pioneerfashionltd.com
Open in
urlscan Pro
194.147.58.175
Malicious Activity!
Public Scan
Submission: On May 23 via manual from LU — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 15th 2024. Valid for: 3 months.
This is the only time pioneerfashionltd.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Community Verdicts: Malicious — 1 votes Show Verdicts
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 194.147.58.175 194.147.58.175 | 51167 (CONTABO) (CONTABO) | |
2 | 2a00:1450:400... 2a00:1450:4001:80e::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
11 | 4 |
ASN51167 (CONTABO, DE)
PTR: dhakainfotech.hostingbangladesh.net
pioneerfashionltd.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
pioneerfashionltd.com
pioneerfashionltd.com |
64 KB |
2 |
gstatic.com
fonts.gstatic.com |
3 MB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237 |
73 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 |
2 KB |
11 | 4 |
Domain | Requested by | |
---|---|---|
5 | pioneerfashionltd.com |
pioneerfashionltd.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | cdnjs.cloudflare.com |
pioneerfashionltd.com
|
2 | fonts.googleapis.com |
pioneerfashionltd.com
|
11 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
pioneerfashionltd.com R3 |
2024-05-15 - 2024-08-13 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
*.gstatic.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://pioneerfashionltd.com/GLSGROUP/
Frame ID: AEF74EBD1687AA293E3CA97B53A45315
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
GLSDetected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
pioneerfashionltd.com/GLSGROUP/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.css
pioneerfashionltd.com/GLSGROUP/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
11 KB 772 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/ |
283 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.mask.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
631 B 809 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GLS_Logo_2021.svg.png
pioneerfashionltd.com/GLSGROUP/css/ |
58 KB 58 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
pioneerfashionltd.com/GLSGROUP/css/ |
318 B 318 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ |
32 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kJEhBvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oFsI.woff2
fonts.gstatic.com/s/materialsymbolsoutlined/v183/ |
3 MB 3 MB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
pioneerfashionltd.com/GLSGROUP/css/ |
15 KB 3 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Malicious
page.url
Submitted on
May 23rd 2024, 8:13:03 pm
UTC —
From Luxembourg
Threats:
Phishing
Brands:
General Logistic Systems
NL
Comment: Phishing site impersonating GLS, spread via spam.
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| $jscomp function| validate_creditcardnumber function| check1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
pioneerfashionltd.com/ | Name: PHPSESSID Value: 8dc72830331f2e3a93de28e79ceb06d5 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
pioneerfashionltd.com
104.17.25.14
194.147.58.175
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2003
22798a759b5bb551c54279a9d91dda9608f9f363f5a2841edd243bd253c9fd9d
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
4265f0a9ddeed949a73fb421dfd13993748a1624d32423c3920857e6ea61040f
58e2c906c9bc63bc61c999a8ba35c24f62fd88b1c0ddf24f5c8dae97b20888c4
5fd4a57f1c49c3b1224a42e60c0a9eb665ecc4ae75b669dcedc93632ca684368
970185e1a5f6cc6ee27ddbabf39f9d9fc39aaad1b4588b65ac10c79e642d66fc
a6cbaf309920e975f6ab95f63cda6581053bdd6cf8ba99b606edf4ce6966eeed
b0c7e6712ecbf97a1e3a14f19e3aed5dbd6553f21a2852565bfc5518925713db
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bee156a8aafd5c7c174e8c64356099b12ee104ad521bc43493bf5b65100d82f0
df3941e6cdaec28533ad72b7053ec05f7172be88ecada345c42736bc2ffba4d2