www.trailershopper.com
Open in
urlscan Pro
2606:4700:20::ac43:46f4
Malicious Activity!
Public Scan
Submission Tags: phishing malicious Search All
Submission: On August 10 via api from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 21st 2020. Valid for: a year.
This is the only time www.trailershopper.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPal (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 2606:4700:20:... 2606:4700:20::ac43:46f4 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:84e5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:815::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:816::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:814::200e | 15169 (GOOGLE) (GOOGLE) | |
15 | 5 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
trailershopper.com
www.trailershopper.com |
169 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
1 |
googleapis.com
ajax.googleapis.com |
33 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
34 KB |
1 |
cloudflare.com
ajax.cloudflare.com |
4 KB |
15 | 5 |
Domain | Requested by | |
---|---|---|
10 | www.trailershopper.com |
www.trailershopper.com
ajax.cloudflare.com |
2 | www.google-analytics.com |
www.googletagmanager.com
|
1 | ajax.googleapis.com |
ajax.cloudflare.com
|
1 | www.googletagmanager.com |
www.trailershopper.com
|
1 | ajax.cloudflare.com |
www.trailershopper.com
|
15 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
trailershopper.com Cloudflare Inc ECC CA-3 |
2020-07-21 - 2021-07-21 |
a year | crt.sh |
cloudflare.com Cloudflare Inc ECC CA-3 |
2020-07-04 - 2021-07-04 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.trailershopper.com/-/d84334ce26902fe1422302c54f400151/Up-dating.php?country.x=-&ACCT.x=ID-PPL=PA324173.245.54.167=ScrPg=39cefba752f1079056416f60f56bf8e3d2449d8912918f6eee3f68d4aa303026S=
Frame ID: 5BAC3CF80156B4FF0A3BEB87EFB7E3A2
Requests: 15 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Up-dating.php
www.trailershopper.com/-/d84334ce26902fe1422302c54f400151/ |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JYS377Wye3o_o7JbdppvrqdhkMk.js
www.trailershopper.com/cdn-cgi/apps/head/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appSuperBowl.css
www.trailershopper.com/-/d84334ce26902fe1422302c54f400151/imcs_files/ |
145 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
87 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bck.jpeg
www.trailershopper.com/-/d84334ce26902fe1422302c54f400151/imcs_files/ |
45 KB 45 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lg.svg
www.trailershopper.com/-/d84334ce26902fe1422302c54f400151/imcs_files/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scs.png
www.trailershopper.com/-/d84334ce26902fe1422302c54f400151/imcs_files/ |
16 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
psr.woff
www.trailershopper.com/-/d84334ce26902fe1422302c54f400151/imcs_files/ |
46 KB 46 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lgerr.png
www.trailershopper.com/-/d84334ce26902fe1422302c54f400151/imcs_files/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scf.png
www.trailershopper.com/-/d84334ce26902fe1422302c54f400151/imcs_files/ |
27 KB 27 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.maskedinput.js
www.trailershopper.com/-/d84334ce26902fe1422302c54f400151/imcs_files/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ |
95 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 98 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPal (Financial)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| Eager object| CloudflareApps object| dataLayer object| __cfQR object| google_tag_manager function| $ function| jQuery object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| __cfRLUnblockHandlers object| gaplugins object| gaGlobal object| gaData5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.trailershopper.com/ | Name: _gid Value: GA1.2.696238294.1597073125 |
|
.trailershopper.com/ | Name: _ga Value: GA1.2.67029294.1597073125 |
|
.trailershopper.com/ | Name: _gat_gtag_UA_449874_1 Value: 1 |
|
www.trailershopper.com/ | Name: PHPSESSID Value: ipth70r8nq5qltorf7gu4bgeu5 |
|
.trailershopper.com/ | Name: __cfduid Value: d535df0322641728bea54d0b3126248491597073124 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15552000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.cloudflare.com
ajax.googleapis.com
www.google-analytics.com
www.googletagmanager.com
www.trailershopper.com
2606:4700:20::ac43:46f4
2606:4700::6810:84e5
2a00:1450:4001:814::200e
2a00:1450:4001:815::2008
2a00:1450:4001:816::200a
1465b2e8eb7bb4ca513ea18d0dea5a733de770a5d4e6e03d9dd13a61e40fe26f
1e8895621d8f78f1f885ebda29a622ab5820fa6ffa8efc00c7c4500ec6c391da
65148361a255690a84a60d72043888379b1954a1b3a2a7b3d49aa0e98ddb803f
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a3737f1f882870dc4f93eb3f4a31ed3c66f4a469cbd5ee1330c59d07e2f363c
96102fa4969bdf10db1779be16f04403ace8072229efee29b5577b7d672ad0c3
a2a30dfced87a6335dbd3a11a68b4ef652959975218933bccd68ea5fd6589880
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
e2f2f4b041eb156be09460919b7ceb6e9a8c5ecaa8a77518157c2949afa6c0b6
e35c57fad02017983d4261c8d65697ec8b312a2a19127cb93f92d1eca6408015
e537fa536f691fd94333fb8d440ef56448bfe08361a6580adc928deeb948ebac
e8cf5c96e64ae411c10645577b122af9ae5d842f94eec76f7ff0c21a91145faa
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955