delightsavingsfg.shop
Open in
urlscan Pro
104.21.78.23
Malicious Activity!
Public Scan
Effective URL: https://delightsavingsfg.shop/50/usa/?cep=4qkpo3wuzadyzbfpvukpo4k5apnxare63350keyc397b42050954465c328e28fe35404d8&cost=%7Bcpc%...
Submission: On April 02 via api from US — Scanned from US
Summary
TLS certificate: Issued by E1 on February 12th 2024. Valid for: 3 months.
This is the only time delightsavingsfg.shop was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Weightloss Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
34 | 104.21.78.23 104.21.78.23 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 151.101.195.52 151.101.195.52 | 54113 (FASTLY) (FASTLY) | |
3 | 104.21.87.97 104.21.87.97 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
38 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
34 |
delightsavingsfg.shop
delightsavingsfg.shop |
2 MB |
3 |
qsiaoxk.club
qsiaoxk.club |
1 KB |
1 |
staticfile.org
cdn.staticfile.org — Cisco Umbrella Rank: 74821 |
12 KB |
38 | 3 |
Domain | Requested by | |
---|---|---|
34 | delightsavingsfg.shop |
delightsavingsfg.shop
|
3 | qsiaoxk.club |
delightsavingsfg.shop
|
1 | cdn.staticfile.org |
delightsavingsfg.shop
|
38 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
qsiaoxk.club |
Subject Issuer | Validity | Valid | |
---|---|---|---|
delightsavingsfg.shop E1 |
2024-02-12 - 2024-05-12 |
3 months | crt.sh |
*.staticfile.net Sectigo RSA Domain Validation Secure Server CA |
2024-01-04 - 2025-01-03 |
a year | crt.sh |
qsiaoxk.club GTS CA 1P5 |
2024-02-18 - 2024-05-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://delightsavingsfg.shop/50/usa/?cep=4qkpo3wuzadyzbfpvukpo4k5apnxare63350keyc397b42050954465c328e28fe35404d8&cost=%7Bcpc%7D&c1=32937098&c2=3894099259&c3=cdn.taboola.com/libtrc/static/thumbnails/image_upscaler/eiu/fc72ad55-380e-426e-bf0a-694ce4bc449...~311~...iitjvjc65klydpmwqo0bk4juo7hzv1
Frame ID: 3F00C80E0E8175E215E7B2C6F61ABFED
Requests: 39 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://delightsavingsfg.shop/50/usa/?cep=4qkpo3wuzadyzbfpvukpo4k5apnxare63350keyc397b42050954465c328e28fe...
HTTP 307
https://delightsavingsfg.shop/50/usa/?cep=4qkpo3wuzadyzbfpvukpo4k5apnxare63350keyc397b42050954465c328e28fe... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
FingerprintJS (JavaScript libraries) Expand
Detected patterns
- fingerprint(\d)?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://delightsavingsfg.shop/50/usa/?cep=4qkpo3wuzadyzbfpvukpo4k5apnxare63350keyc397b42050954465c328e28fe35404d8&cost=%7Bcpc%7D&c1=32937098&c2=3894099259&c3=cdn.taboola.com/libtrc/static/thumbnails/image_upscaler/eiu/fc72ad55-380e-426e-bf0a-694ce4bc449...~311~...iitjvjc65klydpmwqo0bk4juo7hzv1
HTTP 307
https://delightsavingsfg.shop/50/usa/?cep=4qkpo3wuzadyzbfpvukpo4k5apnxare63350keyc397b42050954465c328e28fe35404d8&cost=%7Bcpc%7D&c1=32937098&c2=3894099259&c3=cdn.taboola.com/libtrc/static/thumbnails/image_upscaler/eiu/fc72ad55-380e-426e-bf0a-694ce4bc449...~311~...iitjvjc65klydpmwqo0bk4juo7hzv1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
delightsavingsfg.shop/50/usa/ Redirect Chain
|
378 KB 133 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
widgetly.css
delightsavingsfg.shop/50/usa/ |
2 KB 1006 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
animations125.css
delightsavingsfg.shop/50/usa/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
m=el_main_css.css
delightsavingsfg.shop/50/usa/ |
22 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fingerprint2.min.js
cdn.staticfile.org/fingerprintjs2/2.1.0/ |
29 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
md5.js
delightsavingsfg.shop/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.tools.min.js
delightsavingsfg.shop/ |
139 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles.css
delightsavingsfg.shop/50/usa/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-all.css
delightsavingsfg.shop/50/usa/ |
42 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.css
delightsavingsfg.shop/50/usa/ |
118 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo2.png
delightsavingsfg.shop/50/usa/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
embry_roberts_c43cb2d474b013848ceeb47e238b1b5c.jpg
delightsavingsfg.shop/50/usa/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
d1a8b44bfef0f403c2f0b1971614cfbe184df94c.png
delightsavingsfg.shop/50/usa/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
w0EVQOJ.jpg
delightsavingsfg.shop/50/usa/ |
72 KB 73 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f3UrJmd.jpg
delightsavingsfg.shop/50/usa/ |
174 KB 174 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7RNXLiQ.jpg
delightsavingsfg.shop/50/usa/ |
355 KB 356 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
XhANfS0.jpg
delightsavingsfg.shop/50/usa/ |
107 KB 108 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga28Mw4.png
delightsavingsfg.shop/50/usa/ |
427 KB 428 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
checkmark.png
delightsavingsfg.shop/50/usa/ |
334 B 812 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ctrack.php
qsiaoxk.club/track/ |
43 B 471 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
51v9S36.png
delightsavingsfg.shop/50/usa/ |
16 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
offer.jpg
delightsavingsfg.shop/50/usa/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
checkmark-green-sm.png
delightsavingsfg.shop/50/usa/ |
558 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
prof1.jpg
delightsavingsfg.shop/50/usa/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
prof2.jpg
delightsavingsfg.shop/50/usa/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
prof3.jpg
delightsavingsfg.shop/50/usa/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
prof5.jpg
delightsavingsfg.shop/50/usa/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
prof6.jpg
delightsavingsfg.shop/50/usa/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
prof7.jpg
delightsavingsfg.shop/50/usa/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
prof8.jpg
delightsavingsfg.shop/50/usa/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
prof9.jpg
delightsavingsfg.shop/50/usa/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
prof10.jpg
delightsavingsfg.shop/50/usa/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icons.png
delightsavingsfg.shop/50/usa/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ctrack.php
qsiaoxk.club/track/ |
43 B 433 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
121 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
delightsavingsfg.shop/50/usa/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mem8YaGs126MiZpBA-UFVZ0b.woff2
delightsavingsfg.shop/50/usa/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lp_timing.php
qsiaoxk.club/track/lib/ajax/ |
43 B 420 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
delightsavingsfg.shop/ |
548 B 562 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Weightloss Scam (Online)39 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onpagereveal function| AddToMvt string| _pkprefix string| lp_mvt object| PK function| getD function| Fingerprint2 number| hexcase string| b64pad number| chrsz function| hex_md5 function| b64_md5 function| str_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| str_hmac_md5 function| md5_vm_test function| core_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| core_hmac_md5 function| safe_add function| bit_rol function| str2binl function| binl2str function| binl2hex function| binl2b64 function| start object| dts string| gmtHours string| t14s string| t15s function| $ function| jQuery function| flashembed object| jQuery171060517147695976097 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
delightsavingsfg.shop/ | Name: fc_t_3350 Value: 1712019441_1712019441_1712019441_1712019441_1712019441 |
|
delightsavingsfg.shop/ | Name: fc_n_3350 Value: 1_1_1_1_1 |
|
delightsavingsfg.shop/ | Name: c Value: 2ppz49z12qz49z4i7z49z0 |
|
delightsavingsfg.shop/ | Name: k Value: 6821c318c5769a36d285b6df7a90e025 |
|
delightsavingsfg.shop/ | Name: lfc_t_5537_3350 Value: 1712019441_1712019441_1712019441_1712019441_1712019441 |
|
delightsavingsfg.shop/ | Name: lfc_n_5537_3350 Value: 1_1_1_1_1 |
|
delightsavingsfg.shop/ | Name: lpend Value: 0 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.staticfile.org
delightsavingsfg.shop
qsiaoxk.club
104.21.78.23
104.21.87.97
151.101.195.52
05f87bc265edbf1feccddecdf43ddf269c0ecaef41a62bc00bf45398ca61e6c6
1160be28ae721b5ea3401ed4c6772fd801f003ef4be3eb93d439d2ffd605446a
1cb5d9ce505a301b6312b9e73e8f4562f6f11f9f309f3258007ae8007abcd4ad
1e9bb7a0a20c2792defad6fd7efd5a3d18f5342d3f939215fd4e3b1a979e63c3
23ec77488c20f76e7ad21d16dd104b17a6035d6e2dbe8808bd92982a77806d1b
2b62c8908fb48952af157bab3c1848db233eec4da32d74ba1b81499fa2972612
31825b853e17fdd1f53cd0ad03626a9dd108418a0b91293a67d559d4563bbcbc
3827889924d07f993d68170712f9b9b7cdcfec067ca3fe8e0129bea947fa50ab
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
4ed2d5dcd5cb6f1803c65c39d11a26b96f0774e8a55cb688c9b3bbbcad89cce1
5c76a4d3272186c90b715ded5f78641c64c74a361005a52c69b53db717e53ca5
645635dfd01a8c596156e98ee695caab82308343abb63d4b8ddcad0a72efe66e
732a1cb89507ff2de309a1cb736c7411e51ef4c8448ab82f2b601a244ed10c91
79efc90c192b9ab4c65e920c9cefc1efac967ae3aec5da8bb7886e739c614dc7
7ebf0402ee62bae00a6ded482e97c47ed1cf74b9fa6a602fd4d57b376ddd539a
888dccfa93119ce00f9cc4764d37af91a95a3e55fbe1a4da510d4bcc579ddaba
8fcafa4baed240ede88cf787e6ca8c717089e08b29fdf14d7ddc3c9133c70e05
96d8addc621c177dd63b666d0272958c5e703d3ad73f546d3a38eb83075dcbca
97be738f670a6e8d51089b89a2298552859a8da1d353daffb39b2748675fa1b7
a424a3286e60c4ed4009c45a95398053c1be305f2044d44ca00af9a513e998bf
a9974612b1b94bbdf7bb5e144c4c91b42805f2d8b4fb092fd1f922b93655e67c
aa2b786c949753f7616ed37a1445aa8de89bb0a373a95140d6bf6a76a4d21520
aab8ebd7fb3b60142e7ab447cf11c19b781ea63fcd0981917783909061fd907c
ab0d6ca856c3af2377dc800b8e4866d86749ce277a87073df6c49eb1d02be767
adc1673711c18a8770805224a7c110405cb60a6e933d56f47a7b36585fe37fcc
b4e4d5cacdb143432581295a071d0bc3f4562710255f0b8fe2d26f0fa91be6bb
c172fd5a5d8f1e45f3812d946c554d5e2646cd250e94daf7ab793e2c6e2d7989
d0c6f8bdc47faa5aaaf28d985e467f904330ea91c5241e080f3faefa8a1a88f1
d0f3e0322d08c2adf38ea0c89564577f83a00be337efc6c8b2460df525947238
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d7a2c968a50856a34a2f1546018e14d0e0c46551bc6b9d5a6c8aeeb6a99198b1
e0b4e806d14a848b60771ce921ae209b40037f6f003fd7533c122aaa4d4d7fa2
e7d0fea989fc43137d0654a58537d2ef048125df3cd8db00556fda755a1a1b00
ebefc57b6c85e09c1470ba9e0b3043215c29a2f5c1fe6e43fbd08e43b3e3b60a
f1bcc0665dfcc57225fc283528b0e2bdfcbcd042aa71c27f02f9b1e28c4af36f