gamsanlorenzo.gob.bo Open in urlscan Pro
200.58.110.145 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bitly.lc/ajt4q
Effective URL:
https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification
Submission Tags: falconsandbox
Submission: On April 13 via api (April 13th 2023, 7:59:00 pm UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 200.58.110.145, located in Rosario, Argentina and belongs to Dattatec.com, AR. The main domain is gamsanlorenzo.gob.bo.
TLS certificate: Issued by R3 on March 8th 2023. Valid for: 3 months.

This is the only time gamsanlorenzo.gob.bo was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:c8e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 13	200.58.110.145 200.58.110.145	27823 (Dattatec.com) (Dattatec.com)
12	1

1 2606:4700:3034::ac43:c8e6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bitly.lc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 200.58.110.145 (Rosario, Argentina) 1 redirects

ASN27823 (Dattatec.com, AR)
PTR: india.dattaweb.com

gamsanlorenzo.gob.bo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	gamsanlorenzo.gob.bo 1 redirects gamsanlorenzo.gob.bo	133 KB
1	bitly.lc 1 redirects bitly.lc	1 KB
12	2

	Domain	Requested by
13	gamsanlorenzo.gob.bo	1 redirects gamsanlorenzo.gob.bo
1	bitly.lc	1 redirects
12	2

This site contains no links.

Subject Issuer	Validity	Valid
gamsanlorenzo.gob.bo R3	`2023-03-08` - `2023-06-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification
Frame ID: AC1E7168F901F916E49549E2803C1910
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Global Shipping & Logistics Services

Page URL History Show full URLs

https://bitly.lc/ajt4q HTTP 301
https://gamsanlorenzo.gob.bo/pe/www/xvx/?pwd=pe HTTP 302
https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

133 kB
Transfer

129 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bitly.lc/ajt4q HTTP 301
https://gamsanlorenzo.gob.bo/pe/www/xvx/?pwd=pe HTTP 302
https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request ZyuKsx.php Show response gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ Redirect Chain https://bitly.lc/ajt4q https://gamsanlorenzo.gob.bo/pe/www/xvx/?pwd=pe https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification	4 KB 4 KB	279ms 278ms	Document text/html	200.58.110.145 Dattatec.com
General Check archive.org Show headers Download Go to Full URL https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 200.58.110.145 Rosario, Argentina, ASN27823 (Dattatec.com, AR), Reverse DNS india.dattaweb.com Software Apache / PHP/7.3.32 Resource Hash `94196b1a9dd3e2bf8cffd17ac20b9cb717c9492698041fc45e4310e7833ccfc0` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Thu, 13 Apr 2023 19:58:51 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=10, max=199 Pragma no-cache Server Apache Transfer-Encoding chunked X-Powered-By PHP/7.3.32 Redirect headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Thu, 13 Apr 2023 19:58:50 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=10, max=200 Location __Gen/ZyuKsx.php?verification#_ Pragma no-cache Server Apache Transfer-Encoding chunked X-Powered-By PHP/7.3.32
GET H/1.1	200 OK	csx__.css gamsanlorenzo.gob.bo/pe/www/xvx/__Set/css/	10 KB 10 KB	242ms 241ms	Stylesheet text/css	200.58.110.145 Dattatec.com
General Check archive.org Show headers Download Go to Full URL https://gamsanlorenzo.gob.bo/pe/www/xvx/__Set/css/csx__.css Requested by Host: gamsanlorenzo.gob.bo URL: https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 200.58.110.145 Rosario, Argentina, ASN27823 (Dattatec.com, AR), Reverse DNS india.dattaweb.com Software Apache / Resource Hash `ca2710a4d588b32ebe0bfb8197aac73c4fe403f080876b2e7738e6781b3ff6cd` Request headers accept-language de-DE,de;q=0.9 Referer https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 13 Apr 2023 19:58:52 GMT Last-Modified Thu, 03 Jun 2021 03:22:42 GMT Server Apache ETag "2637-5c3d416874480" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=200 Content-Length 9783
GET H/1.1	200 OK	jquery-3.5.1.min.js Show response gamsanlorenzo.gob.bo/pe/www/xvx/__Set/js/	87 KB 88 KB	480ms 244ms	Script application/javascript	200.58.110.145 Dattatec.com
General Check archive.org Show headers Download Go to Full URL https://gamsanlorenzo.gob.bo/pe/www/xvx/__Set/js/jquery-3.5.1.min.js Requested by Host: gamsanlorenzo.gob.bo URL: https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 200.58.110.145 Rosario, Argentina, ASN27823 (Dattatec.com, AR), Reverse DNS india.dattaweb.com Software Apache / Resource Hash `6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f` Request headers accept-language de-DE,de;q=0.9 Referer https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 13 Apr 2023 19:58:52 GMT Last-Modified Thu, 27 May 2021 04:12:28 GMT Server Apache ETag "15d83-5c347f79e6300" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=198 Content-Length 89475
GET H/1.1	200 OK	jquery.payment.min.js Show response gamsanlorenzo.gob.bo/pe/www/xvx/__Set/js/	8 KB 9 KB	484ms 241ms	Script application/javascript	200.58.110.145 Dattatec.com
General Check archive.org Show headers Download Go to Full URL https://gamsanlorenzo.gob.bo/pe/www/xvx/__Set/js/jquery.payment.min.js Requested by Host: gamsanlorenzo.gob.bo URL: https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 200.58.110.145 Rosario, Argentina, ASN27823 (Dattatec.com, AR), Reverse DNS india.dattaweb.com Software Apache / Resource Hash `6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37` Request headers accept-language de-DE,de;q=0.9 Referer https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 13 Apr 2023 19:58:52 GMT Last-Modified Thu, 27 May 2021 04:14:14 GMT Server Apache ETag "210b-5c347fdefd180" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=199 Content-Length 8459
GET H/1.1	200 OK	jsx.js Show response gamsanlorenzo.gob.bo/pe/www/xvx/__Set/js/	2 KB 2 KB	711ms 241ms	Script application/javascript	200.58.110.145 Dattatec.com
General Check archive.org Show headers Download Go to Full URL https://gamsanlorenzo.gob.bo/pe/www/xvx/__Set/js/jsx.js Requested by Host: gamsanlorenzo.gob.bo URL: https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 200.58.110.145 Rosario, Argentina, ASN27823 (Dattatec.com, AR), Reverse DNS india.dattaweb.com Software Apache / Resource Hash `10d868b25541c65592239efbbcf633799a131890a4a91e210feb78633dd0e7e1` Request headers accept-language de-DE,de;q=0.9 Referer https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 13 Apr 2023 19:58:53 GMT Last-Modified Thu, 27 May 2021 04:08:12 GMT Server Apache ETag "84f-5c347e85c2300" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=200 Content-Length 2127
GET H/1.1	200 OK	lg.png gamsanlorenzo.gob.bo/pe/www/xvx/__Set/img/	2 KB 2 KB	239ms 238ms	Image image/png	200.58.110.145 Dattatec.com
General Check archive.org Show headers Download Go to Show image Full URL https://gamsanlorenzo.gob.bo/pe/www/xvx/__Set/img/lg.png Requested by Host: gamsanlorenzo.gob.bo URL: https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 200.58.110.145 Rosario, Argentina, ASN27823 (Dattatec.com, AR), Reverse DNS india.dattaweb.com Software Apache / Resource Hash `4bede2d8c068266009f18661d160e75144bb88eb2137694a5f94062ffed8a7db` Request headers accept-language de-DE,de;q=0.9 Referer https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 13 Apr 2023 19:58:53 GMT Last-Modified Thu, 27 May 2021 22:50:12 GMT Server Apache ETag "673-5c35794f1d100" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=199 Content-Length 1651
GET H/1.1	200 OK	topmenu-en.png gamsanlorenzo.gob.bo/pe/www/xvx/__Set/img/	4 KB 4 KB	238ms 238ms	Image image/png	200.58.110.145 Dattatec.com
General Check archive.org Show headers Download Go to Show image Full URL https://gamsanlorenzo.gob.bo/pe/www/xvx/__Set/img/topmenu-en.png Requested by Host: gamsanlorenzo.gob.bo URL: https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 200.58.110.145 Rosario, Argentina, ASN27823 (Dattatec.com, AR), Reverse DNS india.dattaweb.com Software Apache / Resource Hash `15154faac407e15fe4b58db51516cbda4ef8e3f286352cf3f13d0eac2ac76dec` Request headers accept-language de-DE,de;q=0.9 Referer https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 13 Apr 2023 19:58:53 GMT Last-Modified Thu, 27 May 2021 22:50:12 GMT Server Apache ETag "f81-5c35794f1d100" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=198 Content-Length 3969
GET H/1.1	200 OK	explor.png gamsanlorenzo.gob.bo/pe/www/xvx/__Set/img/	2 KB 2 KB	238ms 238ms	Image image/png	200.58.110.145 Dattatec.com
General Check archive.org Show headers Download Go to Show image Full URL https://gamsanlorenzo.gob.bo/pe/www/xvx/__Set/img/explor.png Requested by Host: gamsanlorenzo.gob.bo URL: https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 200.58.110.145 Rosario, Argentina, ASN27823 (Dattatec.com, AR), Reverse DNS india.dattaweb.com Software Apache / Resource Hash `a8f0fdffeeb4d006671a655e4c3ef22750eedf85aaa76aae9557e72a154dbc36` Request headers accept-language de-DE,de;q=0.9 Referer https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 13 Apr 2023 19:58:53 GMT Last-Modified Thu, 27 May 2021 22:50:12 GMT Server Apache ETag "857-5c35794f1d100" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=197 Content-Length 2135
GET H/1.1	200 OK	search.png gamsanlorenzo.gob.bo/pe/www/xvx/__Set/img/	2 KB 2 KB	240ms 239ms	Image image/png	200.58.110.145 Dattatec.com
General Check archive.org Show headers Download Go to Show image Full URL https://gamsanlorenzo.gob.bo/pe/www/xvx/__Set/img/search.png Requested by Host: gamsanlorenzo.gob.bo URL: https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 200.58.110.145 Rosario, Argentina, ASN27823 (Dattatec.com, AR), Reverse DNS india.dattaweb.com Software Apache / Resource Hash `5945391a7d98f881adf677ffa17b4a65b9a25753fbec453209a37d1981afaa34` Request headers accept-language de-DE,de;q=0.9 Referer https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 13 Apr 2023 19:58:54 GMT Last-Modified Thu, 27 May 2021 22:50:12 GMT Server Apache ETag "85c-5c35794f1d100" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=196 Content-Length 2140
GET H/1.1	200 OK	iconmenu.png gamsanlorenzo.gob.bo/pe/www/xvx/__Set/img/	2 KB 2 KB	239ms 239ms	Image image/png	200.58.110.145 Dattatec.com
General Check archive.org Show headers Download Go to Show image Full URL https://gamsanlorenzo.gob.bo/pe/www/xvx/__Set/img/iconmenu.png Requested by Host: gamsanlorenzo.gob.bo URL: https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 200.58.110.145 Rosario, Argentina, ASN27823 (Dattatec.com, AR), Reverse DNS india.dattaweb.com Software Apache / Resource Hash `8efb0ac33a02d6656707a7e5f914895510169575d792a2eff173747ba1134139` Request headers accept-language de-DE,de;q=0.9 Referer https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 13 Apr 2023 19:58:54 GMT Last-Modified Thu, 27 May 2021 22:50:12 GMT Server Apache ETag "6c8-5c35794f1d100" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=195 Content-Length 1736
GET H/1.1	200 OK	menu-en.png gamsanlorenzo.gob.bo/pe/www/xvx/__Set/img/	4 KB 4 KB	253ms 253ms	Image image/png	200.58.110.145 Dattatec.com
General Check archive.org Show headers Download Go to Show image Full URL https://gamsanlorenzo.gob.bo/pe/www/xvx/__Set/img/menu-en.png Requested by Host: gamsanlorenzo.gob.bo URL: https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 200.58.110.145 Rosario, Argentina, ASN27823 (Dattatec.com, AR), Reverse DNS india.dattaweb.com Software Apache / Resource Hash `7600e9380ca09620781020a9702f092616727d18cd00fc7b1be95f22c8356040` Request headers accept-language de-DE,de;q=0.9 Referer https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 13 Apr 2023 19:58:54 GMT Last-Modified Thu, 27 May 2021 22:50:12 GMT Server Apache ETag "f27-5c35794f1d100" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=194 Content-Length 3879
GET H/1.1	200 OK	cnx-en.png gamsanlorenzo.gob.bo/pe/www/xvx/__Set/img/	3 KB 4 KB	238ms 237ms	Image image/png	200.58.110.145 Dattatec.com
General Check archive.org Show headers Download Go to Show image Full URL https://gamsanlorenzo.gob.bo/pe/www/xvx/__Set/img/cnx-en.png Requested by Host: gamsanlorenzo.gob.bo URL: https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 200.58.110.145 Rosario, Argentina, ASN27823 (Dattatec.com, AR), Reverse DNS india.dattaweb.com Software Apache / Resource Hash `1b5b864ad1c9ab30e4e8fb0484ef39ce7b8bdce06c1483e7dd5125938b0726a6` Request headers accept-language de-DE,de;q=0.9 Referer https://gamsanlorenzo.gob.bo/pe/www/xvx/__Gen/ZyuKsx.php?verification User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 13 Apr 2023 19:58:54 GMT Last-Modified Thu, 27 May 2021 22:50:12 GMT Server Apache ETag "d34-5c35794f1d100" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=193 Content-Length 3380

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bitly.lc/	1970-01-20 11:03:43	Name: XSRF-TOKEN Value: eyJpdiI6IjNcL3kxUWR6Y2lWRWNzMDZsbmRyemhBPT0iLCJ2YWx1ZSI6IldGRUxOTStQWVwveUdMckVZS3Y5dkw4dTdQQXRjSE85ek5nSEJJZno4V2txbU1HUFc3czRyalJUMHM5NUdXWGk3WHZvT2R0cWlTMktqU2ZseDNreW5KNmhVbGhTaHhsWVZMemJKZ3Jid29IXC9KWmtyaEpSMDBaKzR0NWRRcUFteE4iLCJtYWMiOiI2ZjA2OGM4OTYwYTU0NDJjNjc3MmRkZGM4NzkwYzAzZjYxZTcxMDQzNWJlNjZkOTQ5OTZkMGM0Yjk1MDc0ZGJiIn0%3D
bitly.lc/	1970-01-20 11:03:43	Name: phpshort_session Value: eyJpdiI6InhEMkRaNWJtdVZsaTJFK1FzeXI5SFE9PSIsInZhbHVlIjoibXNCVkVScXNUWXFrNlM3T1liXC9DQk9CXC9wRTdcL0IyRmdtT0NsS0xIUUUzNis2Z3NWTjN4NFwvSDQ5SDBpZUlDa09oN3kxVzBCWndhczQ5SnFycFhXSVZkY2V2aFpsU1NGTmZlWGhuZndhc0ZLZDdGQ2FmcFMzVEV4YTdTRDB6RkhnIiwibWFjIjoiOGQ1NTE3NmYwNDdjZjNlYjJkYzA4ZDVhZWVkMWMwMzVmNzY5YzBlMWMyODRhN2ZhYThmNTQxNTM2NjIxYTcyMiJ9
bitly.lc/	1970-01-20 20:39:35	Name: dark_mode Value: 0
gamsanlorenzo.gob.bo/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4644ff885c5a8118c28ed054546dd463

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bitly.lc
gamsanlorenzo.gob.bo
200.58.110.145
2606:4700:3034::ac43:c8e6
10d868b25541c65592239efbbcf633799a131890a4a91e210feb78633dd0e7e1
15154faac407e15fe4b58db51516cbda4ef8e3f286352cf3f13d0eac2ac76dec
1b5b864ad1c9ab30e4e8fb0484ef39ce7b8bdce06c1483e7dd5125938b0726a6
4bede2d8c068266009f18661d160e75144bb88eb2137694a5f94062ffed8a7db
5945391a7d98f881adf677ffa17b4a65b9a25753fbec453209a37d1981afaa34
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37
7600e9380ca09620781020a9702f092616727d18cd00fc7b1be95f22c8356040
8efb0ac33a02d6656707a7e5f914895510169575d792a2eff173747ba1134139
94196b1a9dd3e2bf8cffd17ac20b9cb717c9492698041fc45e4310e7833ccfc0
a8f0fdffeeb4d006671a655e4c3ef22750eedf85aaa76aae9557e72a154dbc36
ca2710a4d588b32ebe0bfb8197aac73c4fe403f080876b2e7738e6781b3ff6cd

gamsanlorenzo.gob.bo Open in urlscan Pro 200.58.110.145 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

133 kBTransfer

129 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

4 Cookies

Indicators

gamsanlorenzo.gob.bo Open in urlscan Pro
200.58.110.145 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

133 kB
Transfer

129 kB
Size

4
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!