grupogiezi.com Open in urlscan Pro
165.227.124.226 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fleacontrolmelbourne.com.au/ass9d
Effective URL:
https://grupogiezi.com/login
Submission: On November 06 via manual (November 6th 2023, 11:36:22 pm UTC) from AU — Scanned from AU

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 165.227.124.226, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is grupogiezi.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on February 23rd 2023. Valid for: a year.

This is the only time grupogiezi.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bendigo Bank (Banking)

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.150.135.180 103.150.135.180	140576 (VPSBLOCKS...) (VPSBLOCKSPTYLTD-AS-AP VPSBlocks Pty Ltd)
11	165.227.124.226 165.227.124.226	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	151.101.1.229 151.101.1.229	54113 (FASTLY) (FASTLY)
13	2

1 103.150.135.180 (Melbourne, Australia) 1 redirects

ASN140576 (VPSBLOCKSPTYLTD-AS-AP VPSBlocks Pty Ltd, AU)
PTR: vps.fleacontrolmelbourne.com.au

fleacontrolmelbourne.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 165.227.124.226 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: xpcp19005.xpress.com.mx

grupogiezi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	grupogiezi.com grupogiezi.com	166 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	283 KB
1	fleacontrolmelbourne.com.au 1 redirects fleacontrolmelbourne.com.au	249 B
13	3

	Domain	Requested by
11	grupogiezi.com	grupogiezi.com
2	cdn.jsdelivr.net	grupogiezi.com
1	fleacontrolmelbourne.com.au	1 redirects
13	3

This site contains no links.

Subject Issuer	Validity	Valid
www.grupogiezi.com AlphaSSL CA - SHA256 - G4	`2023-02-23` - `2024-03-26`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://grupogiezi.com/login
Frame ID: 656E2286B9A6F4C179A88E9D3696487B
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bendigo Bank - Log in to e-banking

Page URL History Show full URLs

https://fleacontrolmelbourne.com.au/ass9d HTTP 301
https://grupogiezi.com/login Page URL

Detected technologies

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

449 kB
Transfer

3078 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fleacontrolmelbourne.com.au/ass9d HTTP 301
https://grupogiezi.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
grupogiezi.com/
Redirect Chain

https://fleacontrolmelbourne.com.au/ass9d
https://grupogiezi.com/login

12 KB
13 KB

1639ms
940ms

Document
text/html

165.227.124.226
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://grupogiezi.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.124.226 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: xpcp19005.xpress.com.mx
Software: Apache /
Resource Hash: 7d80353498ea99e42be51a54fa76056e0207727f17323012c00f29754921a0dd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 Nov 2023 23:36:15 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 236
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 06 Nov 2023 23:36:13 GMT
Keep-Alive: timeout=5, max=100
Location: Https://grupogiezi.com/login
Server: Apache

GET
H2 200 axios.min.js Show response
cdn.jsdelivr.net/npm/axios/dist/ 32 KB
13 KB 239ms
77ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js

Requested by

Host: grupogiezi.com
URL: https://grupogiezi.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1dc60b613493f242077201a552d894e8b6bbf844396e92206441a3772e19f8d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://grupogiezi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Nov 2023 23:36:16 GMT
x-content-type-options: nosniff
content-encoding: br
age: 30084
x-jsd-version: 1.6.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12769
x-served-by: cache-fra-etou8220076-FRA, cache-adl2040028-ADL
x-jsd-version-type: version
etag: W/"7e3c-e1wBNFHIUnqeYFwFmjZKh5MDVVo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tailwind.min.css
cdn.jsdelivr.net/npm/tailwindcss@2.2.16/dist/ 3 MB
270 KB 238ms
76ms Stylesheet
text/css 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/tailwindcss@2.2.16/dist/tailwind.min.css

Requested by

Host: grupogiezi.com
URL: https://grupogiezi.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ad8adec7567bd4d3cc26905bc9eca910da0f99d14191c35b235d1993233c387a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://grupogiezi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Nov 2023 23:36:16 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4140509
x-jsd-version: 2.2.16
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 275863
x-served-by: cache-fra-eddf8230090-FRA, cache-adl2040028-ADL
x-jsd-version-type: version
etag: W/"2cc503-tOGr5UnSnev1zZ3/tOmmrUwWASU"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK app.css
grupogiezi.com/css/ 500 B
542 B 600ms
348ms Stylesheet
text/css 165.227.124.226
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://grupogiezi.com/css/app.css
Requested by: Host: grupogiezi.com
URL: https://grupogiezi.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.124.226 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: xpcp19005.xpress.com.mx
Software: Apache /
Resource Hash: 2a045bb64fbd5d21fc51df52e3ccc47495ba969478e69019e519385e0a33541f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://grupogiezi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 23:36:16 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Nov 2023 18:32:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 244

GET
H/1.1 200
OK footer.css
grupogiezi.com/css/ 8 KB
2 KB 954ms
353ms Stylesheet
text/css 165.227.124.226
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://grupogiezi.com/css/footer.css
Requested by: Host: grupogiezi.com
URL: https://grupogiezi.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.124.226 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: xpcp19005.xpress.com.mx
Software: Apache /
Resource Hash: 065e6ee5bad4bc9c146f1aa7cad37ce9181360c02ff1b3b43194b5f1bdadbd01

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://grupogiezi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 23:36:17 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Nov 2023 15:59:52 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1619

GET
H/1.1 200
OK loader.css
grupogiezi.com/css/ 620 B
631 B 1032ms
338ms Stylesheet
text/css 165.227.124.226
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://grupogiezi.com/css/loader.css
Requested by: Host: grupogiezi.com
URL: https://grupogiezi.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.124.226 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: xpcp19005.xpress.com.mx
Software: Apache /
Resource Hash: 97c3f0d30f44ae22949de85a6f7112fc2ac7c5fc9fe2fa84d03437a7ee4f3085

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://grupogiezi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 23:36:17 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Nov 2023 17:06:00 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 332

GET
H/1.1 200
OK logo.svg
grupogiezi.com/assets/images/images/ 6 KB
3 KB 1044ms
348ms Image
image/svg+xml 165.227.124.226
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grupogiezi.com/assets/images/images/logo.svg
Requested by: Host: grupogiezi.com
URL: https://grupogiezi.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.124.226 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: xpcp19005.xpress.com.mx
Software: Apache /
Resource Hash: 9e543ff55570b1c12e8da269a4d4800eff0b214c68b931128c0358b7a58c6be6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://grupogiezi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 23:36:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Oct 2023 23:22:06 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2435

GET
H/1.1 200
OK phone.svg
grupogiezi.com/assets/images/icons/ 629 B
627 B 1048ms
350ms Image
image/svg+xml 165.227.124.226
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grupogiezi.com/assets/images/icons/phone.svg
Requested by: Host: grupogiezi.com
URL: https://grupogiezi.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.124.226 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: xpcp19005.xpress.com.mx
Software: Apache /
Resource Hash: 1e598d3fa3c35db74b39d4fbe7331540e252b089fd8e988132256af3700a1107

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://grupogiezi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 23:36:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Oct 2023 23:19:02 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 323

GET
H/1.1 200
OK user.png
grupogiezi.com/assets/images/icons/ 10 KB
11 KB 1033ms
351ms Image
image/png 165.227.124.226
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grupogiezi.com/assets/images/icons/user.png
Requested by: Host: grupogiezi.com
URL: https://grupogiezi.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.124.226 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: xpcp19005.xpress.com.mx
Software: Apache /
Resource Hash: cf48443bc320e71a84e143e4ef942dfa109a3e31a947f4149c0e0534c75cc885

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://grupogiezi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 23:36:17 GMT
Last-Modified: Sun, 05 Nov 2023 12:38:50 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10606

GET
H/1.1 200
OK password.png
grupogiezi.com/assets/images/icons/ 10 KB
10 KB 451ms
350ms Image
image/png 165.227.124.226
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grupogiezi.com/assets/images/icons/password.png
Requested by: Host: grupogiezi.com
URL: https://grupogiezi.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.124.226 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: xpcp19005.xpress.com.mx
Software: Apache /
Resource Hash: a74c59bc3e9fefd6e3a885e0ba305d5b856f433c1e43a24409bc3fab4c6ecb9b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://grupogiezi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 23:36:17 GMT
Last-Modified: Sun, 05 Nov 2023 13:05:30 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9928

GET
H/1.1 200
OK app-store.svg
grupogiezi.com/assets/images/images/ 7 KB
3 KB 350ms
349ms Image
image/svg+xml 165.227.124.226
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grupogiezi.com/assets/images/images/app-store.svg
Requested by: Host: grupogiezi.com
URL: https://grupogiezi.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.124.226 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: xpcp19005.xpress.com.mx
Software: Apache /
Resource Hash: 523f9a0b4d6199f080c54328d15ddf392dd79e25dae8b57c842a0d604a563a56

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://grupogiezi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 23:36:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Oct 2023 23:56:36 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3046

GET
H/1.1 200
OK play-store.svg
grupogiezi.com/assets/images/images/ 7 KB
3 KB 341ms
340ms Image
image/svg+xml 165.227.124.226
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grupogiezi.com/assets/images/images/play-store.svg
Requested by: Host: grupogiezi.com
URL: https://grupogiezi.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.124.226 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: xpcp19005.xpress.com.mx
Software: Apache /
Resource Hash: d64a6776e14f1d0c54a9cb57fc425570cb950aaa08889f44da461fab90a9df06

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://grupogiezi.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 23:36:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Oct 2023 13:16:44 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2544

GET
H/1.1 200
OK bottom-banner.jpg
grupogiezi.com/assets/images/images/ 120 KB
120 KB 372ms
372ms Image
image/jpeg 165.227.124.226
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grupogiezi.com/assets/images/images/bottom-banner.jpg
Requested by: Host: grupogiezi.com
URL: https://grupogiezi.com/css/footer.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.124.226 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: xpcp19005.xpress.com.mx
Software: Apache /
Resource Hash: 42bbce07fbfd4b2b2d7d8297065238543646ec3113de6e39ea3fde25a54a6b0d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://grupogiezi.com/css/footer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 23:36:17 GMT
Last-Modified: Sat, 21 Oct 2023 06:01:26 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 122897

Verdicts & Comments Add Verdict or Comment

Malicious task.url
Submitted on November 6th 2023, 11:38:44 pm UTC — From Australia

Threats: Phishing
Brands: Bendigo Bank AU
Comment: confirmed phishing email link targeting bendigo bank

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bendigo Bank (Banking)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| axios

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			grupogiezi.com/	1970-01-20 16:02:00	Name: XSRF-TOKEN Value: eyJpdiI6Ii9Ib3dFKyt1WFdlNVMxZlNMaC8rc0E9PSIsInZhbHVlIjoiSU94d1RTUUtXTGJaMnhydUVFRWFsOEE1YmVQc2NPaDJQcXB2S1dYUFhEUGxvU3orcDJWUTVLcVBob3dvUlhZd2I0MlVuLzRmNkI3V3pmUzQ3anNqeGwwdXdGUDMyVUh0VmIvZVpIQklSNW9PVVVCZnRDSUIwYTNyVmtQdGhUWUciLCJtYWMiOiI3NDliNTQyYTkxYTNkNGU0N2Y0YzdiNTEzM2JhZmUwYjdiMTAyZTgwYmJmOThhYmU3ZWIxNGQ2Njg0ODUxNmFhIiwidGFnIjoiIn0%3D
			grupogiezi.com/	1970-01-20 16:02:00	Name: bendigo_bank_session Value: eyJpdiI6IlV1QkN0cGJud2hGRjNqQ2tTUXdhRUE9PSIsInZhbHVlIjoiY3U3UktFUklnTjd1YTN3R216TCt1K1hMUUkzdzQ0VlFXeU5nT2N1WXlQbWt3c2RLRWNzbHc5NC9uMk5HWjBRWTFJdUpmQ2NTTHhZT0FHM3A0UzByNFF5MThqbFpaazB3eFVzMzd2VDdiL3NvVzJrUzdJM013a2Q4ZnVnZVdtTG0iLCJtYWMiOiJmYzFkZGViOWUyMmRhM2QxOGNjNWM1MzRlZjczYmNiMzVlZDg0ZmFjZjQ3YTJhYzQxZDRjMDk5N2ExNDdiZTQwIiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fleacontrolmelbourne.com.au
grupogiezi.com
103.150.135.180
151.101.1.229
165.227.124.226
065e6ee5bad4bc9c146f1aa7cad37ce9181360c02ff1b3b43194b5f1bdadbd01
1dc60b613493f242077201a552d894e8b6bbf844396e92206441a3772e19f8d5
1e598d3fa3c35db74b39d4fbe7331540e252b089fd8e988132256af3700a1107
2a045bb64fbd5d21fc51df52e3ccc47495ba969478e69019e519385e0a33541f
42bbce07fbfd4b2b2d7d8297065238543646ec3113de6e39ea3fde25a54a6b0d
523f9a0b4d6199f080c54328d15ddf392dd79e25dae8b57c842a0d604a563a56
7d80353498ea99e42be51a54fa76056e0207727f17323012c00f29754921a0dd
97c3f0d30f44ae22949de85a6f7112fc2ac7c5fc9fe2fa84d03437a7ee4f3085
9e543ff55570b1c12e8da269a4d4800eff0b214c68b931128c0358b7a58c6be6
a74c59bc3e9fefd6e3a885e0ba305d5b856f433c1e43a24409bc3fab4c6ecb9b
ad8adec7567bd4d3cc26905bc9eca910da0f99d14191c35b235d1993233c387a
cf48443bc320e71a84e143e4ef942dfa109a3e31a947f4149c0e0534c75cc885
d64a6776e14f1d0c54a9cb57fc425570cb950aaa08889f44da461fab90a9df06

grupogiezi.com Open in urlscan Pro 165.227.124.226 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

449 kBTransfer

3078 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Malicious task.url Submitted on November 6th 2023, 11:38:44 pm UTC — From Australia

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

2 Cookies

Indicators

grupogiezi.com Open in urlscan Pro
165.227.124.226 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

449 kB
Transfer

3078 kB
Size

2
Cookies

13 HTTP transactions
0 data transactions

Malicious task.url
Submitted on November 6th 2023, 11:38:44 pm UTC — From Australia

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!