pioneerfashionltd.com Open in urlscan Pro
194.147.58.175 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pioneerfashionltd.com/GLSGROUP/
Submission: On May 23 via manual (May 23rd 2024, 8:12:21 pm UTC) from LU — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 194.147.58.175, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is pioneerfashionltd.com.
TLS certificate: Issued by R3 on May 15th 2024. Valid for: 3 months.

This is the only time pioneerfashionltd.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
5	194.147.58.175 194.147.58.175	51167 (CONTABO) (CONTABO)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
11	4

5 194.147.58.175 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: dhakainfotech.hostingbangladesh.net

pioneerfashionltd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	pioneerfashionltd.com pioneerfashionltd.com	64 KB
2	gstatic.com fonts.gstatic.com	3 MB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	73 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
11	4

	Domain	Requested by
5	pioneerfashionltd.com	pioneerfashionltd.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cdnjs.cloudflare.com	pioneerfashionltd.com
2	fonts.googleapis.com	pioneerfashionltd.com
11	4

This site contains no links.

Subject Issuer	Validity	Valid
pioneerfashionltd.com R3	`2024-05-15` - `2024-08-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pioneerfashionltd.com/GLSGROUP/
Frame ID: AEF74EBD1687AA293E3CA97B53A45315
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GLS

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

3230 kB
Transfer

3471 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
pioneerfashionltd.com/GLSGROUP/ 3 KB
2 KB 3305ms
78ms Document
text/html 194.147.58.175
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://pioneerfashionltd.com/GLSGROUP/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.147.58.175 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: dhakainfotech.hostingbangladesh.net
Software: nginx /
Resource Hash: 58e2c906c9bc63bc61c999a8ba35c24f62fd88b1c0ddf24f5c8dae97b20888c4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 23 May 2024 20:12:17 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK index.css
pioneerfashionltd.com/GLSGROUP/css/ 4 KB
1 KB 50ms
47ms Stylesheet
text/css 194.147.58.175
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://pioneerfashionltd.com/GLSGROUP/css/index.css
Requested by: Host: pioneerfashionltd.com
URL: https://pioneerfashionltd.com/GLSGROUP/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.147.58.175 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: dhakainfotech.hostingbangladesh.net
Software: nginx /
Resource Hash: 970185e1a5f6cc6ee27ddbabf39f9d9fc39aaad1b4588b65ac10c79e642d66fc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pioneerfashionltd.com/GLSGROUP/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 20:12:17 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 May 2024 20:51:58 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
772 B 149ms
48ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500;600;700&display=swap

Requested by

Host: pioneerfashionltd.com
URL: https://pioneerfashionltd.com/GLSGROUP/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

22798a759b5bb551c54279a9d91dda9608f9f363f5a2841edd243bd253c9fd9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pioneerfashionltd.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 May 2024 20:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 May 2024 20:10:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 May 2024 20:12:17 GMT

GET
H3 200 jquery.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/ 283 KB
70 KB 116ms
57ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.js

Requested by

Host: pioneerfashionltd.com
URL: https://pioneerfashionltd.com/GLSGROUP/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df3941e6cdaec28533ad72b7053ec05f7172be88ecada345c42736bc2ffba4d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pioneerfashionltd.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:12:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 509069
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 70588
last-modified: Fri, 26 Aug 2022 18:34:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63091225-113bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c0SfepWgMhM%2BDXhgrBDRECNyaEX7BtnujJ%2F1vnQGe3LW%2FVZ%2FuG9xxZYxL%2BOAOhTk8RFnoBPkit4ZkFuFbg9XAFweopfnVSnhiFhOciGrZ38N4syaYqbM61bOYjFk5xeJqz3acCch"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8887b3312946193c-FRA
expires: Tue, 13 May 2025 20:12:17 GMT

GET
H3 200 jquery.mask.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/ 8 KB
4 KB 114ms
55ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js

Requested by

Host: pioneerfashionltd.com
URL: https://pioneerfashionltd.com/GLSGROUP/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pioneerfashionltd.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:12:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 172500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3074
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-2087"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7xQ3caagTVHJFYyhG%2FTwdqFmRtH6zmoI4BahOZq%2F%2BuUkwvYnxBr5ZhFJ3wDYyeJpkFOWdQ8Iv4G4%2BeKdKN5u1Ivpok46E%2BQVXMeIeQwwZaAV054IcqFkhYoerrzdI%2BwKdryQKE0H"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8887b3312941193c-FRA
expires: Tue, 13 May 2025 20:12:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ 631 B
809 B 147ms
48ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200

Requested by

Host: pioneerfashionltd.com
URL: https://pioneerfashionltd.com/GLSGROUP/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4265f0a9ddeed949a73fb421dfd13993748a1624d32423c3920857e6ea61040f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pioneerfashionltd.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 May 2024 20:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 May 2024 20:12:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 May 2024 20:12:17 GMT

GET
H/1.1 200
OK GLS_Logo_2021.svg.png
pioneerfashionltd.com/GLSGROUP/css/ 58 KB
58 KB 94ms
94ms Image
image/png 194.147.58.175
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pioneerfashionltd.com/GLSGROUP/css/GLS_Logo_2021.svg.png
Requested by: Host: pioneerfashionltd.com
URL: https://pioneerfashionltd.com/GLSGROUP/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.147.58.175 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: dhakainfotech.hostingbangladesh.net
Software: nginx /
Resource Hash: 5fd4a57f1c49c3b1224a42e60c0a9eb665ecc4ae75b669dcedc93632ca684368

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pioneerfashionltd.com/GLSGROUP/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 20:12:17 GMT
Last-Modified: Sun, 19 May 2024 19:56:18 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58979
Content-Type: image/png

GET
H/1.1 403
Forbidden /
pioneerfashionltd.com/GLSGROUP/css/ 318 B
318 B 72ms
72ms Image
text/html 194.147.58.175
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pioneerfashionltd.com/GLSGROUP/css/
Requested by: Host: pioneerfashionltd.com
URL: https://pioneerfashionltd.com/GLSGROUP/css/index.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.147.58.175 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: dhakainfotech.hostingbangladesh.net
Software: nginx /
Resource Hash: b0c7e6712ecbf97a1e3a14f19e3aed5dbd6553f21a2852565bfc5518925713db

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pioneerfashionltd.com/GLSGROUP/css/index.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 20:12:17 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 157ms
40ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://pioneerfashionltd.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 268693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 May 2025 17:34:04 GMT

GET
H2 200 kJEhBvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oFsI.woff2
fonts.gstatic.com/s/materialsymbolsoutlined/v183/ 3 MB
3 MB 205ms
88ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialsymbolsoutlined/v183/kJEhBvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oFsI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6cbaf309920e975f6ab95f63cda6581053bdd6cf8ba99b606edf4ce6966eeed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://pioneerfashionltd.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:41:00 GMT
x-content-type-options: nosniff
age: 63077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3130160
x-xss-protection: 0
last-modified: Thu, 09 May 2024 19:07:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:41:00 GMT

GET
H/1.1 200
OK favicon.ico
pioneerfashionltd.com/GLSGROUP/css/ 15 KB
3 KB 66ms
60ms Other
image/x-icon 194.147.58.175
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://pioneerfashionltd.com/GLSGROUP/css/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.147.58.175 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: dhakainfotech.hostingbangladesh.net
Software: nginx /
Resource Hash: bee156a8aafd5c7c174e8c64356099b12ee104ad521bc43493bf5b65100d82f0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pioneerfashionltd.com/GLSGROUP/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 20:12:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 May 2024 12:33:22 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/x-icon
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

Malicious page.url
Submitted on May 23rd 2024, 8:13:03 pm UTC — From Luxembourg

Threats: Phishing
Brands: General Logistic Systems NL
Comment: Phishing site impersonating GLS, spread via spam.

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pioneerfashionltd.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8dc72830331f2e3a93de28e79ceb06d5

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pioneerfashionltd.com/GLSGROUP/css/ Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
pioneerfashionltd.com
104.17.25.14
194.147.58.175
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2003
22798a759b5bb551c54279a9d91dda9608f9f363f5a2841edd243bd253c9fd9d
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
4265f0a9ddeed949a73fb421dfd13993748a1624d32423c3920857e6ea61040f
58e2c906c9bc63bc61c999a8ba35c24f62fd88b1c0ddf24f5c8dae97b20888c4
5fd4a57f1c49c3b1224a42e60c0a9eb665ecc4ae75b669dcedc93632ca684368
970185e1a5f6cc6ee27ddbabf39f9d9fc39aaad1b4588b65ac10c79e642d66fc
a6cbaf309920e975f6ab95f63cda6581053bdd6cf8ba99b606edf4ce6966eeed
b0c7e6712ecbf97a1e3a14f19e3aed5dbd6553f21a2852565bfc5518925713db
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bee156a8aafd5c7c174e8c64356099b12ee104ad521bc43493bf5b65100d82f0
df3941e6cdaec28533ad72b7053ec05f7172be88ecada345c42736bc2ffba4d2

pioneerfashionltd.com Open in urlscan Pro 194.147.58.175 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

3230 kBTransfer

3471 kBSize

1 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Malicious page.url Submitted on May 23rd 2024, 8:13:03 pm UTC — From Luxembourg

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

5 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

pioneerfashionltd.com Open in urlscan Pro
194.147.58.175 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

3230 kB
Transfer

3471 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions

Malicious page.url
Submitted on May 23rd 2024, 8:13:03 pm UTC — From Luxembourg

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!