dealsanddizzzcountstore.shop
Open in
urlscan Pro
188.114.97.3
Malicious Activity!
Public Scan
Effective URL: https://dealsanddizzzcountstore.shop/?encoded_value=279768Q&sub1=5d2e327fda674156b47b381c5db1c296&sub2=&sub3=&sub4=&sub5=16801&source...
Submission: On July 19 via manual from GB — Scanned from GB
Summary
TLS certificate: Issued by WE1 on June 18th 2024. Valid for: 3 months.
This is the only time dealsanddizzzcountstore.shop was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 52.216.9.181 52.216.9.181 | 16509 (AMAZON-02) (AMAZON-02) | |
2 28 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 82.131.160.168 82.131.160.168 | 12301 (INVITECH) (INVITECH) | |
1 1 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3036::6815:1b98 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
28 | 3 |
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN13335 (CLOUDFLARENET, US)
hautgame.com | |
dealsanddizzzcountstore.shop | |
trk-consulatu.com | |
event.trk-consulatu.com |
ASN12301 (INVITECH, HU)
PTR: omc2-ird-word.taskmass.com
www.extensivelead.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
dealsanddizzzcountstore.shop
1 redirects
dealsanddizzzcountstore.shop |
2 MB |
4 |
trk-consulatu.com
trk-consulatu.com — Cisco Umbrella Rank: 116157 event.trk-consulatu.com — Cisco Umbrella Rank: 262105 |
3 KB |
1 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1950 |
426 KB |
1 |
route2content.com
1 redirects
www.route2content.com |
851 B |
1 |
extensivelead.com
1 redirects
www.extensivelead.com |
640 B |
1 |
hautgame.com
1 redirects
hautgame.com |
582 B |
1 |
amazonaws.com
s3.amazonaws.com |
547 B |
28 | 7 |
Domain | Requested by | |
---|---|---|
23 | dealsanddizzzcountstore.shop |
1 redirects
s3.amazonaws.com
dealsanddizzzcountstore.shop |
3 | event.trk-consulatu.com |
trk-consulatu.com
|
1 | trk-consulatu.com |
dealsanddizzzcountstore.shop
|
1 | use.fontawesome.com |
dealsanddizzzcountstore.shop
|
1 | www.route2content.com | 1 redirects |
1 | www.extensivelead.com | 1 redirects |
1 | hautgame.com | 1 redirects |
1 | s3.amazonaws.com | |
28 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
s3.amazonaws.com Amazon RSA 2048 M01 |
2024-05-25 - 2025-05-02 |
a year | crt.sh |
dealsanddizzzcountstore.shop WE1 |
2024-06-18 - 2024-09-16 |
3 months | crt.sh |
use.fontawesome.com Cloudflare Inc ECC CA-3 |
2023-10-12 - 2024-10-10 |
a year | crt.sh |
trk-consulatu.com WE1 |
2024-06-20 - 2024-09-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://dealsanddizzzcountstore.shop/?encoded_value=279768Q&sub1=5d2e327fda674156b47b381c5db1c296&sub2=&sub3=&sub4=&sub5=16801&source_id=1621&ip=5.187.21.105&domain=www.route2content.com
Frame ID: EC863DFE369E6EFEA8CEC5EE4369FED1
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
Screwfix - Survey RewardsPage URL History Show full URLs
- https://s3.amazonaws.com/xcvzfdsadfeeeew/zxcvddsfa.html?134260696373245009825062838498855579643675687... Page URL
-
https://hautgame.com/MVCcraTQGvIMTQkdVMTCQtAUONxsQa&4FqdtwCoEVs&128509/290/csoxekhdpu.home.php?sq...
HTTP 302
https://www.extensivelead.com/3LKKRHG/TTS55CC//?sub1=15&sub2=290-128509&sub3=1703-115816-257150 HTTP 302
https://www.route2content.com/37HF1RW/22Q8FG1L/?source_id=1621&sub1=5d2e327fda674156b47b381c5db1c296 HTTP 302
https://dealsanddizzzcountstore.shop/DCinqNgHoj/?encoded_value=279768Q&sub1=5d2e327fda674156b47b381c5db1c296&sub2... HTTP 302
http://dealsanddizzzcountstore.shop/?encoded_value=279768Q&sub1=5d2e327fda674156b47b381c5db1c296&sub2=&sub3=&sub... HTTP 307
https://dealsanddizzzcountstore.shop/?encoded_value=279768Q&sub1=5d2e327fda674156b47b381c5db1c296&sub2=&sub3=&sub... Page URL
Detected technologies
animate.css (Web Frameworks) ExpandDetected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://s3.amazonaws.com/xcvzfdsadfeeeew/zxcvddsfa.html?13426069637324500982506283849885557964367568760056810377 Page URL
-
https://hautgame.com/MVCcraTQGvIMTQkdVMTCQtAUONxsQa&4FqdtwCoEVs&128509/290/csoxekhdpu.home.php?sq=1703-115816&lk=257150-15&page=088
HTTP 302
https://www.extensivelead.com/3LKKRHG/TTS55CC//?sub1=15&sub2=290-128509&sub3=1703-115816-257150 HTTP 302
https://www.route2content.com/37HF1RW/22Q8FG1L/?source_id=1621&sub1=5d2e327fda674156b47b381c5db1c296 HTTP 302
https://dealsanddizzzcountstore.shop/DCinqNgHoj/?encoded_value=279768Q&sub1=5d2e327fda674156b47b381c5db1c296&sub2=&sub3=&sub4=&sub5=16801&source_id=1621&ip=5.187.21.105&domain=www.route2content.com HTTP 302
http://dealsanddizzzcountstore.shop/?encoded_value=279768Q&sub1=5d2e327fda674156b47b381c5db1c296&sub2=&sub3=&sub4=&sub5=16801&source_id=1621&ip=5.187.21.105&domain=www.route2content.com HTTP 307
https://dealsanddizzzcountstore.shop/?encoded_value=279768Q&sub1=5d2e327fda674156b47b381c5db1c296&sub2=&sub3=&sub4=&sub5=16801&source_id=1621&ip=5.187.21.105&domain=www.route2content.com Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
zxcvddsfa.html
s3.amazonaws.com/xcvzfdsadfeeeew/ |
153 B 547 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
/
dealsanddizzzcountstore.shop/ Redirect Chain
|
29 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
dealsanddizzzcountstore.shop/css/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
animate.min.css
dealsanddizzzcountstore.shop/css/ |
70 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
use.fontawesome.com/releases/v5.15.4/js/ |
1 MB 426 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
datehead.js
dealsanddizzzcountstore.shop/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
dealsanddizzzcountstore.shop/images/ |
40 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
flaglogo.png
dealsanddizzzcountstore.shop/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
product.png
dealsanddizzzcountstore.shop/images/ |
638 KB 638 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loadingBL.gif
dealsanddizzzcountstore.shop/images/ |
122 KB 122 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
prize1.png
dealsanddizzzcountstore.shop/images/ |
637 KB 638 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1.jpg
dealsanddizzzcountstore.shop/images/ |
44 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2.jpg
dealsanddizzzcountstore.shop/images/ |
37 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
comm_pic_1.jpg
dealsanddizzzcountstore.shop/images/ |
127 KB 127 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3.jpg
dealsanddizzzcountstore.shop/images/ |
43 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4.jpg
dealsanddizzzcountstore.shop/images/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
comm_pic_2.jpg
dealsanddizzzcountstore.shop/images/ |
138 KB 139 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5.jpg
dealsanddizzzcountstore.shop/images/ |
60 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f_guarantee.png
dealsanddizzzcountstore.shop/images/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f_secure_1.png
dealsanddizzzcountstore.shop/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo2.png
dealsanddizzzcountstore.shop/images/ |
40 KB 40 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
script.js
dealsanddizzzcountstore.shop/js/ |
10 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg.png
dealsanddizzzcountstore.shop/images/ |
303 KB 304 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
64d5p99gj0
trk-consulatu.com/scripts/push/script/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
dealsanddizzzcountstore.shop/ |
555 B 615 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
57dkxqm4ew
event.trk-consulatu.com/register/event_log/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
57dkxqm4ew
event.trk-consulatu.com/register/event_log/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
57dkxqm4ew
event.trk-consulatu.com/register/event_log/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| datehax function| datenhax function| datenhay function| startTimer object| answers number| lastQnum function| toNext object| states object| dones object| loadImg object| loadBgCol function| drawloader number| qn number| dsq object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| setAttributes3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.route2content.com/ | Name: uniqueClick_22Q8FG1L Value: 1729bc6b-9262-406b-9813-89193b06a991:1721414244 |
|
www.route2content.com/ | Name: transaction_id Value: 701b5a82718f4dd79ad0d8c553755b83 |
|
dealsanddizzzcountstore.shop/ | Name: SESSIONIDS Value: DCinqNgHoj |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dealsanddizzzcountstore.shop
event.trk-consulatu.com
hautgame.com
s3.amazonaws.com
trk-consulatu.com
use.fontawesome.com
www.extensivelead.com
www.route2content.com
188.114.96.3
188.114.97.3
2606:4700:3036::6815:1b98
52.216.9.181
82.131.160.168
1fd4dd85bf2b9ede02346e9c0b4f5ce340eb268519a23d4d7c7801433d028aad
37e5d12238df11751984a474ffc6e3120985605e4070d4db757995a36abdb7f7
37f08b72a8979b3faed73629ede662e40c80f4d22b6d9b807368d02387e82b2b
39bc98e43872c16e00c92f31b343408945848ac063ada988d710042cf383f3a9
3bb4a1f4f62ef227c42c8a379c8e3fec9a3246554b5417647c7763cc15c869b7
49daeee75a844be2792d54e31e60eb3a37d1b97f16f9d9fbca9cc676c7ec0cfd
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
7efe3233a8511d2101e189628413af3f29eaa8ac39bb75dcff1c9ccaa18905c8
80f1d5b833c2bca3d6ff96e7b81d7c11f9e3ca57a042b3e694c582a5cafca0d7
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
a07aa6743e1e91a1e8061bea712f4304796b324cb956a8307ef07539af9dcc40
a1713fcdfdf4715b08d5a6275e3b5a170cb38ec4c37414c25ac281402a2d315d
acd5297abee4b6b5ba2a06d2e654c9daa71ec632de8de03a8eec76ce7bfb603d
b84a547ed660d196d21ca1106da9afb6d904d816c503c77831eab207003ced65
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
d5d39ce001acdaf38d616426bdf204532d35e047b19ac0eeea37465abec34123
d62dcdb3449970f612971eb8e27a20fc132fa439ebfafae9d1e969c70359ab32
da42c1256474532f52dc145cd284792ae7c3b67a6268e48d257f365a71570854
dff1432e4d6f806a479bc504c44d4d14673b1096e036f4063fc390983912ae7a
e095b91cc9a20149cef660cd11b5ea0dfb7b13b511d2841913984bf78354740b
e209d6d6e97cb95d6246e176f50383d75b0ea94345c7cc1c0777e178935db3c5
ff9dba0dfe890056d1ee3df853a083972181663bf2ba98ba8415aa46732fad86
ffbf3817a31d27e532fa0342a1aa84c53eb079d37344c67a5b217bf6deeb6f61