bzdic.shbzek.com
Open in
urlscan Pro
185.56.234.205
Public Scan
Summary
TLS certificate: Issued by R3 on April 4th 2023. Valid for: 3 months.
This is the only time bzdic.shbzek.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 88.99.234.134 88.99.234.134 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 91.238.104.193 91.238.104.193 | 50321 (BYTES-AS) (BYTES-AS) | |
1 | 194.135.30.210 194.135.30.210 | 50321 (BYTES-AS) (BYTES-AS) | |
1 2 | 2.59.222.113 2.59.222.113 | 209155 (ONEHOSTPL...) (ONEHOSTPLANET) | |
1 5 | 185.56.234.205 185.56.234.205 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
4 | 2606:4700:303... 2606:4700:3033::ac43:dd04 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a02:b4a:1:7:... 2a02:b4a:1:7::9167:1 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
16 | 8 |
ASN24940 (HETZNER-AS, DE)
PTR: vip16-134.cp.htz.privatedns.biz
mail.fha.org.ir |
ASN39572 (ADVANCEDHOSTERS-AS, NL)
shbzek.com | |
3q1bf.shbzek.com | |
7yjfu.shbzek.com | |
bzdic.shbzek.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
shbzek.com
1 redirects
shbzek.com — Cisco Umbrella Rank: 247087 3q1bf.shbzek.com 7yjfu.shbzek.com bzdic.shbzek.com |
249 KB |
4 |
ulmoyc.com
ulmoyc.com — Cisco Umbrella Rank: 49423 |
16 KB |
3 |
scriptsplatform.com
1 redirects
statistic.scriptsplatform.com — Cisco Umbrella Rank: 92454 come.scriptsplatform.com — Cisco Umbrella Rank: 90383 Failed |
3 KB |
1 |
azkcqs.com
azkcqs.com — Cisco Umbrella Rank: 31003 Failed |
101 B |
1 |
clickandanalytics.com
click.clickandanalytics.com |
2 KB |
1 |
fha.org.ir
mail.fha.org.ir |
302 B |
16 | 6 |
Domain | Requested by | |
---|---|---|
4 | ulmoyc.com |
shbzek.com
ulmoyc.com 3q1bf.shbzek.com 7yjfu.shbzek.com |
2 | shbzek.com |
1 redirects
come.scriptsplatform.com
|
2 | come.scriptsplatform.com |
statistic.scriptsplatform.com
come.scriptsplatform.com |
1 | bzdic.shbzek.com |
7yjfu.shbzek.com
|
1 | 7yjfu.shbzek.com |
3q1bf.shbzek.com
|
1 | 3q1bf.shbzek.com |
shbzek.com
|
1 | azkcqs.com |
shbzek.com
3q1bf.shbzek.com |
1 | statistic.scriptsplatform.com |
click.clickandanalytics.com
|
1 | click.clickandanalytics.com |
mail.fha.org.ir
|
1 | mail.fha.org.ir | |
16 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
click.clickandanalytics.com R3 |
2023-05-21 - 2023-08-19 |
3 months | crt.sh |
statistic.scriptsplatform.com R3 |
2023-05-15 - 2023-08-13 |
3 months | crt.sh |
come.scriptsplatform.com R3 |
2023-05-14 - 2023-08-12 |
3 months | crt.sh |
shbzek.com R3 |
2023-04-04 - 2023-07-03 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-01-29 - 2024-01-28 |
a year | crt.sh |
azkcqs.com R3 |
2023-04-27 - 2023-07-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bzdic.shbzek.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTIxMjUwNiwid2lkIjo0NTE5MTcsInNyYyI6Mn0=eyJ&si1=983458&si2=05demos&i=3
Frame ID: 3B417F74B7E872940DDFF32FC1B98215
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
Bot captchaPage URL History Show full URLs
- http://mail.fha.org.ir/ Page URL
- https://come.scriptsplatform.com/away.php?sourceid=43637753&suid=364&pid=23468658 Page URL
-
https://come.scriptsplatform.com/go.php
HTTP 302
https://shbzek.com/gosl/InNpZCI6MTIxMjUwNiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=98... HTTP 302
https://shbzek.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTIxMjUwNiwid2lkIjo0NTE5MTcsInNyYyI... Page URL
- https://3q1bf.shbzek.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTIxMjUwNiwid2lkIjo0NTE5MTcsInNyYyI... Page URL
- https://7yjfu.shbzek.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTIxMjUwNiwid2lkIjo0NTE5MTcsInNyYyI... Page URL
- https://bzdic.shbzek.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTIxMjUwNiwid2lkIjo0NTE5MTcsInNyYyI... Page URL
Detected technologies
Mautic (Marketing Automation) ExpandDetected patterns
- [^a-z]mtc.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://mail.fha.org.ir/ Page URL
- https://come.scriptsplatform.com/away.php?sourceid=43637753&suid=364&pid=23468658 Page URL
-
https://come.scriptsplatform.com/go.php
HTTP 302
https://shbzek.com/gosl/InNpZCI6MTIxMjUwNiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=983458&si2=05demos HTTP 302
https://shbzek.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTIxMjUwNiwid2lkIjo0NTE5MTcsInNyYyI6Mn0=eyJ&si1=983458&si2=05demos Page URL
- https://3q1bf.shbzek.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTIxMjUwNiwid2lkIjo0NTE5MTcsInNyYyI6Mn0=eyJ&si1=983458&si2=05demos&i=1 Page URL
- https://7yjfu.shbzek.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTIxMjUwNiwid2lkIjo0NTE5MTcsInNyYyI6Mn0=eyJ&si1=983458&si2=05demos&i=2 Page URL
- https://bzdic.shbzek.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTIxMjUwNiwid2lkIjo0NTE5MTcsInNyYyI6Mn0=eyJ&si1=983458&si2=05demos&i=3 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- https://come.scriptsplatform.com/go.php HTTP 302
- https://shbzek.com/gosl/InNpZCI6MTIxMjUwNiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=983458&si2=05demos HTTP 302
- https://shbzek.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTIxMjUwNiwid2lkIjo0NTE5MTcsInNyYyI6Mn0=eyJ&si1=983458&si2=05demos
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
mail.fha.org.ir/ |
548 B 302 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
take
click.clickandanalytics.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
collect
statistic.scriptsplatform.com/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
away.php
come.scriptsplatform.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
away.php
come.scriptsplatform.com/ |
153 B 270 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
go.php
come.scriptsplatform.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bot-captcha-1
shbzek.com/ Redirect Chain
|
91 KB 62 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
45 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
rpe
azkcqs.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
ulmoyc.com/v1/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fp.js
ulmoyc.com/ |
1 KB 874 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bot-captcha-1
3q1bf.shbzek.com/ |
91 KB 62 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rpe
azkcqs.com/ |
0 101 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
45 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sdk.js
ulmoyc.com/v1/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bot-captcha-1
7yjfu.shbzek.com/ |
91 KB 62 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
45 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sdk.js
ulmoyc.com/v1/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
bot-captcha-1
bzdic.shbzek.com/ |
91 KB 62 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
45 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- come.scriptsplatform.com
- URL
- https://come.scriptsplatform.com/away.php?sourceid=43637753&suid=364&pid=23468658
- Domain
- come.scriptsplatform.com
- URL
- https://come.scriptsplatform.com/go.php
- Domain
- azkcqs.com
- URL
- https://azkcqs.com/rpe?a=1&s=1&act=17&src=2&p=1054030&st=1212506&wd=451917&d=shbzek.com&tpl=30&rnd=0.3491397228166535&sbid=983458&sbid2=05demos
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| edPushSDK4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
mail.fha.org.ir/ | Name: simpeladus Value: 1 |
|
.shbzek.com/ | Name: truniq Value: 1 |
|
.shbzek.com/ | Name: ufp2 Value: 847550f20592037ebd389767885035c774a316c4 |
|
.shbzek.com/ | Name: prompt Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
3q1bf.shbzek.com
7yjfu.shbzek.com
azkcqs.com
bzdic.shbzek.com
click.clickandanalytics.com
come.scriptsplatform.com
mail.fha.org.ir
shbzek.com
statistic.scriptsplatform.com
ulmoyc.com
azkcqs.com
come.scriptsplatform.com
185.56.234.205
194.135.30.210
2.59.222.113
2606:4700:3033::ac43:dd04
2a02:b4a:1:7::9167:1
88.99.234.134
91.238.104.193
2f4e7ee19635c4b0b637980137c3dafa75efeeb874f529a326e1edba6b55b45d
506fb7219e17a077b1dad7d70fa235d5b0faa57e84037100ae6635dd4fd4e57e
6a9471f6e52b39238481211f9547c683bdcbe5d0bdaab644c889819cb0c578f7
8183f73de13c2861c1c4da12e6ddc90d0b87071c801ee3ae47f1c2918fb4d794
942975400f4dba33ae453b5d2da7cb55a58f3cbcdd5182fd11bca092542968a5
97ff4363c83524545b916ad9f58820e4250be33cf6148684979876900c37f2e6
aa0afc147781556923d3224f4ad50d2d30d55d93c8ce79547863ddbc0ec841fc
cf496570a0c0040de29c04e62027d6250d6bf3a4b8781918ae2e52d85debcb97
d971ad919ca1b24b8d3d4a06eca8ffb097381f37e675d38d8c6e102f3d2c8418
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87849dd13972aa35e307b9589b873f6c5a126d9773f846aa758b28aa9ac4fc3