account.gypsycapital.com

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 7 HTTP transactions. The main IP is 54.211.50.39, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is account.gypsycapital.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 22nd 2021. Valid for: a year.

This is the only time account.gypsycapital.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	54.211.50.39 54.211.50.39	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
7	4

4 54.211.50.39 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-50-39.compute-1.amazonaws.com

account.gypsycapital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	gypsycapital.com 1 redirects account.gypsycapital.com	689 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	fontawesome.com use.fontawesome.com	13 KB
7	4

	Domain	Requested by
4	account.gypsycapital.com	1 redirects account.gypsycapital.com
2	fonts.googleapis.com	client
1	fonts.gstatic.com	fonts.googleapis.com
1	use.fontawesome.com	client
7	4

This site contains no links.

Subject Issuer	Validity	Valid
gypsycapital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-22` - `2022-12-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://account.gypsycapital.com/login
Frame ID: EE52A2F3EF1483C5C70265174EB3043D
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In || Gypsy Capital

Page URL History Show full URLs

https://account.gypsycapital.com/ HTTP 302
https://account.gypsycapital.com/login Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

7
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

734 kB
Transfer

3204 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://account.gypsycapital.com/ HTTP 302
https://account.gypsycapital.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
account.gypsycapital.com/
Redirect Chain

https://account.gypsycapital.com/
https://account.gypsycapital.com/login

41 KB
14 KB

124ms
123ms

Document
text/html

54.211.50.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://account.gypsycapital.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.211.50.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-50-39.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: d0f500e26e1f62d21e770bada9c94ce84dda6916550e1ac0d56b3fa4db4d7bdc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 22 Dec 2021 16:50:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache, private
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13021
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 22 Dec 2021 16:50:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache, private
Location: https://account.gypsycapital.com/login
Content-Length: 398
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK user.js Show response
account.gypsycapital.com/js/ 3 MB
665 KB 103ms
102ms Script
application/javascript 54.211.50.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://account.gypsycapital.com/js/user.js?id=577180ec5b581ef8e572
Requested by: Host: account.gypsycapital.com
URL: https://account.gypsycapital.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.211.50.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-50-39.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: a52c0760342a3e1d71c5f5681bf30e9d2093da0061c9ffba2effe6203d6f57cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.gypsycapital.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 16:50:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Dec 2021 16:40:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "2facc2-5d3968c4615a7-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H2 200 css
fonts.googleapis.com/ 12 KB
2 KB 84ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Mono:400|Roboto:300,400,500,700,900|Material+Icons

Requested by

Host: client
URL: about:client

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

643e20a4407f084563a3125dedacaa7e41502dbf1a1c0cb12e69238acb4d22a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.gypsycapital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 16:50:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Dec 2021 16:50:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Dec 2021 16:50:14 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ 54 KB
13 KB 93ms
24ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.gypsycapital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 16:50:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5094427
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 0AMG04WV5409W8GV
x-amz-id-2: YsLuFnUrPpIyIcIuU+g9+LUOZp56NclYVHhR0/Dn1z/0akurdt9/zojlLvPedS86RjZVbv3Y/fk=
last-modified: Wed, 30 Jun 2021 15:46:39 GMT
server: cloudflare
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAE0TKPNUZZmWTkl3KfeJVvkrobLUHDgn8AqFjzYgOmXLLD7%2Fd6ypRARcbkNXEcsSqEnuc6PSDCD394zUAgDaOVFi17XXZEpGB8yDM52ca7KkMzoo7Q221DKG5Mn641T05GPEMVi9%2FWKvdNi4LWPfpM6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6c1ad91b5f3c8be1-FRA

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
640 B 85ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Archivo:ital,wght@0,400;0,500;0,600;0,700;1,400&display=swap

Requested by

Host: client
URL: about:client

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ac02936bc17f63a5ba95b5c14498eebdd5870a671515ad549d82aecaa6f9b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.gypsycapital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 16:50:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Dec 2021 16:50:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Dec 2021 16:50:14 GMT

GET
H/1.1 200
OK logo.png
account.gypsycapital.com/images/ 10 KB
10 KB 91ms
91ms Image
image/png 54.211.50.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://account.gypsycapital.com/images/logo.png?2077a173edf80378bd17599c6220aa29
Requested by: Host: account.gypsycapital.com
URL: https://account.gypsycapital.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.211.50.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-50-39.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 121e1b7c7164476a8bc99415cd493852143ad4f1eb56fbd08f0c9c7bdfa7f78f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.gypsycapital.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 16:50:15 GMT
Last-Modified: Thu, 16 Dec 2021 01:24:39 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "2616-5d339494be7d3"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 9750

GET
H2 200 k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
fonts.gstatic.com/s/archivo/v9/ 31 KB
31 KB 33ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v9/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Archivo:ital,wght@0,400;0,500;0,600;0,700;1,400&display=swap

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

754193d1263868f8bea1722f2e973378006bbe58128caace3aae25345436e12f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://account.gypsycapital.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 18:19:41 GMT
x-content-type-options: nosniff
age: 167434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31548
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 23:34:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 20 Dec 2022 18:19:41 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			account.gypsycapital.com/	1970-01-19 23:36:39	Name: XSRF-TOKEN Value: eyJpdiI6Im9WQWMzY00yQ0dhRkhRT1h6VlpkaXc9PSIsInZhbHVlIjoiU3N6KzFFMGNnNjI4dDBaV3VZODV1cERIaGorbXFVL1UyZVB1WUQ1dDVEa293QTVTV09ndGt3TVFtWXRDYkFtMTdWRTlIQVdUdWtrbUNjUHRzdE5LV1AyVThtMm5XZWlLQ1FnWCs0bkJubUNXQ1V0Rkh0SEtxdDducjIrN25HNnciLCJtYWMiOiI3ZmMyM2NhMzc0ZWM2YTZiMGEwOTZiZGRkZTYyN2VmZGFjMjk0NjMxNjMzZTA2NjI0YjE5ODBmMmUzOWY1NjIzIiwidGFnIjoiIn0%3D
			account.gypsycapital.com/	1970-01-19 23:36:39	Name: gypsy_capital_session Value: eyJpdiI6ImltTEVsbmhJYnVaSzcvK3RTNmZBc1E9PSIsInZhbHVlIjoiYzh4R0Jkb0w5NzcvWXB3L1BGYW5GSGJsUGY4anhWNUwxK2dXK3FZZ0ptOVJWMHlwUmVPczVublptczkwTklJTjNGQ2dudlBhV082cmNFaGJiZEIyVVpwekc1emNOaGg5cmE5ZzFWZy9xak11RGNHR1RHZHQrdmpwVHhCNGF6UHYiLCJtYWMiOiIyZmExODkxMjcxYzZiYjEwMTNkZDU3NTdlZDExMzQ0ZjIyMTJlNDU2ZjZjNDU5MjU4YzUwODNiNTBhMGYxZWZlIiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.gypsycapital.com
fonts.googleapis.com
fonts.gstatic.com
use.fontawesome.com
2606:4700:3031::ac43:d645
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2003
54.211.50.39
121e1b7c7164476a8bc99415cd493852143ad4f1eb56fbd08f0c9c7bdfa7f78f
643e20a4407f084563a3125dedacaa7e41502dbf1a1c0cb12e69238acb4d22a0
6ac02936bc17f63a5ba95b5c14498eebdd5870a671515ad549d82aecaa6f9b05
754193d1263868f8bea1722f2e973378006bbe58128caace3aae25345436e12f
a52c0760342a3e1d71c5f5681bf30e9d2093da0061c9ffba2effe6203d6f57cc
d0f500e26e1f62d21e770bada9c94ce84dda6916550e1ac0d56b3fa4db4d7bdc
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

account.gypsycapital.com Open in urlscan Pro 54.211.50.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

734 kBTransfer

3204 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

2 Cookies

Indicators

account.gypsycapital.com Open in urlscan Pro
54.211.50.39 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

734 kB
Transfer

3204 kB
Size

2
Cookies

7 HTTP transactions
0 data transactions