186178b7b5ef0975e942068c9
d3f3312d09059bcadf593c27802c5d1dc32636230b10d001f7f41fc0a05004be
e6083646ff7fe2af1088d01c16013a2a204c441d9b7041a5b49b7a1d179659cb
fd5fd9dfabf7218b660b4f57796609d31ee8167ff6f294a50b1116514356c35b