bestconsumerchoice.com
Open in
urlscan Pro
2606:4700:30::681f:5ea2
Malicious Activity!
Public Scan
Effective URL: http://bestconsumerchoice.com/ph/s1/?k=15b8732219bf47b607&uclick=8wiby98n
Submission: On November 08 via manual from PH
Summary
This is the only time bestconsumerchoice.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 185.211.246.2 185.211.246.2 | 202984 (TEAM-HOST AS) (TEAM-HOST AS) | |
1 1 | 18.200.180.197 18.200.180.197 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
11 | 2606:4700:30:... 2606:4700:30::681f:5ea2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
11 | 1 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-200-180-197.eu-west-1.compute.amazonaws.com
track.click999.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
bestconsumerchoice.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
bestconsumerchoice.com
bestconsumerchoice.com |
284 KB |
1 |
click999.com
1 redirects
track.click999.com |
220 B |
1 |
5ag.us
1 redirects
5ag.us |
281 B |
11 | 3 |
Domain | Requested by | |
---|---|---|
11 | bestconsumerchoice.com |
bestconsumerchoice.com
|
1 | track.click999.com | 1 redirects |
1 | 5ag.us | 1 redirects |
11 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
track.click999.com |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://bestconsumerchoice.com/ph/s1/?k=15b8732219bf47b607&uclick=8wiby98n
Frame ID: 1C272B9B5DEEDFE0AF0F74C218A017CA
Requests: 11 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://5ag.us/dkoss
HTTP 302
https://track.click999.com/go.php?id=hhwdlaynpuncal3tgtqx HTTP 302
http://bestconsumerchoice.com/ph/s1/?k=15b8732219bf47b607&uclick=8wiby98n Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: CONFIRM DETAILS HERE
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://5ag.us/dkoss
HTTP 302
https://track.click999.com/go.php?id=hhwdlaynpuncal3tgtqx HTTP 302
http://bestconsumerchoice.com/ph/s1/?k=15b8732219bf47b607&uclick=8wiby98n Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
bestconsumerchoice.com/ph/s1/ Redirect Chain
|
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lander.min.css
bestconsumerchoice.com/ph/s1/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
bestconsumerchoice.com/ph/s1/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
product.png
bestconsumerchoice.com/ph/s1/ |
86 KB 86 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
amazon.png
bestconsumerchoice.com/ph/s1/ |
36 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
low.png
bestconsumerchoice.com/ph/s1/ |
35 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
bestconsumerchoice.com/ph/s1/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.1.4.min.js
bestconsumerchoice.com/ph/s1/ |
82 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.min.js
bestconsumerchoice.com/ph/s1/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff2
bestconsumerchoice.com/ph/s1/ |
65 KB 66 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.min.js
bestconsumerchoice.com/ph/m3_assets/3/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| downloadJSAtOnload function| $ function| jQuery function| startCheck function| changeBubble function| addNumber function| showMessage function| displayMessage function| showAllMessages string| data_1 string| data_2 string| data_3 object| firstQ number| t object| messages1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bestconsumerchoice.com/ | Name: __cfduid Value: d3d25c109fce425faa1bf0fe373f656381573193808 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
5ag.us
bestconsumerchoice.com
track.click999.com
18.200.180.197
185.211.246.2
2606:4700:30::681f:5ea2
0df735e960036a9b93b8131bdfa2c5e761629e74966131437d12a08a2ebb629b
1e58e2645d7ea1770f7b9c78f47f06dd8a9fc8eedc769e662e740397df8998b2
4a82eb0c48225c658a4440fc4b0dfa01c4c70eba1bdb71c1dc9e34338b6aa68f
6cc73dd5ec63339df197bda69edfb7c91abf3e47e6e63bdd9dff9b8a9c38e9ef
92191d8e8e3fa03c6fe606a3be06493e160e0db2bcbf2ddbac14e582bdbf14e0
a705dd23b75e824b4e8118a38ed5ed50e03678f72ccee1bbb9cb394f565035d8
c91328144122a2b3196a7aa5379fc26e2be6015342f9fd1b40d63763b01c198a
cbad2f9e5ea3a674c7b98cb2a362d5e405f2dfc61f9af08b6d58b56dd7d10735
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995