topfasttrack.com
Open in
urlscan Pro
2606:4700:3030::ac43:9cde
Malicious Activity!
Public Scan
Effective URL: https://topfasttrack.com/usipstnt/index.html?session=c3458ac23c7bb1c51c2833db05d65009&fluxf=1884287078223761209&fluxffn=1...
Submission: On June 01 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on April 27th 2023. Valid for: 3 months.
This is the only time topfasttrack.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Tracking (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3030::ac43:ce1d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 2606:4700:303... 2606:4700:3035::ac43:da60 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 2606:4700:303... 2606:4700:3030::ac43:9cde | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
17 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
topfasttrack.com
topfasttrack.com |
445 KB |
3 |
your-choice-center.com
your-choice-center.com |
113 KB |
2 |
allllcshop.com
1 redirects
allllcshop.com |
2 KB |
1 |
all-diti-now.com
1 redirects
www.all-diti-now.com |
770 B |
17 | 4 |
Domain | Requested by | |
---|---|---|
13 | topfasttrack.com |
topfasttrack.com
|
3 | your-choice-center.com |
topfasttrack.com
your-choice-center.com |
2 | allllcshop.com | 1 redirects |
1 | www.all-diti-now.com | 1 redirects |
17 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
allllcshop.com GTS CA 1P5 |
2023-05-30 - 2023-08-28 |
3 months | crt.sh |
topfasttrack.com GTS CA 1P5 |
2023-04-27 - 2023-07-26 |
3 months | crt.sh |
your-choice-center.com GTS CA 1P5 |
2023-05-24 - 2023-08-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://topfasttrack.com/usipstnt/index.html?session=c3458ac23c7bb1c51c2833db05d65009&fluxf=1884287078223761209&fluxffn=1884289810806006572&ffdomain=allllcshop.com&category=default&firstname=&surname=
Frame ID: 0DE9180BB8C80E32021E1F12B20AF489
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
IPS - Delivery pending.Page URL History Show full URLs
-
https://www.all-diti-now.com/cmp/7Z82H/P6QLHR/?source_id=875&sub2=310293909
HTTP 302
https://allllcshop.com/?flux_fts=tooiqoczcoqqxcptqzaetpqpooqtaocxptptltx24812&nrp=cb2bad06026140d29... HTTP 307
https://allllcshop.com/go/usipstnt/index.html?session=c3458ac23c7bb1c51c2833db05d65009&fluxf=188428... Page URL
- https://topfasttrack.com/usipstnt/index.html?session=c3458ac23c7bb1c51c2833db05d65009&fluxf=188428707... Page URL
Detected technologies
Modernizr (JavaScript Libraries) ExpandDetected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.all-diti-now.com/cmp/7Z82H/P6QLHR/?source_id=875&sub2=310293909
HTTP 302
https://allllcshop.com/?flux_fts=tooiqoczcoqqxcptqzaetpqpooqtaocxptptltx24812&nrp=cb2bad06026140d29589e8c513a02d00&source=10-875&subid=10 HTTP 307
https://allllcshop.com/go/usipstnt/index.html?session=c3458ac23c7bb1c51c2833db05d65009&fluxf=1884287078223761209&fluxffn=1884289810806006572&ffdomain=allllcshop.com&category=default&firstname=&surname= Page URL
- https://topfasttrack.com/usipstnt/index.html?session=c3458ac23c7bb1c51c2833db05d65009&fluxf=1884287078223761209&fluxffn=1884289810806006572&ffdomain=allllcshop.com&category=default&firstname=&surname= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.all-diti-now.com/cmp/7Z82H/P6QLHR/?source_id=875&sub2=310293909 HTTP 302
- https://allllcshop.com/?flux_fts=tooiqoczcoqqxcptqzaetpqpooqtaocxptptltx24812&nrp=cb2bad06026140d29589e8c513a02d00&source=10-875&subid=10 HTTP 307
- https://allllcshop.com/go/usipstnt/index.html?session=c3458ac23c7bb1c51c2833db05d65009&fluxf=1884287078223761209&fluxffn=1884289810806006572&ffdomain=allllcshop.com&category=default&firstname=&surname=
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
index.html
allllcshop.com/go/usipstnt/ Redirect Chain
|
835 B 685 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.html
topfasttrack.com/usipstnt/ |
14 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
topfasttrack.com/usipstnt/index_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
courier.css
topfasttrack.com/usipstnt/index_files/ |
34 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
topfasttrack.com/usipstnt/js/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
topfasttrack.com/usipstnt/js/ |
1 KB 740 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
woodbar.js
topfasttrack.com/usipstnt/js/ |
1 KB 810 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.min.js.download
topfasttrack.com/usipstnt/index_files/ |
11 KB 11 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js.download
topfasttrack.com/usipstnt/index_files/ |
87 KB 88 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
svg4everybody.min.js.download
topfasttrack.com/usipstnt/index_files/ |
2 KB 2 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ips-logo.png
topfasttrack.com/usipstnt/index_files/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-box.svg
topfasttrack.com/usipstnt/index_files/ |
1 KB 958 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
courier-glass.gif
topfasttrack.com/usipstnt/index_files/ |
271 KB 271 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed.js
your-choice-center.com/ |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icons.svg
topfasttrack.com/icons/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
your-choice-center.com/pull/ |
4 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
81a2fb65-a74c-41b6-bb74-52e81878472d.png
your-choice-center.com/media/ |
103 KB 104 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Tracking (Transportation)28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery function| getURLParameter string| subid string| subid2 string| firstname string| surname string| city string| zipcode string| address string| phone string| mobile string| pid string| nrp string| ffdomain string| session string| fluxf string| fluxffn object| html5 object| Modernizr function| svg4everybody function| ActionRedirect function| plushLoaded function| Plush boolean| plushExecuted4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.all-diti-now.com/ | Name: uniqueClick_P6QLHR Value: 7ceedf44-13a2-42ab-977d-09f1e69a4c8a:1685655567 |
|
www.all-diti-now.com/ | Name: transaction_id Value: cb2bad06026140d29589e8c513a02d00 |
|
allllcshop.com/ | Name: PHPSESSID Value: c3458ac23c7bb1c51c2833db05d65009 |
|
allllcshop.com/ | Name: csid3 Value: c3458ac23c7bb1c51c2833db05d65009 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
allllcshop.com
topfasttrack.com
www.all-diti-now.com
your-choice-center.com
2606:4700:3030::ac43:9cde
2606:4700:3030::ac43:ce1d
2606:4700:3035::ac43:da60
2a06:98c1:3120::3
22553d3fee340f562247f26afe320aca088dfaa9d24bd9871914dee9f6e3ee40
2267ff03b9ce83c6329edaa3cc07da1cfd35d2c339f6474d109cc6966c1fd33b
4998c575b04766b5a62bf2a010afa5c1f7f1ba1b3dfda1b4f2089a754da0074c
5703fe44cc92bdfb2497c00bd59929ee9802095db54fbdfa34c3dab6cbc1972a
62f7ef6281d5e0db3f14298ca3707ee3a9f61d1ee85ac5fa5dade011eafb32e9
6575b6aa7cd10f1ea8d43bc8577c45afd3964d1d423c79c7c77d0dbf4ad136d3
8b6c20220ecd086165b14eb4607b367689812ef41d473789a65e99909c395be5
9837c0365ab8f0d0c21fe5a29701ab5eea341ccd63ebf0265a88dceacb14f59e
b0ae5d0c91c2fd19da8b2c8607c715bf5a325521ad050e3243f169d43af96a83
c4101b06c4f057e319ae6b4343f4a2870d2ac42b57f2c2871c1dd63b1d0c8f1c
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
e364c3d2e2701230231f9eb92079b7f18941c61b28e2e31e2e8793e45d69f14f
f751f479d1a8598c60b606558ef682b5b33867632010e9e92421b10e3ba72245
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e