k90.shop
Open in
urlscan Pro
34.141.48.9
Malicious Activity!
Public Scan
Submission: On June 12 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on June 10th 2023. Valid for: 3 months.
This is the only time k90.shop was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 34.141.48.9 34.141.48.9 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 2a04:4e42::729 2a04:4e42::729 | 54113 (FASTLY) (FASTLY) | |
12 | 2600:9000:214... 2600:9000:214f:5000:1c:b3e3:eb40:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2600:9000:225... 2600:9000:225e:8000:d:d1ea:5a40:21 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:827::200e | 15169 (GOOGLE) (GOOGLE) | |
5 | 2600:9000:237... 2600:9000:237d:f600:1:986e:5240:21 | 16509 (AMAZON-02) (AMAZON-02) | |
24 | 7 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 9.48.141.34.bc.googleusercontent.com
k90.shop |
ASN16509 (AMAZON-02, US)
d13pxqgp3ixdbh.cloudfront.net |
ASN16509 (AMAZON-02, US)
d3h83s39ga3y3t.cloudfront.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
d8xv5ds0z1009.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
cloudfront.net
d13pxqgp3ixdbh.cloudfront.net d3h83s39ga3y3t.cloudfront.net d8xv5ds0z1009.cloudfront.net |
2 MB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 57 |
21 KB |
2 |
k90.shop
k90.shop |
4 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 422 |
30 KB |
1 |
sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4672 |
21 KB |
24 | 5 |
Domain | Requested by | |
---|---|---|
12 | d13pxqgp3ixdbh.cloudfront.net |
k90.shop
|
5 | d8xv5ds0z1009.cloudfront.net |
d3h83s39ga3y3t.cloudfront.net
|
2 | www.google-analytics.com |
k90.shop
browser.sentry-cdn.com |
2 | k90.shop |
k90.shop
|
1 | d3h83s39ga3y3t.cloudfront.net |
k90.shop
|
1 | ajax.googleapis.com |
k90.shop
|
1 | browser.sentry-cdn.com |
k90.shop
|
24 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.k90.shop R3 |
2023-06-10 - 2023-09-08 |
3 months | crt.sh |
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3 |
2022-09-28 - 2023-10-30 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://k90.shop/
Frame ID: 85EDB11DF8BE95733E7FC4EE098DB30A
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
Link LockedDetected technologies
Sentry (Issue Trackers) ExpandDetected patterns
- <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
- browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
k90.shop/ |
14 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.min.js
browser.sentry-cdn.com/6.4.1/ |
66 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
k90.shop/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1682857751e2d195b5b335cb3ef0762afac8723d5d.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1683237754be89c8dc9fad0151fb80cea66b01203d.jpg
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
26 KB 26 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1682010504935bb25a5c439ae70e81ef4ad4d7c50c.gif
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
36 KB 37 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1683238180731ff21ac67c246d23d4cb6a200942d9.jpg
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
119 KB 120 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16832385797cce211a8ac544920c6a5a323ffb1292.jpg
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
137 KB 137 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16832387534794b9838bc9668f582486e605d72b33.jpg
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
230 KB 230 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1683238731c47474976ac38af0ecda974ae43d55b6.jpg
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
148 KB 149 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1683238622bd304574b88307d5a5d639906310ce2a.jpg
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
168 KB 169 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
168323870607f0facf3f9bebaa59b2bd5132ec644b.jpg
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
307 KB 308 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
168323868565cf7d7164135c74cac493192809ee95.jpg
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
159 KB 160 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1683238656ed51140a0c237adf2ba44f722410e93a.jpg
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
227 KB 227 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
168323807824419997401d099701bedd804434bfd9.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f0af853.js
d3h83s39ga3y3t.cloudfront.net/ |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
51 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
html.3907451.b2c92.0.js
d8xv5ds0z1009.cloudfront.net/public/external/v2/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_front.css
d8xv5ds0z1009.cloudfront.net/public/external/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
3 B 203 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
d8xv5ds0z1009.cloudfront.net/public/clockers/CustomButton/ |
1010 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guid
d8xv5ds0z1009.cloudfront.net/public/ |
0 275 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.php
d8xv5ds0z1009.cloudfront.net/public/external/ |
78 B 371 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| Sentry object| __SENTRY__ string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| CPABUILDSETTINGS string| forward object| google_tag_data object| gaplugins object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker object| gaGlobal object| gaData4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
k90.shop/ | Name: _cpguid Value: o16214l43 |
|
.k90.shop/ | Name: _ga Value: GA1.2.769847119.1686560731 |
|
.k90.shop/ | Name: _gid Value: GA1.2.2011629240.1686560731 |
|
.k90.shop/ | Name: _gat_customTemplateGlobal Value: 1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
browser.sentry-cdn.com
d13pxqgp3ixdbh.cloudfront.net
d3h83s39ga3y3t.cloudfront.net
d8xv5ds0z1009.cloudfront.net
k90.shop
www.google-analytics.com
2600:9000:214f:5000:1c:b3e3:eb40:21
2600:9000:225e:8000:d:d1ea:5a40:21
2600:9000:237d:f600:1:986e:5240:21
2a00:1450:4001:80f::200a
2a00:1450:4001:827::200e
2a04:4e42::729
34.141.48.9
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0e11b433775283644090aa09271b4566b6c0f08fe86739218d71327257324eca
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20ad5ea9988710752eee529eb41114bb3d8b0d85c013ce4037d49fae338919be
22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56
4521b925392697e52765d8e9c349a4e85720e710fb5ba78806bd5ca198a9c339
54b07ca4c0e430afc3b967bb81400e0113a95b57d977cd8a8640668db074a328
711d32e6bf0d51ef9b56421dcd06b92653f76b1145b063df0686a575ffe1c948
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a28be45144d377ab16527a8b5d2d60fae4d780f9dec17e4327567ad90482f293
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
acee0ced4a78484c3cd88282de0f834f65eb702f7659ae573ba5f0d055a857d5
c154999f8b39b2769a9c6d7e017a369faf47fe19970ecad0dfa94e26ce119b3a
c42a223f0310846eae69532b0abdf1c728e732da8522880e5936f2b93a10ede7
c7f8fb9ebf6ce12c3a1857e71e47d1aaade690a2cfdec7dfd5b910984919a485
cd0671c2d7882a5c2ffebc22c458371d5e017496bc3d48424b9250c68ec8aaaa
e232f3db7148dab57c58513f83cbfbd5df8d40e90f921e11211afe5e91f623eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
fc97f4fd98dc1996c273833060e0824d717b7865827802b2daf3e1e4c0caba45
fd67c9da08176134c2e979dc9c66ba19cb056c2c9c104373837915c9e3246797
fe5cb2835b5d3cdf87fcb97108c3eb18210bbd23c7386db3cfb04fa88fd39afd