zippingglenwoodsprings.com
Open in
urlscan Pro
172.67.207.245
Public Scan
Submitted URL: http://zippingglenwoodsprings.com/
Effective URL: https://zippingglenwoodsprings.com/
Submission Tags: @phish_report
Submission: On September 17 via api from FI — Scanned from AU
Effective URL: https://zippingglenwoodsprings.com/
Submission Tags: @phish_report
Submission: On September 17 via api from FI — Scanned from AU
Summary
This website contacted 9 IPs
in 3 countries
across 7 domains to perform 29 HTTP transactions.
The main IP is 172.67.207.245, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is zippingglenwoodsprings.com.
TLS certificate: Issued by WE1 on September 16th 2024. Valid for: 3 months.
This is the only time zippingglenwoodsprings.com was scanned on urlscan.io!
TLS certificate: Issued by WE1 on September 16th 2024. Valid for: 3 months.
This is the only time zippingglenwoodsprings.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 15 | 172.67.207.245 172.67.207.245 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 4 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 54.231.199.16 54.231.199.16 | 16509 (AMAZON-02) (AMAZON-02) | |
| 3 | 35.173.113.67 35.173.113.67 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 | 18.173.121.51 18.173.121.51 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 104.18.11.207 104.18.11.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 142.250.71.74 142.250.71.74 | 15169 (GOOGLE) (GOOGLE) | |
| 1 2 | 142.250.204.4 142.250.204.4 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 3.239.247.150 3.239.247.150 | () () | |
| 29 | 9 |
1
54.231.199.16
(Ashburn, United States)
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
| s3.amazonaws.com |
3
35.173.113.67
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-113-67.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-113-67.compute-1.amazonaws.com
| xola.com |
1
18.173.121.51
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-173-121-51.sfo53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-173-121-51.sfo53.r.cloudfront.net
| botcdn.xola.com |
1
142.250.71.74
(Plainview, United States)
ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f10.1e100.net
ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f10.1e100.net
| fonts.googleapis.com |
2
142.250.204.4
(Sydney, Australia)
ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f4.1e100.net
ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f4.1e100.net
| www.google.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 15 |
zippingglenwoodsprings.com
1 redirects
zippingglenwoodsprings.com |
2 MB |
| 6 |
xola.com
xola.com — Cisco Umbrella Rank: 84159 botcdn.xola.com — Cisco Umbrella Rank: 168554 bot.xola.com |
217 KB |
| 4 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 215 |
12 KB |
| 2 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 3 |
17 B |
| 2 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3276 |
84 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
758 B |
| 1 |
amazonaws.com
s3.amazonaws.com |
140 KB |
| 29 | 7 |
| Domain | Requested by | |
|---|---|---|
| 15 | zippingglenwoodsprings.com |
1 redirects
zippingglenwoodsprings.com
|
| 4 | cdnjs.cloudflare.com |
zippingglenwoodsprings.com
xola.com |
| 3 | xola.com |
zippingglenwoodsprings.com
xola.com |
| 2 | bot.xola.com |
botcdn.xola.com
|
| 2 | www.google.com |
1 redirects
zippingglenwoodsprings.com
|
| 2 | stackpath.bootstrapcdn.com |
botcdn.xola.com
stackpath.bootstrapcdn.com |
| 1 | fonts.googleapis.com |
botcdn.xola.com
|
| 1 | botcdn.xola.com |
xola.com
|
| 1 | s3.amazonaws.com |
zippingglenwoodsprings.com
|
| 29 | 9 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| 1firstcashadvance.org |
| www.tripadvisor.com |
| store.picthrive.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| zippingglenwoodsprings.com WE1 |
2024-09-16 - 2024-12-15 |
3 months | crt.sh |
| cdnjs.cloudflare.com WE1 |
2024-07-31 - 2024-10-29 |
3 months | crt.sh |
| s3.amazonaws.com Amazon RSA 2048 M01 |
2024-05-25 - 2025-05-02 |
a year | crt.sh |
| *.xola.com Amazon RSA 2048 M02 |
2024-06-27 - 2025-07-26 |
a year | crt.sh |
| bootstrapcdn.com WE1 |
2024-07-23 - 2024-10-21 |
3 months | crt.sh |
| upload.video.google.com WR2 |
2024-08-12 - 2024-11-04 |
3 months | crt.sh |
| *.google.com WR2 |
2024-08-12 - 2024-11-04 |
3 months | crt.sh |
| bot.xola.com R11 |
2024-08-06 - 2024-11-04 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://zippingglenwoodsprings.com/
Frame ID: D9452A0A06D76DA0CEA0734E5B5D7E90
Requests: 27 HTTP requests in this frame
Frame:
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s1308+County+Road+129,+Glenwood+Springs,+Colorado+81601!6i14!3m1!1sen!5m1!1sen
Frame ID: BFE8A2357D0CC68CB336C0DE9537BE85
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Glenwood Canyon Zip Line | Things to Do | Glenwood Springs, COPage URL History Show full URLs
-
http://zippingglenwoodsprings.com/
HTTP 307
https://zippingglenwoodsprings.com/ Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
Prototype
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
- googleapis\.com/.+webfont
MailChimp
(Marketing Automation)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
Polyfill
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /polyfill\.min\.js
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
URL: https://1firstcashadvance.org/blog/vacation-loans-for-bad-credit-your-guide-in-travel/
Title: travel financing
Title: travel financing
Search URL Search Domain Scan URL
URL: https://www.tripadvisor.com/
Search URL Search Domain Scan URL
URL: https://store.picthrive.com/colorado_adventure_center_glenwood_springs/
Title: Purchase Trip Photos
Title: Purchase Trip Photos
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://zippingglenwoodsprings.com/
HTTP 307
https://zippingglenwoodsprings.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 17- https://zippingglenwoodsprings.com/wp-content/plugins/site-reviews/assets/images/star-full.svg HTTP 301
- https://zippingglenwoodsprings.com/
- https://www.google.com/maps?q=1308%20County%20Road%20129%2C%20Glenwood%20Springs%2C%20Colorado%2081601&output=embed&hl=en&z=14 HTTP 301
- https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s1308+County+Road+129,+Glenwood+Springs,+Colorado+81601!6i14!3m1!1sen!5m1!1sen
29 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
zippingglenwoodsprings.com/ Redirect Chain
|
94 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
338-layout.css
zippingglenwoodsprings.com/wp-content/uploads/bb-plugin/cache/ |
28 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.min.css
zippingglenwoodsprings.com/wp-content/themes/mesmerize-pro/ |
143 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
polyfill.min.js
cdnjs.cloudflare.com/polyfill/v3/ |
104 B 745 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
zippingglenwoodsprings.com/ |
94 KB 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
CAC_Horizontal_logo-GlenCanZip-white.png
zippingglenwoodsprings.com/wp-content/uploads/2018/02/ |
41 KB 42 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gczip2017-20-300x199.jpg
zippingglenwoodsprings.com/wp-content/uploads/2018/01/ |
54 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ |
140 KB 140 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
checkout.js
xola.com/ |
45 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gczip2017-16.jpg
zippingglenwoodsprings.com/wp-content/uploads/2018/01/ |
739 KB 740 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gczip2017-10-300x199.jpg
zippingglenwoodsprings.com/wp-content/uploads/2018/01// |
46 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Rafting-the-Glenwood-Canyon-GSRaft1091.jpg-300x200.jpg
zippingglenwoodsprings.com/wp-content/uploads/2018/02/ |
41 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gczip2017-41-1024x680.jpg
zippingglenwoodsprings.com/wp-content/uploads/2018/01/ |
306 KB 307 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
cabins-8-1024x683.jpg
zippingglenwoodsprings.com/wp-content/uploads/2018/02/ |
246 KB 247 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
how-to-plan-a-budget-friendly-road-trip-to-glenwood-canyon-1024x680.jpg
zippingglenwoodsprings.com/wp-content/uploads/2018/01/ |
255 KB 256 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
iframeResizer.min.js
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/2.8.10/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
polyfill.min.js
cdnjs.cloudflare.com/polyfill/v3/ |
216 B 760 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
externalLinks
xola.com/ |
154 B 323 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
zippingglenwoodsprings.com/ Redirect Chain
|
64 KB 64 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
easyXDM.min.js
cdnjs.cloudflare.com/ajax/libs/easyXDM/2.4.20/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
client
botcdn.xola.com/ |
668 KB 202 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
telemetry
xola.com/api/ |
98 B 325 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
1 KB 758 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
embed
www.google.com/maps/ Frame BFE8 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
favicon-32x32.png
zippingglenwoodsprings.com/ |
2 KB 3 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
activity
bot.xola.com/ |
0 244 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
activity
bot.xola.com/ Frame |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| mesmerizeDomReady function| mesmerizeSetHeaderTopSpacing object| _sliderSettings object| xola function| iFrameResize object| mc function| $mcj object| fnames object| ftypes object| mesmerize_morph object| mesmerize_theme_pro_settings object| easyXDM object| gascrolldepth function| setImmediate function| clearImmediate function| P object| YXZhaWxhYmxlWG9sYWJvdE1vZHVsZVBhY2thZ2Vz object| Xolabot0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bot.xola.com
botcdn.xola.com
cdnjs.cloudflare.com
fonts.googleapis.com
s3.amazonaws.com
stackpath.bootstrapcdn.com
www.google.com
xola.com
zippingglenwoodsprings.com
104.17.25.14
104.18.11.207
142.250.204.4
142.250.71.74
172.67.207.245
18.173.121.51
3.239.247.150
35.173.113.67
54.231.199.16
13698620ac4c22c4d9dabefab53979326f30680c2c5eef86f190fdb7c8dcf5eb
1756e10027ec592d111933cd52d5a491cb72cb1354b710e403276ccc78405154
2231bb8a5ba85413f7a9737ef10bce462c382c1e0ede53d986eebac7f147707e
2241f76864cfbc36519532c793a039512d979f5ebe170e7bf0a31e406993aca0
266aad0852697363604e637789291d46a552531739a69d36e7d63fb9a464eabe
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2beaae3ada8209f988c2a5dce85ff90e8ffdcbbb07dc57f86d54592216924fcc
2c10343a757e75d98da23fc363bee420a5bd39d6f950a1bec81e104c8181d6ae
63b64daa67a502ee7d5619749421ed4f40276215d1e1d731b830416988af4d3c
69cc0bee1e394285cafb198a83ad38f55ba2954c7504b0c4ec77d7eb03946603
6af0f924d16367733eb15fb6fcc1ed4b937b0462598645070c05fe499d0508d4
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
75b2c04d640d36247a46a411009aa8683939298e5177a2086fb8b77e319fffb6
77a145904c411713066ca2fa056b90d6d233e8e9c715553eba469c9804646e90
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8d7212f35dce70c318fcabe674da3723b3d177e9d3057e4188dd9789e800a820
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
c7107f8aa3d4c481ecb79ac9502534c4db4ef12a5885020cd7b40b1a80b62b6c
d06ce2bcd8e81c791890c0b8bf9f4bb926460d265f24effd91a1d2ae52ae582f
d188ce0e476bf4994827347d4433fec168619bb7eb2adf13aaec6fced0caf7eb
db3fba123571a2c5acf3ee9600eb8e98518b2145b1c77daf58474057e3907c8c
db7f7b998d4a343c4759d5ab430945c283ef58df0c5fc6108f68f49810ab61a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67bae5cebcb742b11c4200d47725af65e67c9e713a50c16aa0cde04046989f9
f1c26200270237b299f63332a18bbb4936da1dc1dea070821e22077238defd05