three-billing.cc Open in urlscan Pro
111.90.142.159 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://three-billing.cc/
Effective URL:
https://three-billing.cc/app/index?id=865d8438f0c63c81c09ae2324dd0d6ce865d8438f0c63c81c09ae2324dd0d6ce&session=865d8438f0...
Submission Tags: phishing
Submission: On January 25 via api (January 25th 2021, 7:34:35 am UTC) from NL

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 24 HTTP transactions. The main IP is 111.90.142.159, located in Malaysia and belongs to SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY. The main domain is three-billing.cc.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on January 24th 2021. Valid for: 3 months.

This is the only time three-billing.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 2	111.90.142.159 111.90.142.159		45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd)
24	2

2 111.90.142.159 (Malaysia) 1 redirects

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)

three-billing.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	three-billing.cc 1 redirects three-billing.cc	14 KB
24	1

	Domain	Requested by
2	three-billing.cc	1 redirects three-billing.cc
24	1

This site contains no links.

Subject Issuer	Validity	Valid
three-billing.cc ZeroSSL RSA Domain Secure Site CA	`2021-01-24` - `2021-04-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://three-billing.cc/app/index?id=865d8438f0c63c81c09ae2324dd0d6ce865d8438f0c63c81c09ae2324dd0d6ce&session=865d8438f0c63c81c09ae2324dd0d6ce865d8438f0c63c81c09ae2324dd0d6ce
Frame ID: 32C1E813A533A8C6800357F594A06293
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://three-billing.cc/ HTTP 302
https://three-billing.cc/app/index?id=865d8438f0c63c81c09ae2324dd0d6ce865d8438f0c63c81c09ae2324dd0d6c... Page URL

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

24
Requests

4 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

13 kB
Transfer

115 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://three-billing.cc/ HTTP 302
https://three-billing.cc/app/index?id=865d8438f0c63c81c09ae2324dd0d6ce865d8438f0c63c81c09ae2324dd0d6ce&session=865d8438f0c63c81c09ae2324dd0d6ce865d8438f0c63c81c09ae2324dd0d6ce Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index Show response three-billing.cc/app/ Redirect Chain https://three-billing.cc/ https://three-billing.cc/app/index?id=865d8438f0c63c81c09ae2324dd0d6ce865d8438f0c63c81c09ae2324dd0d6ce&session=865d8438f0c63c81c09ae2324dd0d6ce865d8438f0c63c81c09ae2324dd0d6ce	115 KB 13 KB	503ms 201ms	Document text/html	111.90.142.159 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://three-billing.cc/app/index?id=865d8438f0c63c81c09ae2324dd0d6ce865d8438f0c63c81c09ae2324dd0d6ce&session=865d8438f0c63c81c09ae2324dd0d6ce865d8438f0c63c81c09ae2324dd0d6ce Protocol H2 Security TLS 1.3, , AES_128_GCM Server 111.90.142.159 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS Software LiteSpeed / PHP/7.3.25 Resource Hash `4201d82e6e65fd9dc4c866cf6b067129d5480716628dbf07d9b84d2a76dcdb67` Request headers :method GET :authority three-billing.cc :scheme https :path /app/index?id=865d8438f0c63c81c09ae2324dd0d6ce865d8438f0c63c81c09ae2324dd0d6ce&session=865d8438f0c63c81c09ae2324dd0d6ce865d8438f0c63c81c09ae2324dd0d6ce pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (iPhone; CPU iPhone OS 10_3_1 like Mac OS X) AppleWebKit/603.1.30 (KHTML, like Gecko) Version/10.0 Mobile/14E304 Safari/602.1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US cookie PHPSESSID=7d8e44fb548c9779fa231cbaf17f30c1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 10_3_1 like Mac OS X) AppleWebKit/603.1.30 (KHTML, like Gecko) Version/10.0 Mobile/14E304 Safari/602.1 Response headers x-powered-by PHP/7.3.25 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache content-type text/html; charset=UTF-8 content-encoding br vary Accept-Encoding date Mon, 25 Jan 2021 07:34:04 GMT server LiteSpeed Redirect headers x-powered-by PHP/7.3.25 set-cookie PHPSESSID=7d8e44fb548c9779fa231cbaf17f30c1; path=/; secure expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-cache, no-store, must-revalidate, max-age=0 pragma no-cache location app/index?id=865d8438f0c63c81c09ae2324dd0d6ce865d8438f0c63c81c09ae2324dd0d6ce&session=865d8438f0c63c81c09ae2324dd0d6ce865d8438f0c63c81c09ae2324dd0d6ce content-type text/html; charset=UTF-8 content-length 0 date Mon, 25 Jan 2021 07:34:03 GMT server LiteSpeed alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
GET		style.css three-billing.cc/app/css/	0 0

GET		base2.min.css three-billing.cc/app/css/	0 0

GET		responsive.min.css three-billing.cc/app/css/	0 0

GET		aria-carousel.min.css three-billing.cc/app/css/	0 0

GET		banners.min.css three-billing.cc/app/css/	0 0

GET		search-results-overide.css three-billing.cc/app/css/	0 0

GET		type.min.css three-billing.cc/app/css/	0 0

GET		safe-base2018.min.css three-billing.cc/app/css/	0 0

GET		safe-base2018.min(1).css three-billing.cc/app/css/	0 0

GET		jquery-2.1.1.min.js.download three-billing.cc/app/js/	0 0

GET		head2.min.js.download three-billing.cc/app/js/	0 0

GET		three-logo.svg three-billing.cc/app/img/	0 0

GET		bcse.min.css three-billing.cc/app/css/	0 0

GET		all-span-classes.min.css three-billing.cc/app/css/	0 0

GET		button.min.css three-billing.cc/app/css/	0 0

GET		all-span-classes-phone.min.css three-billing.cc/app/css/	0 0

GET		forms.min.css three-billing.cc/app/css/	0 0

GET		AppleStore,0.png three-billing.cc/app/img/	0 0

GET		google+play+badge+for+app,0.png three-billing.cc/app/img/	0 0

GET		wuntu_logo,3.png three-billing.cc/app/img/	0 0

GET		EJ1.jpg three-billing.cc/app/img/	0 0

GET		forms.min.js.download three-billing.cc/app/js/	0 0

GET		magicpassword.min.js.download three-billing.cc/app/js/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: three-billing.cc
URL: https://three-billing.cc/app/css/style.css

Domain: three-billing.cc
URL: https://three-billing.cc/app/css/base2.min.css

Domain: three-billing.cc
URL: https://three-billing.cc/app/css/responsive.min.css

Domain: three-billing.cc
URL: https://three-billing.cc/app/css/aria-carousel.min.css

Domain: three-billing.cc
URL: https://three-billing.cc/app/css/banners.min.css

Domain: three-billing.cc
URL: https://three-billing.cc/app/css/search-results-overide.css

Domain: three-billing.cc
URL: https://three-billing.cc/app/css/type.min.css

Domain: three-billing.cc
URL: https://three-billing.cc/app/css/safe-base2018.min.css

Domain: three-billing.cc
URL: https://three-billing.cc/app/css/safe-base2018.min(1).css

Domain: three-billing.cc
URL: https://three-billing.cc/app/js/jquery-2.1.1.min.js.download

Domain: three-billing.cc
URL: https://three-billing.cc/app/js/head2.min.js.download

Domain: three-billing.cc
URL: https://three-billing.cc/app/img/three-logo.svg

Domain: three-billing.cc
URL: https://three-billing.cc/app/css/bcse.min.css

Domain: three-billing.cc
URL: https://three-billing.cc/app/css/all-span-classes.min.css

Domain: three-billing.cc
URL: https://three-billing.cc/app/css/button.min.css

Domain: three-billing.cc
URL: https://three-billing.cc/app/css/all-span-classes-phone.min.css

Domain: three-billing.cc
URL: https://three-billing.cc/app/css/forms.min.css

Domain: three-billing.cc
URL: https://three-billing.cc/app/img/AppleStore,0.png

Domain: three-billing.cc
URL: https://three-billing.cc/app/img/google+play+badge+for+app,0.png

Domain: three-billing.cc
URL: https://three-billing.cc/app/img/wuntu_logo,3.png

Domain: three-billing.cc
URL: https://three-billing.cc/app/img/EJ1.jpg

Domain: three-billing.cc
URL: https://three-billing.cc/app/js/forms.min.js.download

Domain: three-billing.cc
URL: https://three-billing.cc/app/js/magicpassword.min.js.download

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

three-billing.cc
three-billing.cc
111.90.142.159
4201d82e6e65fd9dc4c866cf6b067129d5480716628dbf07d9b84d2a76dcdb67

three-billing.cc Open in urlscan Pro 111.90.142.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

4 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

13 kBTransfer

115 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

three-billing.cc Open in urlscan Pro
111.90.142.159 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

4 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

13 kB
Transfer

115 kB
Size

0
Cookies

24 HTTP transactions
0 data transactions