americanstoreshop.sbs
Open in
urlscan Pro
2606:4700:3032::6815:a79
Malicious Activity!
Public Scan
Effective URL: https://americanstoreshop.sbs/?encoded_value=6H42TQ&sub1=&sub2=378702869&sub3=&sub4=&sub5=21258&source_id=8592&ip=2001%3A4958%...
Submission: On November 04 via api from RU — Scanned from CA
Summary
TLS certificate: Issued by WE1 on October 11th 2024. Valid for: 3 months.
This is the only time americanstoreshop.sbs was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 169.47.130.84 169.47.130.84 | 36351 (SOFTLAYER) (SOFTLAYER) | |
2 2 | 35.240.19.90 35.240.19.90 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 1 | 2606:4700:303... 2606:4700:3033::ac43:da80 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 23 | 2606:4700:303... 2606:4700:3032::6815:a79 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3037::ac43:8ef5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3033::6815:5d7a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700:303... 2606:4700:3032::ac43:d1d6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
27 | 4 |
ASN36351 (SOFTLAYER, US)
PTR: 54.82.2fa9.ip4.static.sl-reverse.com
linkss.zaahir.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.19.240.35.bc.googleusercontent.com
whispeechless.com | |
salesandizings.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
americanstoreshop.sbs
1 redirects
americanstoreshop.sbs |
3 MB |
4 |
trk-consulatu.com
trk-consulatu.com — Cisco Umbrella Rank: 157217 event.trk-consulatu.com — Cisco Umbrella Rank: 275323 |
4 KB |
1 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1222 |
426 KB |
1 |
zebinera5.com
1 redirects
www.zebinera5.com |
1 KB |
1 |
salesandizings.com
1 redirects
salesandizings.com |
744 B |
1 |
whispeechless.com
1 redirects
whispeechless.com |
276 B |
1 |
zaahir.com
1 redirects
linkss.zaahir.com |
397 B |
27 | 7 |
Domain | Requested by | |
---|---|---|
23 | americanstoreshop.sbs |
1 redirects
americanstoreshop.sbs
|
3 | event.trk-consulatu.com |
trk-consulatu.com
|
1 | trk-consulatu.com |
americanstoreshop.sbs
|
1 | use.fontawesome.com |
americanstoreshop.sbs
|
1 | www.zebinera5.com | 1 redirects |
1 | salesandizings.com | 1 redirects |
1 | whispeechless.com | 1 redirects |
1 | linkss.zaahir.com | 1 redirects |
27 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
americanstoreshop.sbs WE1 |
2024-10-11 - 2025-01-09 |
3 months | crt.sh |
use.fontawesome.com WE1 |
2024-09-09 - 2024-12-09 |
3 months | crt.sh |
trk-consulatu.com WE1 |
2024-10-16 - 2025-01-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://americanstoreshop.sbs/?encoded_value=6H42TQ&sub1=&sub2=378702869&sub3=&sub4=&sub5=21258&source_id=8592&ip=2001%3A4958%3A1420%3A151%3A%3A221&domain=www.zebinera5.com
Frame ID: 4842706A7B59FC4FF739425CA68E9E47
Requests: 26 HTTP requests in this frame
Screenshot
Page Title
CAA - Survey RewardsPage URL History Show full URLs
-
http://linkss.zaahir.com/
HTTP 307
https://linkss.zaahir.com/ HTTP 307
http://linkss.zaahir.com/ HTTP 301
https://whispeechless.com/?a=8592&oc=21800&c=57835&p=r&m=3&s1=11&s2=1&s3=6 HTTP 302
https://salesandizings.com/?a=8592&oc=21800&c=57835&p=r&m=3&s1=11&s2=1&s3=6&ckmguid=2a82f99e-60d6-42ce-... HTTP 302
https://www.zebinera5.com/C1X4KG/2BM9SW7M/?sub2=378702869&source_id=8592 HTTP 302
https://americanstoreshop.sbs/bHAocs9TZjqsQg6tOqv-fAiZTJ8wyQvq5d/?encoded_value=6H42TQ&sub1=&sub2=37870286... HTTP 302
http://americanstoreshop.sbs/?encoded_value=6H42TQ&sub1=&sub2=378702869&sub3=&sub4=&sub5=21258&source_id=... HTTP 307
https://americanstoreshop.sbs/?encoded_value=6H42TQ&sub1=&sub2=378702869&sub3=&sub4=&sub5=21258&source_id=... Page URL
Detected technologies
animate.css (Web Frameworks) ExpandDetected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://linkss.zaahir.com/
HTTP 307
https://linkss.zaahir.com/ HTTP 307
http://linkss.zaahir.com/ HTTP 301
https://whispeechless.com/?a=8592&oc=21800&c=57835&p=r&m=3&s1=11&s2=1&s3=6 HTTP 302
https://salesandizings.com/?a=8592&oc=21800&c=57835&p=r&m=3&s1=11&s2=1&s3=6&ckmguid=2a82f99e-60d6-42ce-95ad-0eb0be8a7468 HTTP 302
https://www.zebinera5.com/C1X4KG/2BM9SW7M/?sub2=378702869&source_id=8592 HTTP 302
https://americanstoreshop.sbs/bHAocs9TZjqsQg6tOqv-fAiZTJ8wyQvq5d/?encoded_value=6H42TQ&sub1=&sub2=378702869&sub3=&sub4=&sub5=21258&source_id=8592&ip=2001%3A4958%3A1420%3A151%3A%3A221&domain=www.zebinera5.com HTTP 302
http://americanstoreshop.sbs/?encoded_value=6H42TQ&sub1=&sub2=378702869&sub3=&sub4=&sub5=21258&source_id=8592&ip=2001%3A4958%3A1420%3A151%3A%3A221&domain=www.zebinera5.com HTTP 307
https://americanstoreshop.sbs/?encoded_value=6H42TQ&sub1=&sub2=378702869&sub3=&sub4=&sub5=21258&source_id=8592&ip=2001%3A4958%3A1420%3A151%3A%3A221&domain=www.zebinera5.com Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
americanstoreshop.sbs/ Redirect Chain
|
28 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
americanstoreshop.sbs/css/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
animate.min.css
americanstoreshop.sbs/css/ |
70 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
use.fontawesome.com/releases/v5.15.4/js/ |
1 MB 426 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
datehead.js
americanstoreshop.sbs/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
americanstoreshop.sbs/images/ |
37 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
flaglogo.png
americanstoreshop.sbs/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
product.png
americanstoreshop.sbs/images/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loadingBL.gif
americanstoreshop.sbs/images/ |
122 KB 123 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
prize1.png
americanstoreshop.sbs/images/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1.jpg
americanstoreshop.sbs/images/ |
45 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2.jpg
americanstoreshop.sbs/images/ |
48 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
comm_pic_1.jpg
americanstoreshop.sbs/images/ |
117 KB 118 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3.jpg
americanstoreshop.sbs/images/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4.jpg
americanstoreshop.sbs/images/ |
38 KB 38 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
comm_pic_2.jpg
americanstoreshop.sbs/images/ |
101 KB 102 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5.jpg
americanstoreshop.sbs/images/ |
36 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f_guarantee.png
americanstoreshop.sbs/images/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f_secure_1.png
americanstoreshop.sbs/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo2.png
americanstoreshop.sbs/images/ |
32 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
script.js
americanstoreshop.sbs/js/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg.png
americanstoreshop.sbs/images/ |
319 KB 320 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
64d5p99gj0
trk-consulatu.com/scripts/push/script/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
americanstoreshop.sbs/ |
555 B 831 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
l8em33xxdk
event.trk-consulatu.com/register/event_log/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
l8em33xxdk
event.trk-consulatu.com/register/event_log/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
l8em33xxdk
event.trk-consulatu.com/register/event_log/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| datehax function| datenhax function| datenhay function| startTimer object| answers number| lastQnum function| toNext object| states object| dones object| loadImg object| loadBgCol function| drawloader number| qn number| dsq object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| setAttributes6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.salesandizings.com/ | Name: sq Value: nzhH5aulwgpyUryfDhStYJZUaGFiSAfeArg6jWatsWf+bPrYLlH+Pw== |
|
.salesandizings.com/ | Name: tym Value: Z5Crm6dlmZ/KF8CUCulZy5ZUaGFiSAfeArg6jWatsWf+bPrYLlH+Pw== |
|
.salesandizings.com/ | Name: c21748 Value: nzhH5aulwgo5xyBMeHMwqiSMIvgib6HUOw/wbA9FesrJg3XljgGEfg== |
|
www.zebinera5.com/ | Name: uniqueClick_2BM9SW7M Value: 80ac9fbe-14ce-4c20-afe4-fe193eb4ba71:1730751754 |
|
www.zebinera5.com/ | Name: transaction_id Value: a080cb0545a24821a349b2176344b864 |
|
americanstoreshop.sbs/ | Name: SESSIONIDS Value: bHAocs9TZjqsQg6tOqv-fAiZTJ8wyQvq5d |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
americanstoreshop.sbs
event.trk-consulatu.com
linkss.zaahir.com
salesandizings.com
trk-consulatu.com
use.fontawesome.com
whispeechless.com
www.zebinera5.com
169.47.130.84
2606:4700:3032::6815:a79
2606:4700:3032::ac43:d1d6
2606:4700:3033::6815:5d7a
2606:4700:3033::ac43:da80
2606:4700:3037::ac43:8ef5
35.240.19.90
204928c8b1cbaf5a3e846e0616dbb17af95a0fbe4846008c1b1f771620114b33
313eb235daf59ee15455ed3a78741e37a70e00d277889576f88e73646b2c094f
32444886364c971cff1c32a7f2b0a81ec06c739cc5a1780dc8c26bfd39d2a447
3e5737a7a9e0d9588443dd20d2c4cda5034ee79b4caf2d2d61daa8a811196d64
5a51d11c4d02584bf0822739c68891e279f22768f59aa1a5fe33cf29a8ff0a7c
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
624a7a5d76af17f419dc83d2d76da7169984a8c0aab3e6dcca44d65f1a3bda9c
67d10b66fc1de2cdc023dc1ec2ee2a3753a7da38965dbd51d2cf54b367678ec5
80facb7d5397102d769b65087c924d1813fedb37f611b9930192a9889e5bd230
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
8e7dc85c3520478d73fe61832297fec8e37955e03ee8a87108030f50582841fe
90112ffaad1dc25eda7d3a7ab452d009df19fda413e85422c7e9bd967a4f2102
a1713fcdfdf4715b08d5a6275e3b5a170cb38ec4c37414c25ac281402a2d315d
af286567b052673c5cc316009dcd8d3af56ed6af605d6dc6a8b010bde4d43cf0
ba2207c76354fea52955f22eb5c778857be502b966f2646b48cb458a56efb553
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c0acefaab37732f6979096afcc259d00ed81235bab3b723e592db986a98d1b75
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
cd64d193b13884349f3e9744957d10458ea4b5a8d709c03d1c4c8b4143965f87
d0483006a2791547e6ebf28167038c867b07a7a9d6a1e9aa2691a82c6e121a9e
d7be9e8a2a42c6296ec989ea3cdafbc1f145eb8169c3b40ee634996b9f2c7ec8
ddb46d2947b3d0d60a1c9129f66797dafa60b653b1d20d91d37cde0615e96308
e095b91cc9a20149cef660cd11b5ea0dfb7b13b511d2841913984bf78354740b
fceb0d068af15a9a7f7e1164b97f543a1755fcadfe95ca71dea2eb8dbd07be1d