wyomingdailynews.com Open in urlscan Pro
67.222.110.133  Malicious Activity! Public Scan

Submitted URL: https://logo-vizyon.com/wp-includes/customize/redirect.php
Effective URL: https://wyomingdailynews.com/wp-content/upgrade/en/account/
Submission Tags: @ipnigh
Submission: On February 28 via api from GB

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 22 HTTP transactions. The main IP is 67.222.110.133, located in Chatsworth, United States and belongs to IHNET, US. The main domain is wyomingdailynews.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 27th 2019. Valid for: 3 months.
This is the only time wyomingdailynews.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Fibank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 52.116.49.200 36351 (SOFTLAYER)
2 12 67.222.110.133 33494 (IHNET)
22 2
Apex Domain
Subdomains
Transfer
12 wyomingdailynews.com
wyomingdailynews.com
241 KB
1 logo-vizyon.com
logo-vizyon.com
121 B
22 2
Domain Requested by
12 wyomingdailynews.com 2 redirects wyomingdailynews.com
1 logo-vizyon.com 1 redirects
22 2

This site contains links to these domains. Also see Links.

Domain
webgate.ec.europa.eu
www.thawte.com
Subject Issuer Validity Valid
wyomingdailynews.com
cPanel, Inc. Certification Authority
2019-12-27 -
2020-03-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://wyomingdailynews.com/wp-content/upgrade/en/account/
Frame ID: 25D131F4037C233059C977391A1AD6EF
Requests: 22 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://logo-vizyon.com/wp-includes/customize/redirect.php HTTP 302
    https://wyomingdailynews.com/wp-content/upgrade/en/ HTTP 302
    https://wyomingdailynews.com/wp-content/upgrade/en/account HTTP 301
    https://wyomingdailynews.com/wp-content/upgrade/en/account/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

22
Requests

45 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

240 kB
Transfer

239 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://logo-vizyon.com/wp-includes/customize/redirect.php HTTP 302
    https://wyomingdailynews.com/wp-content/upgrade/en/ HTTP 302
    https://wyomingdailynews.com/wp-content/upgrade/en/account HTTP 301
    https://wyomingdailynews.com/wp-content/upgrade/en/account/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
wyomingdailynews.com/wp-content/upgrade/en/account/
Redirect Chain
  • https://logo-vizyon.com/wp-includes/customize/redirect.php
  • https://wyomingdailynews.com/wp-content/upgrade/en/
  • https://wyomingdailynews.com/wp-content/upgrade/en/account
  • https://wyomingdailynews.com/wp-content/upgrade/en/account/
15 KB
15 KB
Document
General
Full URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.222.110.133 Chatsworth, United States, ASN33494 (IHNET, US),
Reverse DNS
astros.unisonplatform.com
Software
Apache /
Resource Hash
9a824748513b089682515868b378dd6a3503b905e30f9ed6d88e89ccceeb9ebe

Request headers

Host
wyomingdailynews.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Date
Fri, 28 Feb 2020 03:01:05 GMT
Server
Apache
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Fri, 28 Feb 2020 03:01:05 GMT
Server
Apache
Location
https://wyomingdailynews.com/wp-content/upgrade/en/account/
Content-Length
267
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
myalertcss.css
wyomingdailynews.com/wp-content/upgrade/en/account/security/INC/
2 KB
2 KB
Stylesheet
General
Full URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/security/INC/myalertcss.css
Requested by
Host: wyomingdailynews.com
URL: https://wyomingdailynews.com/wp-content/upgrade/en/account/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.222.110.133 Chatsworth, United States, ASN33494 (IHNET, US),
Reverse DNS
astros.unisonplatform.com
Software
Apache /
Resource Hash
33355621a2ff3ea01c33f9d30792f92457ee4eb949ed437ce190ac444ff194d2

Request headers

Referer
https://wyomingdailynews.com/wp-content/upgrade/en/account/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Fri, 28 Feb 2020 03:01:05 GMT
Last-Modified
Sat, 15 Feb 2020 01:56:08 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2042
css.css
wyomingdailynews.com/wp-content/upgrade/en/account/css/
178 KB
179 KB
Stylesheet
General
Full URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/css/css.css
Requested by
Host: wyomingdailynews.com
URL: https://wyomingdailynews.com/wp-content/upgrade/en/account/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.222.110.133 Chatsworth, United States, ASN33494 (IHNET, US),
Reverse DNS
astros.unisonplatform.com
Software
Apache /
Resource Hash
086fb7fe8db0dfee0a1ee58a093ef41250db5731093b83f4d205f85512679942

Request headers

Referer
https://wyomingdailynews.com/wp-content/upgrade/en/account/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Fri, 28 Feb 2020 03:01:05 GMT
Last-Modified
Sat, 15 Feb 2020 01:56:08 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
182589
img_logo_thatwe.png
wyomingdailynews.com/wp-content/upgrade/en/account/img/
4 KB
4 KB
Image
General
Full URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/img/img_logo_thatwe.png
Requested by
Host: wyomingdailynews.com
URL: https://wyomingdailynews.com/wp-content/upgrade/en/account/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.222.110.133 Chatsworth, United States, ASN33494 (IHNET, US),
Reverse DNS
astros.unisonplatform.com
Software
Apache /
Resource Hash
3a83d46379b1e1073c2a2bec14d7004e39c3075c06553bbfeb58a068761ccf73

Request headers

Referer
https://wyomingdailynews.com/wp-content/upgrade/en/account/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 28 Feb 2020 03:01:05 GMT
Last-Modified
Sat, 15 Feb 2020 01:56:08 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
3644
moukim.js
wyomingdailynews.com/wp-content/upgrade/en/account/security/INC/
2 KB
3 KB
Script
General
Full URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/security/INC/moukim.js
Requested by
Host: wyomingdailynews.com
URL: https://wyomingdailynews.com/wp-content/upgrade/en/account/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.222.110.133 Chatsworth, United States, ASN33494 (IHNET, US),
Reverse DNS
astros.unisonplatform.com
Software
Apache /
Resource Hash
59483de8372feae8b65293b0e00b27c1e4d74ea71262e2c4f68d8f517a7a13b9

Request headers

Referer
https://wyomingdailynews.com/wp-content/upgrade/en/account/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 28 Feb 2020 03:01:05 GMT
Last-Modified
Sat, 15 Feb 2020 01:56:08 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2421
bgr-logo-en.png
wyomingdailynews.com/wp-content/upgrade/en/account/img/
11 KB
11 KB
Image
General
Full URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/img/bgr-logo-en.png
Requested by
Host: wyomingdailynews.com
URL: https://wyomingdailynews.com/wp-content/upgrade/en/account/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.222.110.133 Chatsworth, United States, ASN33494 (IHNET, US),
Reverse DNS
astros.unisonplatform.com
Software
Apache /
Resource Hash
3564619745e4b6c7cd540580963fefbc4797622193745a54435c6ea0b4fd5559

Request headers

Referer
https://wyomingdailynews.com/wp-content/upgrade/en/account/css/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 28 Feb 2020 03:01:06 GMT
Last-Modified
Sat, 15 Feb 2020 01:56:08 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
10758
ic_to_site.png
wyomingdailynews.com/wp-content/upgrade/en/account/images/
8 KB
8 KB
Image
General
Full URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/images/ic_to_site.png
Requested by
Host: wyomingdailynews.com
URL: https://wyomingdailynews.com/wp-content/upgrade/en/account/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.222.110.133 Chatsworth, United States, ASN33494 (IHNET, US),
Reverse DNS
astros.unisonplatform.com
Software
Apache /
Resource Hash
2f3023bf89cc6c9a7664a5f1475ad06cfac196d8f161f3df7bf4323be4009040

Request headers

Referer
https://wyomingdailynews.com/wp-content/upgrade/en/account/css/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 28 Feb 2020 03:01:06 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://wyomingdailynews.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=95
Expires
Wed, 11 Jan 1984 05:00:00 GMT
ic_app_full.png
wyomingdailynews.com/wp-content/upgrade/en/account/images/
8 KB
8 KB
Image
General
Full URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/images/ic_app_full.png
Requested by
Host: wyomingdailynews.com
URL: https://wyomingdailynews.com/wp-content/upgrade/en/account/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.222.110.133 Chatsworth, United States, ASN33494 (IHNET, US),
Reverse DNS
astros.unisonplatform.com
Software
Apache /
Resource Hash
2f3023bf89cc6c9a7664a5f1475ad06cfac196d8f161f3df7bf4323be4009040

Request headers

Referer
https://wyomingdailynews.com/wp-content/upgrade/en/account/css/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 28 Feb 2020 03:01:06 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://wyomingdailynews.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=99
Expires
Wed, 11 Jan 1984 05:00:00 GMT
img_menu_app_new.png
wyomingdailynews.com/wp-content/upgrade/en/account/images/
4 KB
4 KB
Image
General
Full URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/images/img_menu_app_new.png
Requested by
Host: wyomingdailynews.com
URL: https://wyomingdailynews.com/wp-content/upgrade/en/account/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.222.110.133 Chatsworth, United States, ASN33494 (IHNET, US),
Reverse DNS
astros.unisonplatform.com
Software
Apache /
Resource Hash
197a4c3a3d158aac5becb96dce40481385894f84ac50f99acfd2a58c81425326

Request headers

Referer
https://wyomingdailynews.com/wp-content/upgrade/en/account/css/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 28 Feb 2020 03:01:06 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://wyomingdailynews.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
Expires
Wed, 11 Jan 1984 05:00:00 GMT
ic_tariff_changes.png
wyomingdailynews.com/wp-content/upgrade/en/account/images/
0
0

ic_help.png
wyomingdailynews.com/wp-content/upgrade/en/account/images/
0
0

ic_user_normal.png
wyomingdailynews.com/wp-content/upgrade/en/account/images/
0
0

img_text_field_error_pointer.png
wyomingdailynews.com/wp-content/upgrade/en/account/images/
0
0

ic_password.png
wyomingdailynews.com/wp-content/upgrade/en/account/images/
0
0

ic_security_advice.png
wyomingdailynews.com/wp-content/upgrade/en/account/images/
0
0

ic_arrow_right_4x7.png
wyomingdailynews.com/wp-content/upgrade/en/account/images/
0
0

ic_faq.png
wyomingdailynews.com/wp-content/upgrade/en/account/images/
8 KB
8 KB
Image
General
Full URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/images/ic_faq.png
Requested by
Host: wyomingdailynews.com
URL: https://wyomingdailynews.com/wp-content/upgrade/en/account/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.222.110.133 Chatsworth, United States, ASN33494 (IHNET, US),
Reverse DNS
astros.unisonplatform.com
Software
Apache /
Resource Hash
2f3023bf89cc6c9a7664a5f1475ad06cfac196d8f161f3df7bf4323be4009040

Request headers

Referer
https://wyomingdailynews.com/wp-content/upgrade/en/account/css/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 28 Feb 2020 03:01:06 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://wyomingdailynews.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=98
Expires
Wed, 11 Jan 1984 05:00:00 GMT
ic_phone.png
wyomingdailynews.com/wp-content/upgrade/en/account/images/
0
0

ic_mail.png
wyomingdailynews.com/wp-content/upgrade/en/account/images/
0
0

ic_offices.png
wyomingdailynews.com/wp-content/upgrade/en/account/images/
0
0

ic_arrow_right_5x8.png
wyomingdailynews.com/wp-content/upgrade/en/account/images/
0
0

ic_atm.png
wyomingdailynews.com/wp-content/upgrade/en/account/images/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
wyomingdailynews.com
URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/images/ic_tariff_changes.png
Domain
wyomingdailynews.com
URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/images/ic_help.png
Domain
wyomingdailynews.com
URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/images/ic_user_normal.png
Domain
wyomingdailynews.com
URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/images/img_text_field_error_pointer.png
Domain
wyomingdailynews.com
URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/images/ic_password.png
Domain
wyomingdailynews.com
URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/images/ic_security_advice.png
Domain
wyomingdailynews.com
URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/images/ic_arrow_right_4x7.png
Domain
wyomingdailynews.com
URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/images/ic_phone.png
Domain
wyomingdailynews.com
URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/images/ic_mail.png
Domain
wyomingdailynews.com
URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/images/ic_offices.png
Domain
wyomingdailynews.com
URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/images/ic_arrow_right_5x8.png
Domain
wyomingdailynews.com
URL
https://wyomingdailynews.com/wp-content/upgrade/en/account/images/ic_atm.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fibank (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| checkKeycode string| ALERT_TITLE string| ALERT_BUTTON_TEXT function| createCustomAlert function| removeCustomAlert

0 Cookies