gyzlions.com Open in urlscan Pro
52.129.44.74 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/
Effective URL:
http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/
Submission: On March 04 via automatic, source openphish (March 4th 2022, 1:06:58 am UTC) — Scanned from DE

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 28 HTTP transactions. The main IP is 52.129.44.74, located in United States and belongs to SHOCK-1, US. The main domain is gyzlions.com.

This is the only time gyzlions.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UPS (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
1 29	52.129.44.74 52.129.44.74		395092 (SHOCK-1) (SHOCK-1)
28	1

29 52.129.44.74 (United States) 1 redirects

ASN395092 (SHOCK-1, US)
PTR: freshheap.com

gyzlions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	gyzlions.com 1 redirects gyzlions.com	297 KB
28	1

	Domain	Requested by
29	gyzlions.com	1 redirects gyzlions.com
28	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/
Frame ID: 5BF8BD05377379AF694A51E6BF748623
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Suivre votre envoi UPS | UPS - France

Page URL History Show full URLs

http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/ HTTP 302
http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/ Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

297 kB
Transfer

1451 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/ HTTP 302
http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/ Redirect Chain http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/ http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/?	41 KB 8 KB	122ms 122ms	Document text/html	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `0a214d53891ba49d02aa431692abde819015366aed3600d1d15d5e8abffe5087` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Fri, 04 Mar 2022 01:06:53 GMT Server Apache/2.4.18 (Ubuntu) Cache-Control no-cache, no-store, must-revalidate Pragma no-cache Expires 0 Vary Accept-Encoding Content-Encoding gzip Content-Length 7894 Keep-Alive timeout=5, max=99 Connection Keep-Alive Content-Type text/html; charset=UTF-8 Redirect headers Date Fri, 04 Mar 2022 01:06:53 GMT Server Apache/2.4.18 (Ubuntu) location start/? Content-Length 0 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	jquery.min.js Show response gyzlions.com/ups/ups/bower_components/jquery/dist/	85 KB 30 KB	95ms 94ms	Script application/javascript	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/bower_components/jquery/dist/jquery.min.js Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:53 GMT Content-Encoding gzip Last-Modified Mon, 05 Jun 2017 19:55:06 GMT Server Apache/2.4.18 (Ubuntu) ETag "15283-5513be1287a80-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 30138
GET H/1.1	200 OK	ua-parser.min.js Show response gyzlions.com/ups/ups/bower_components/ua-parser-js/dist/	17 KB 6 KB	364ms 89ms	Script application/javascript	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/bower_components/ua-parser-js/dist/ua-parser.min.js Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:54 GMT Content-Encoding gzip Last-Modified Fri, 13 Oct 2017 00:16:24 GMT Server Apache/2.4.18 (Ubuntu) ETag "4298-55b62912b2600-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 6063
GET H/1.1	200 OK	font-awesome.min.css gyzlions.com/ups/ups/bower_components/font-awesome/css/	30 KB 7 KB	180ms 90ms	Stylesheet text/css	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/bower_components/font-awesome/css/font-awesome.min.css Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:53 GMT Content-Encoding gzip Last-Modified Sun, 09 Apr 2017 20:29:24 GMT Server Apache/2.4.18 (Ubuntu) ETag "7918-54cc1b6deb100-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 7053
GET H/1.1	200 OK	jquery.maskedinput.min.js Show response gyzlions.com/ups/ups/bower_components/jquery.maskedinput/dist/	16 KB 4 KB	369ms 91ms	Script application/javascript	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/bower_components/jquery.maskedinput/dist/jquery.maskedinput.min.js Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `6a2f967ab83a1b16b06c60bbbbbe901f1719b620718f43ee6b7a48d7578cee67` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:54 GMT Content-Encoding gzip Last-Modified Sat, 18 Nov 2017 05:03:36 GMT Server Apache/2.4.18 (Ubuntu) ETag "4001-55e3ac6901a00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 3284
GET H/1.1	200 OK	core_form.js Show response gyzlions.com/ups/ups/core/form/	21 KB 7 KB	450ms 90ms	Script application/javascript	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/core/form/core_form.js Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `f0f0f4f3c5e4af04d3a36cff56692633722c265fd234fd88119536b860b089b6` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:54 GMT Content-Encoding gzip Last-Modified Sun, 04 Oct 2020 13:42:02 GMT Server Apache/2.4.18 (Ubuntu) ETag "55c4-5b0d887d71e80-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 6320
GET H/1.1	200 OK	core_token.js Show response gyzlions.com/ups/ups/core/token/	11 KB 2 KB	455ms 90ms	Script application/javascript	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/core/token/core_token.js Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `b445cdbc8b1d19e21b1944ee1c0af71893ae91d6f50c6cd367982a33e1597077` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:54 GMT Content-Encoding gzip Last-Modified Mon, 11 Jan 2021 06:48:20 GMT Server Apache/2.4.18 (Ubuntu) ETag "2a2a-5b89a4a9f9500-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1519
GET H/1.1	200 OK	angular.min.js Show response gyzlions.com/ups/ups/bower_components/angular/	165 KB 58 KB	460ms 95ms	Script application/javascript	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/bower_components/angular/angular.min.js Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:54 GMT Content-Encoding gzip Last-Modified Sat, 19 Aug 2017 06:37:28 GMT Server Apache/2.4.18 (Ubuntu) ETag "2937c-557157ab27a00-gzip" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97
GET H/1.1	200 OK	core_form.css gyzlions.com/ups/ups/core/form/	5 KB 1 KB	179ms 90ms	Stylesheet text/css	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/core/form/core_form.css Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `010a3e81fe1384156ce9f832b7613c9002205256da417594a231664d3973dea4` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:53 GMT Content-Encoding gzip Last-Modified Sun, 04 Oct 2020 08:46:34 GMT Server Apache/2.4.18 (Ubuntu) ETag "1219-5b0d4672b4e80-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 948
GET H/1.1	200 OK	ups.vendor.54f3c2d83b58.css gyzlions.com/ups/ups/start/	130 KB 20 KB	182ms 92ms	Stylesheet text/css	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/start/ups.vendor.54f3c2d83b58.css Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `fc520fa7aa46a1fa8e282894cee1caf3fa8db9c9dbae3bd6c6167508e880ace5` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:53 GMT Content-Encoding gzip Last-Modified Sun, 04 Oct 2020 07:25:18 GMT Server Apache/2.4.18 (Ubuntu) ETag "207c5-5b0d344897380-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 20346
GET H/1.1	200 OK	ups.styles.c850cd2fb9da.css gyzlions.com/ups/ups/start/	89 KB 15 KB	180ms 91ms	Stylesheet text/css	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/start/ups.styles.c850cd2fb9da.css Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `e740625e9190846f9a684a25ef6b467cb4cd6eac329446923d8300608c52f5c4` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:53 GMT Content-Encoding gzip Last-Modified Sun, 04 Oct 2020 07:25:18 GMT Server Apache/2.4.18 (Ubuntu) ETag "16367-5b0d344897380-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 14555
GET H/1.1	200 OK	ups.modules.199cfffaf8d8.css gyzlions.com/ups/ups/start/	651 KB 73 KB	195ms 103ms	Stylesheet text/css	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/start/ups.modules.199cfffaf8d8.css Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `d494dbe81db91df0923162dfecaf1bc5bfae900f7f37a0a15e4ed6b5aa9f1beb` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:53 GMT Content-Encoding gzip Last-Modified Sun, 04 Oct 2020 10:57:46 GMT Server Apache/2.4.18 (Ubuntu) ETag "a2a6e-5b0d63c607e80-gzip" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H/1.1	200 OK	ups.widgets.6611168e8d14.css gyzlions.com/ups/ups/start/	69 KB 9 KB	271ms 92ms	Stylesheet text/css	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/start/ups.widgets.6611168e8d14.css Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `dca987a6fdf97b97b04fbcc2bff586ecd7637ace53b2e4e1bc4ef737ba900670` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:53 GMT Content-Encoding gzip Last-Modified Sun, 04 Oct 2020 07:25:18 GMT Server Apache/2.4.18 (Ubuntu) ETag "113a9-5b0d344897380-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 8482
GET H/1.1	200 OK	ups.apps-utrk.720d77.css gyzlions.com/ups/ups/start/	73 KB 11 KB	270ms 91ms	Stylesheet text/css	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/start/ups.apps-utrk.720d77.css Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `6f7cd07da353ad5bcc2acd4528c10f8a2b3195e7f7f19441967485ab570867a0` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:53 GMT Content-Encoding gzip Last-Modified Sun, 04 Oct 2020 10:46:38 GMT Server Apache/2.4.18 (Ubuntu) ETag "122f2-5b0d6148f9f80-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 10710
GET H/1.1	200 OK	onelink.css gyzlions.com/ups/ups/start/	173 B 489 B	275ms 91ms	Stylesheet text/css	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/start/onelink.css Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `09c5f0f2bd048461d93e753de69534518a2a1775138155f3edbd3aaa5f472ea6` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:53 GMT Content-Encoding gzip Last-Modified Sun, 04 Oct 2020 07:25:18 GMT Server Apache/2.4.18 (Ubuntu) ETag "ad-5b0d344897380-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 155
GET H/1.1	200 OK	onelink-1.css gyzlions.com/ups/ups/start/	1016 B 799 B	358ms 89ms	Stylesheet text/css	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/start/onelink-1.css Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `e9a262313ad672908c5ce47c41895929da44a15687e6c30a088474a238f891ad` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:54 GMT Content-Encoding gzip Last-Modified Sun, 04 Oct 2020 07:25:18 GMT Server Apache/2.4.18 (Ubuntu) ETag "3f8-5b0d344897380-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 464
GET H/1.1	200 OK	index.css gyzlions.com/ups/ups/start/	469 B 525 B	361ms 89ms	Stylesheet text/css	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/start/index.css Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `120535df766178eb07da6c3d9395eff539fe778936be2a018d0eca712956f892` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:54 GMT Content-Encoding gzip Last-Modified Sun, 04 Oct 2020 07:33:30 GMT Server Apache/2.4.18 (Ubuntu) ETag "1d5-5b0d361dcc680-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 190
GET H/1.1	200 OK	css.css gyzlions.com/ups/ups/start/form/	406 B 575 B	362ms 90ms	Stylesheet text/css	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/start/form/css.css Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `dbc9e28251dbef46115280691d4954e13a579a61d7d111868530ef10e70b3f61` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:54 GMT Content-Encoding gzip Last-Modified Sun, 04 Oct 2020 13:56:48 GMT Server Apache/2.4.18 (Ubuntu) ETag "196-5b0d8bca66800-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 240
GET H/1.1	200 OK	UPS_logo.svg gyzlions.com/ups/ups/start/	2 KB 2 KB	90ms 90ms	Image image/svg+xml	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Show image Full URL http://gyzlions.com/ups/ups/start/UPS_logo.svg Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `b6f911ba8158fafaac0e01b5c737957f9a334697c5fd7d935a68795e9d9e1c00` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:54 GMT Last-Modified Sun, 04 Oct 2020 07:25:18 GMT Server Apache/2.4.18 (Ubuntu) ETag "870-5b0d344897380" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 2160
GET H/1.1	200 OK	pak.png gyzlions.com/ups/ups/start/	2 KB 2 KB	90ms 90ms	Image image/png	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Show image Full URL http://gyzlions.com/ups/ups/start/pak.png Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `e3a8215ff55ee209d7dcb75870f06a94f4d75513cf14d08e9e290b7155bdfcf4` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:54 GMT Last-Modified Sun, 04 Oct 2020 10:34:42 GMT Server Apache/2.4.18 (Ubuntu) ETag "7b4-5b0d5e9e25480" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 1972
GET H/1.1	200 OK	05a32f910081dd1367855f9eff7f0bc9.png gyzlions.com/ups/ups/start/	2 KB 2 KB	94ms 94ms	Image image/png	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Show image Full URL http://gyzlions.com/ups/ups/start/05a32f910081dd1367855f9eff7f0bc9.png Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `506ca41d5eaecec9b2bc1de4f9ac161eadcd4d88a93ecec79b3d34da42e90e67` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:54 GMT Last-Modified Sun, 04 Oct 2020 10:34:20 GMT Server Apache/2.4.18 (Ubuntu) ETag "67b-5b0d5e892a300" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1659
GET H/1.1	200 OK	icp.gif gyzlions.com/ups/ups/start/	43 B 325 B	92ms 92ms	Image image/gif	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Show image Full URL http://gyzlions.com/ups/ups/start/icp.gif Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:54 GMT Last-Modified Sun, 04 Oct 2020 07:25:18 GMT Server Apache/2.4.18 (Ubuntu) ETag "2b-5b0d344897380" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 43
GET H/1.1	200 OK	form.js Show response gyzlions.com/ups/ups/start/form/	3 KB 1 KB	90ms 90ms	Script application/javascript	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/start/form/form.js?v=6221662da87f5 Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `887af6a6be0c4e23a5554806a8a6c6d123fb02850d0b880543f8aa3e64b13771` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:54 GMT Content-Encoding gzip Last-Modified Sat, 12 Sep 2020 03:46:40 GMT Server Apache/2.4.18 (Ubuntu) ETag "d75-5af15a6226800-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 1116
GET H/1.1	200 OK	token.js Show response gyzlions.com/ups/ups/start/token/	2 KB 1 KB	90ms 90ms	Script application/javascript	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/start/token/token.js?v=6221662da882c Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `d300e12c6e4600ab8b25308b1d80b0f87c33e31149090a7bc85b50943d51b88e` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:54 GMT Content-Encoding gzip Last-Modified Sun, 02 Feb 2020 02:34:48 GMT Server Apache/2.4.18 (Ubuntu) ETag "798-59d8ea681e200-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 766
GET H/1.1	200 OK	ng.js Show response gyzlions.com/ups/ups/start/ng/	3 KB 2 KB	90ms 90ms	Script application/javascript	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/start/ng/ng.js?v=6221662da8862 Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `82f4781d5c723b1f97f13d9d1f69cafd008ce6dbc041b434b72aa19725a0bf19` Request headers Accept-Language de-DE,de;q=0.9 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:54 GMT Content-Encoding gzip Last-Modified Fri, 31 Jul 2020 11:45:14 GMT Server Apache/2.4.18 (Ubuntu) ETag "daa-5abbb52722680-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 1213
GET H/1.1	200 OK	home.php Show response gyzlions.com/ups/ups/	57 B 252 B	152ms 152ms	XHR application/json	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/home.php?pl=token&link=ups&bid=7a0a4c73238ead6100dfc3c61c0ddb65&callback=jQuery32100109550090724857_1646356013940&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1646356013941 Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/bower_components/jquery/dist/jquery.min.js Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `e44b40424576a6ee40c791a540819f2e2c76e71848763d13aac3353ea6e5189b` Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:54 GMT Server Apache/2.4.18 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 57 Content-Type application/json
GET H/1.1	200 OK	home.php Show response gyzlions.com/ups/ups/	57 B 252 B	226ms 226ms	XHR application/json	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/home.php?pl=token&link=ups&bid=7a0a4c73238ead6100dfc3c61c0ddb65&callback=jQuery32100109550090724857_1646356013942&data=%7B%22mes%22%3A%22User%20on%20def%20page%22%7D&_=1646356013943 Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/bower_components/jquery/dist/jquery.min.js Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `fcd6ddeacc9826e6fbca0c9ef9e52140490de326ab7612dc54556d8fd316a01d` Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer http://gyzlions.com/ups/ups/a1b2c3/7a0a4c73238ead6100dfc3c61c0ddb65/start/? X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:54 GMT Server Apache/2.4.18 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=94 Content-Length 57 Content-Type application/json
GET H/1.1	200 OK	055096b75efc91eabeb7fa0fb14e24cd44ba71f4 gyzlions.com/ups/ups/start/	34 KB 34 KB	89ms 89ms	Font application/octet-stream	52.129.44.74 SHOCK-1
General Check archive.org Show headers Download Go to Full URL http://gyzlions.com/ups/ups/start/055096b75efc91eabeb7fa0fb14e24cd44ba71f4 Requested by Host: gyzlions.com URL: http://gyzlions.com/ups/ups/start/ups.styles.c850cd2fb9da.css Protocol HTTP/1.1 Server 52.129.44.74 , United States, ASN395092 (SHOCK-1, US), Reverse DNS freshheap.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `e94f926fe32bb1db75044f07af73ade28a728efe7b16fefdd59a064514cb1316` Request headers Referer http://gyzlions.com/ups/ups/start/ups.styles.c850cd2fb9da.css Origin http://gyzlions.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:06:54 GMT Last-Modified Sun, 04 Oct 2020 07:25:18 GMT Server Apache/2.4.18 (Ubuntu) ETag "8794-5b0d344897380" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 34708

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UPS (Transportation)

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gyzlions.com/	1970-01-20 02:02:28	Name: bid Value: 7a0a4c73238ead6100dfc3c61c0ddb65
			gyzlions.com/	1969-12-31 23:59:59	Name: lng Value: en

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gyzlions.com
52.129.44.74
010a3e81fe1384156ce9f832b7613c9002205256da417594a231664d3973dea4
09c5f0f2bd048461d93e753de69534518a2a1775138155f3edbd3aaa5f472ea6
0a214d53891ba49d02aa431692abde819015366aed3600d1d15d5e8abffe5087
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
120535df766178eb07da6c3d9395eff539fe778936be2a018d0eca712956f892
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
506ca41d5eaecec9b2bc1de4f9ac161eadcd4d88a93ecec79b3d34da42e90e67
6a2f967ab83a1b16b06c60bbbbbe901f1719b620718f43ee6b7a48d7578cee67
6f7cd07da353ad5bcc2acd4528c10f8a2b3195e7f7f19441967485ab570867a0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
82f4781d5c723b1f97f13d9d1f69cafd008ce6dbc041b434b72aa19725a0bf19
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
887af6a6be0c4e23a5554806a8a6c6d123fb02850d0b880543f8aa3e64b13771
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b445cdbc8b1d19e21b1944ee1c0af71893ae91d6f50c6cd367982a33e1597077
b6f911ba8158fafaac0e01b5c737957f9a334697c5fd7d935a68795e9d9e1c00
d300e12c6e4600ab8b25308b1d80b0f87c33e31149090a7bc85b50943d51b88e
d494dbe81db91df0923162dfecaf1bc5bfae900f7f37a0a15e4ed6b5aa9f1beb
dbc9e28251dbef46115280691d4954e13a579a61d7d111868530ef10e70b3f61
dca987a6fdf97b97b04fbcc2bff586ecd7637ace53b2e4e1bc4ef737ba900670
e3a8215ff55ee209d7dcb75870f06a94f4d75513cf14d08e9e290b7155bdfcf4
e44b40424576a6ee40c791a540819f2e2c76e71848763d13aac3353ea6e5189b
e740625e9190846f9a684a25ef6b467cb4cd6eac329446923d8300608c52f5c4
e94f926fe32bb1db75044f07af73ade28a728efe7b16fefdd59a064514cb1316
e9a262313ad672908c5ce47c41895929da44a15687e6c30a088474a238f891ad
f0f0f4f3c5e4af04d3a36cff56692633722c265fd234fd88119536b860b089b6
fc520fa7aa46a1fa8e282894cee1caf3fa8db9c9dbae3bd6c6167508e880ace5
fcd6ddeacc9826e6fbca0c9ef9e52140490de326ab7612dc54556d8fd316a01d

gyzlions.com Open in urlscan Pro 52.129.44.74 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

297 kBTransfer

1451 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gyzlions.com Open in urlscan Pro
52.129.44.74 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

297 kB
Transfer

1451 kB
Size

2
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!