secondhandtires.shop
Open in
urlscan Pro
2606:4700:3033::6815:2ab9
Malicious Activity!
Public Scan
Effective URL: https://secondhandtires.shop/?encoded_value=24QSBG&sub1=d2d1fbb1d8c343dca5a0c555ee3d7bd2&sub2=&sub3=&sub4=&sub5=
Submission: On August 22 via manual from US — Scanned from US
Summary
TLS certificate: Issued by E1 on August 12th 2022. Valid for: 3 months.
This is the only time secondhandtires.shop was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 69.64.39.147 69.64.39.147 | 30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC) | |
1 1 | 181.214.242.99 181.214.242.99 | 61317 (ASDETUK w...) (ASDETUK www.heficed.com) | |
1 1 | 34.117.79.165 34.117.79.165 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 23 | 2606:4700:303... 2606:4700:3033::6815:2ab9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3033::6815:3f36 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 2606:4700:303... 2606:4700:3033::ac43:d0cb | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
28 | 3 |
ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: eagle714.startdedicated.com
frelabfdh.com |
ASN61317 (ASDETUK www.heficed.com, GB)
PTR: ohone.guyagents.com
www.randolinks2.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 165.79.117.34.bc.googleusercontent.com
www.lpredirect.com |
ASN13335 (CLOUDFLARENET, US)
trk-consulatu.com | |
event.trk-consulatu.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
secondhandtires.shop
1 redirects
secondhandtires.shop |
5 MB |
5 |
trk-consulatu.com
trk-consulatu.com — Cisco Umbrella Rank: 29936 event.trk-consulatu.com — Cisco Umbrella Rank: 89231 |
3 KB |
1 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 941 |
427 KB |
1 |
lpredirect.com
1 redirects
www.lpredirect.com — Cisco Umbrella Rank: 799328 |
460 B |
1 |
randolinks2.com
1 redirects
www.randolinks2.com |
580 B |
1 |
frelabfdh.com
1 redirects
frelabfdh.com |
322 B |
28 | 6 |
Domain | Requested by | |
---|---|---|
23 | secondhandtires.shop |
1 redirects
secondhandtires.shop
|
4 | event.trk-consulatu.com |
trk-consulatu.com
|
1 | trk-consulatu.com |
secondhandtires.shop
|
1 | use.fontawesome.com |
secondhandtires.shop
|
1 | www.lpredirect.com | 1 redirects |
1 | www.randolinks2.com | 1 redirects |
1 | frelabfdh.com | 1 redirects |
28 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.secondhandtires.shop E1 |
2022-08-12 - 2022-11-10 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-06 - 2023-06-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://secondhandtires.shop/?encoded_value=24QSBG&sub1=d2d1fbb1d8c343dca5a0c555ee3d7bd2&sub2=&sub3=&sub4=&sub5=
Frame ID: 8DC9F947DFCB5E5ED508FF96FCCB4E90
Requests: 26 HTTP requests in this frame
Screenshot
Page Title
Lowe's - Survey RewardsPage URL History Show full URLs
-
http://frelabfdh.com/2379613lR6123628OA275728431QQ10167lF1xEr161831bO
HTTP 302
https://www.randolinks2.com/6GDBW3D/X9JGQTN/?sub1=2379613&sub2=16b-2379613-6123628-161831-10167-275728431 HTTP 302
https://www.lpredirect.com/24QSBG/CP3ZLBS/?source_id=3379&sub1=d2d1fbb1d8c343dca5a0c555ee3d7bd2 HTTP 302
https://secondhandtires.shop/9kCXyjrDZl/?encoded_value=24QSBG&sub1=d2d1fbb1d8c343dca5a0c555ee3d7bd2&sub2=... HTTP 302
https://secondhandtires.shop/?encoded_value=24QSBG&sub1=d2d1fbb1d8c343dca5a0c555ee3d7bd2&sub2=&sub3=&sub4... Page URL
Detected technologies
animate.css (Web Frameworks) ExpandDetected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://frelabfdh.com/2379613lR6123628OA275728431QQ10167lF1xEr161831bO
HTTP 302
https://www.randolinks2.com/6GDBW3D/X9JGQTN/?sub1=2379613&sub2=16b-2379613-6123628-161831-10167-275728431 HTTP 302
https://www.lpredirect.com/24QSBG/CP3ZLBS/?source_id=3379&sub1=d2d1fbb1d8c343dca5a0c555ee3d7bd2 HTTP 302
https://secondhandtires.shop/9kCXyjrDZl/?encoded_value=24QSBG&sub1=d2d1fbb1d8c343dca5a0c555ee3d7bd2&sub2=&sub3=&sub4=&sub5= HTTP 302
https://secondhandtires.shop/?encoded_value=24QSBG&sub1=d2d1fbb1d8c343dca5a0c555ee3d7bd2&sub2=&sub3=&sub4=&sub5= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
secondhandtires.shop/ Redirect Chain
|
27 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
secondhandtires.shop/css/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
animate.min.css
secondhandtires.shop/css/ |
70 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
use.fontawesome.com/releases/v5.15.4/js/ |
1 MB 427 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
datehead.js
secondhandtires.shop/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo111.png
secondhandtires.shop/images/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
flaglogo.png
secondhandtires.shop/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
product111.png
secondhandtires.shop/images/ |
554 KB 555 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loadingBL.gif
secondhandtires.shop/images/ |
122 KB 122 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
prize111.png
secondhandtires.shop/images/ |
563 KB 564 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
prize222.png
secondhandtires.shop/images/ |
596 KB 596 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1.jpg
secondhandtires.shop/images/ |
45 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2.jpg
secondhandtires.shop/images/ |
48 KB 48 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
comm_pic_1.jpg
secondhandtires.shop/images/ |
110 KB 110 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3.jpg
secondhandtires.shop/images/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4.jpg
secondhandtires.shop/images/ |
38 KB 38 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
comm_pic_2.jpg
secondhandtires.shop/images/ |
105 KB 106 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5.jpg
secondhandtires.shop/images/ |
36 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f_guarantee.png
secondhandtires.shop/images/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f_secure_1.png
secondhandtires.shop/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo222.png
secondhandtires.shop/images/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
script.js
secondhandtires.shop/js/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64d5p99gj0
trk-consulatu.com/scripts/push/script/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg.png
secondhandtires.shop/images/ |
2 MB 2 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
w6g0r1m9g9
event.trk-consulatu.com/register/event_log/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
w6g0r1m9g9
event.trk-consulatu.com/register/event_log/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
w6g0r1m9g9
event.trk-consulatu.com/register/event_log/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
w6g0r1m9g9
event.trk-consulatu.com/register/event_log/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)36 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| datehax function| datenhax function| startTimer function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore object| answers number| lastQnum function| toNext object| states object| dones object| loadImg object| loadBgCol function| drawloader object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.lpredirect.com/ | Name: uniqueClick_CP3ZLBS Value: d164fa0e-0632-4744-ac54-b8a07d17bbbb:1661151672 |
|
www.lpredirect.com/ | Name: transaction_id Value: 70ec388212cf4c618d05fe07b45a1265 |
|
secondhandtires.shop/ | Name: SESSIONIDS Value: 9kCXyjrDZl |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
event.trk-consulatu.com
frelabfdh.com
secondhandtires.shop
trk-consulatu.com
use.fontawesome.com
www.lpredirect.com
www.randolinks2.com
181.214.242.99
2606:4700:3033::6815:2ab9
2606:4700:3033::6815:3f36
2606:4700:3033::ac43:d0cb
34.117.79.165
69.64.39.147
062ff5a0d641168bd425298eb1ace448e1be8ff48b717b0a6a20a71f472ed501
204928c8b1cbaf5a3e846e0616dbb17af95a0fbe4846008c1b1f771620114b33
32444886364c971cff1c32a7f2b0a81ec06c739cc5a1780dc8c26bfd39d2a447
353e9e14440d05af0181aee1ceb4a0b0e091a22bf89a4803b1ea03b3d48b0eed
3e5737a7a9e0d9588443dd20d2c4cda5034ee79b4caf2d2d61daa8a811196d64
4dc3dee36cf0fc726c067ca3d3bd4b45d61fd792a6d6fdfc37e2c54926f7c11c
5ad5bd099d689f88b1c58738c78f2c7712273998ea0c6ef573f4f18a5a337236
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
692052f7f9245c533f3992b96572ac8319f1f67ecbcc5bbbd448993f6a588714
7adaa61a7c4af234f37f7ae615155c6a4faf6c11502504b2173af13bf0a0a28b
7c03afc2bad8a241e1bf0c1f12e67f938815324a3fe3db4d24a2ae3f4a587605
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
8e7dc85c3520478d73fe61832297fec8e37955e03ee8a87108030f50582841fe
951d735da6fce8ac856d8a8f06d6a4db3251e51f70025d3e921480d3f0be4886
97f1f1f9ff6bdb029e73c650e155e51f36335e5e86ac689e940a30bbcebfcca7
9e9bbedfaa2672c8571090a8792708973ad08ce37629b559ecd90df48269c980
a1713fcdfdf4715b08d5a6275e3b5a170cb38ec4c37414c25ac281402a2d315d
b85935d48c33420a7fc35e138566c62558bc493455764c4f56ee31fb51d778ec
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
d7be9e8a2a42c6296ec989ea3cdafbc1f145eb8169c3b40ee634996b9f2c7ec8
e92fc3a43649a41c12d3fcaa78afc7c869d974ee5d62714dd3beb24d86ac057b
eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43
f4b43e4e3ff83c5632d2d4f95bb6427cc0f55125b1459a048881a25f4d93cad4