suuperstore.ycan.shop
Open in
urlscan Pro
2606:4700:21::681b:c959
Malicious Activity!
Public Scan
Effective URL: https://suuperstore.ycan.shop/
Submission: On August 17 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 17th 2023. Valid for: a year.
This is the only time suuperstore.ycan.shop was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 34.111.99.212 34.111.99.212 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 5 | 2606:4700:21:... 2606:4700:21::681b:c959 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6812:1c3e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::2003 | 15169 (GOOGLE) (GOOGLE) | |
13 | 151.101.2.137 151.101.2.137 | 54113 (FASTLY) (FASTLY) | |
4 | 185.221.87.23 185.221.87.23 | 54113 (FASTLY) (FASTLY) | |
24 | 6 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 212.99.111.34.bc.googleusercontent.com
email.organizations.helpcrunch-mail.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 611 |
91 KB |
5 |
ycan.shop
1 redirects
suuperstore.ycan.shop |
27 KB |
4 |
nr-data.net
bam.eu01.nr-data.net — Cisco Umbrella Rank: 10426 |
1 KB |
1 |
gstatic.com
fonts.gstatic.com |
23 KB |
1 |
youcan.shop
static4.youcan.shop |
40 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73 |
834 B |
1 |
helpcrunch-mail.com
1 redirects
email.organizations.helpcrunch-mail.com |
159 B |
24 | 7 |
Domain | Requested by | |
---|---|---|
13 | js-agent.newrelic.com |
suuperstore.ycan.shop
|
5 | suuperstore.ycan.shop |
1 redirects
suuperstore.ycan.shop
|
4 | bam.eu01.nr-data.net |
suuperstore.ycan.shop
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | static4.youcan.shop |
suuperstore.ycan.shop
|
1 | fonts.googleapis.com |
suuperstore.ycan.shop
|
1 | email.organizations.helpcrunch-mail.com | 1 redirects |
24 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-02-17 - 2024-02-17 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-07-31 - 2023-10-23 |
3 months | crt.sh |
youcan.shop GTS CA 1P5 |
2023-08-04 - 2023-11-02 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-07-31 - 2023-10-23 |
3 months | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2 |
2023-04-13 - 2024-05-14 |
a year | crt.sh |
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-18 - 2023-12-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://suuperstore.ycan.shop/
Frame ID: 19737C8F87969E58A3D709568CEC0FDC
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
SuspendedPage URL History Show full URLs
-
https://email.organizations.helpcrunch-mail.com/c/eJxMzUGOhSAMANDTwNJQwEIXLGbjPUqp0eT_rwGdjLef7T_BawVXYNuON--fIvw-tdf70W61AJ...
HTTP 302
https://suuperstore.ycan.shop/ Page URL
-
https://suuperstore.ycan.shop/cdn-cgi/phish-bypass?atok=_9JOXCw6kH9VhZH_6v_hFmufJnAfEtlYMG4TnyV7yII-169229...
HTTP 301
https://suuperstore.ycan.shop/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://email.organizations.helpcrunch-mail.com/c/eJxMzUGOhSAMANDTwNJQwEIXLGbjPUqp0eT_rwGdjLef7T_BawVXYNuON--fIvw-tdf70W61AJKjGJJzdiuMeWasxNh4jjVCRmL1sIrGilXsXpqnIBQ9q8tSAwDBnDFAWilkTuIoueSzmOi-oVfZruscJvwYvxi_jPs-tY_r6Do9wp9pbMdp_GJ7uQZ33n_ZRNe6_ulr0nb_BwAA__-Dajzj
HTTP 302
https://suuperstore.ycan.shop/ Page URL
-
https://suuperstore.ycan.shop/cdn-cgi/phish-bypass?atok=_9JOXCw6kH9VhZH_6v_hFmufJnAfEtlYMG4TnyV7yII-1692290938-0-%2F
HTTP 301
https://suuperstore.ycan.shop/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://email.organizations.helpcrunch-mail.com/c/eJxMzUGOhSAMANDTwNJQwEIXLGbjPUqp0eT_rwGdjLef7T_BawVXYNuON--fIvw-tdf70W61AJKjGJJzdiuMeWasxNh4jjVCRmL1sIrGilXsXpqnIBQ9q8tSAwDBnDFAWilkTuIoueSzmOi-oVfZruscJvwYvxi_jPs-tY_r6Do9wp9pbMdp_GJ7uQZ33n_ZRNe6_ulr0nb_BwAA__-Dajzj HTTP 302
- https://suuperstore.ycan.shop/
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
suuperstore.ycan.shop/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cf.errors.css
suuperstore.ycan.shop/cdn-cgi/styles/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-exclamation.png
suuperstore.ycan.shop/cdn-cgi/images/ |
452 B 542 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
suuperstore.ycan.shop/ Redirect Chain
|
51 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 834 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
static4.youcan.shop/store-front/css/ |
279 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
async-api.30bd804e-1.236.0.min.js
js-agent.newrelic.com/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
860.03a8b7a5-1.236.0.min.js
js-agent.newrelic.com/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session-manager.2a64278a-1.236.0.min.js
js-agent.newrelic.com/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazy-feature-loader.2f55ce66-1.236.0.min.js
js-agent.newrelic.com/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
148.1a20d5fe-1.236.0.min.js
js-agent.newrelic.com/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page_view_event-aggregate.06482edd-1.236.0.min.js
js-agent.newrelic.com/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page_view_timing-aggregate.bd6de33a-1.236.0.min.js
js-agent.newrelic.com/ |
15 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metrics-aggregate.3dc53903-1.236.0.min.js
js-agent.newrelic.com/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jserrors-aggregate.49e41428-1.236.0.min.js
js-agent.newrelic.com/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax-aggregate.998ef92b-1.236.0.min.js
js-agent.newrelic.com/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session_trace-aggregate.83105561-1.236.0.min.js
js-agent.newrelic.com/ |
12 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page_action-aggregate.ac76d497-1.236.0.min.js
js-agent.newrelic.com/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spa-aggregate.e6b09d52-1.236.0.min.js
js-agent.newrelic.com/ |
20 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
ea963a9244
bam.eu01.nr-data.net/1/ |
40 B 466 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
ea963a9244
bam.eu01.nr-data.net/events/1/ |
24 B 350 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
ea963a9244
bam.eu01.nr-data.net/events/1/ |
24 B 350 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
ea963a9244
bam.eu01.nr-data.net/jserrors/1/ |
24 B 345 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| NREUM object| webpackChunkNRBA object| newrelic object| NRBA4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.suuperstore.ycan.shop/ | Name: __cf_mw_byp Value: _9JOXCw6kH9VhZH_6v_hFmufJnAfEtlYMG4TnyV7yII-1692290938-0-/ |
|
suuperstore.ycan.shop/ | Name: XSRF-TOKEN Value: eyJpdiI6ImM4b1psMThOVTFNTzVncDBqUE12Qmc9PSIsInZhbHVlIjoiMVJkeHRUcUFOWEJIdlwvMWlcLzJRYXhabU55U0VFbjVSVTljUFlTQms5QmF6d2NJTWc1NjVEYTFDcXRVSTdwV2RDIiwibWFjIjoiN2E5YWZkNGQwOTYyZGQ4NDA2ZDViNDliNmY1MjE4NGNmOWFhZmFkNTBiYmQ2Njg3ZTM1OTU0M2U4NzkzZTYxMiJ9 |
|
suuperstore.ycan.shop/ | Name: youcan_session Value: eyJpdiI6InVcL2l0YlNJYW5JSVJLRnQ1VmJpZ1RRPT0iLCJ2YWx1ZSI6IjQzYVFGOU9XNVBiODFjclMrcHRcL2VHdTZHTHpPdE4yMGRGMEVtTDRcL243STZDNTVBVnV5TjBCanZ6QXZCbVhcL2siLCJtYWMiOiIzMzVhOTM0MTYxOWY3Y2M3OTBmMTVlYzVhNjhjOTUxNjdhZmFjOGVhMzAwZmZiYzNkZmQ5NTg2OTNjYWRhMmMzIn0%3D |
|
.youcan.shop/ | Name: __cf_bm Value: QSgJbm8Ud.QHY0iRlfZBmXoDg1h4Sium5hQdatEJnYk-1692290943-0-AawALm4RA6lV1qq5Hjtvke8W01pA5+ClCKdIbd2GDFAgBJPJRm3QCafefbCKQuFjfAnWOkyAMWtbgC/T7NpUh/E= |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam.eu01.nr-data.net
email.organizations.helpcrunch-mail.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
static4.youcan.shop
suuperstore.ycan.shop
151.101.2.137
185.221.87.23
2606:4700:21::681b:c959
2606:4700::6812:1c3e
2a00:1450:4001:812::2003
2a00:1450:4001:82f::200a
34.111.99.212
0b09c565baa3b8d3de7ea5b132e22c0ed1bb8943ae83d1bff9421e62ae8d8800
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
11b4a5f186edf838f6e951559bef8aa85c686a83e0a226c5a82622da95e54307
167c7894014a33b184a658a4883c24c20bbd158dc04b7fef709f80a4bca6a7d1
1c471c6fc9d9a9fa7dc03a1c6dcd9cf44eaa563a1dfbef900c4fea8dfc7b4379
1ee3b01bb3d5eae645f709937da0cf47f56ab030a3df83cb06555a354a70551c
38068c6216d8cd0ebd227e767dea7b85b17c68ee40a2b32c20cb879ea225d274
3e89824dcd4a1d958c6972134bfc50e0c8e4a76d6b47569d14fd7cba455c1f7f
5b2f518b16af2ea31caddc3a440ec626ea710ba6f59485d227e7963fa8c2449d
6dc5a41a72f6c1b4148d0629284183a4db42a28fef188ff4d55d5872d0ea3561
7662bd2cb7034d86dc4bdb707af33dd9ca3198a95d392067ee3c0c9ffaffdf0e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5
d0d7c9c8e398100c60b41833292522f27b1e6b12c057442536ff98995d90f08c
d9bafbaa07911d0596a806a1177da26c107f735052d28603bc5eb8fa0dc63b55
e20bc2541e5ff4b58a2f0885ca65b14625f6e901f9a3e5f56ddb679b81f74c77
f1249e3503b8a12598e09882e9ded38155ac212298143dec459ce6820c6d3f37
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
fa44ba5620fc182eb36d66b9dea560edeb23af9c3104647e39e2a4d3fabcf8cd
fcb70cd5b8090d9144eeef2f1665608ee4fa67dab1fd167f49af074a42b9101e