159.89.176.73
Open in
urlscan Pro
159.89.176.73
Malicious Activity!
Public Scan
Submitted URL: http://trendygoodsshop.com/?utm_source=taboola&utm_medium=referral
Effective URL: http://159.89.176.73/
Submission: On May 02 via manual from US
Effective URL: http://159.89.176.73/
Submission: On May 02 via manual from US
Summary
This website contacted 6 IPs
in 2 countries
across 5 domains to perform 22 HTTP transactions.
The main IP is 159.89.176.73, located in
Vancouver, Canada and
belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US.
The main domain is 159.89.176.73.
This is the only time 159.89.176.73 was scanned on urlscan.io!
This is the only time 159.89.176.73 was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online) Tech Support Scam (Consumer)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 160.153.94.104 160.153.94.104 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
| 13 | 159.89.176.73 159.89.176.73 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean) | |
| 1 | 216.58.208.40 216.58.208.40 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 198.211.112.20 198.211.112.20 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean) | |
| 1 6 | 74.86.208.240 74.86.208.240 | 36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.) | |
| 2 | 216.58.208.46 216.58.208.46 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 22 | 6 |
1
160.153.94.104
(Scottsdale, United States)
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-160-153-94-104.ip.secureserver.net
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-160-153-94-104.ip.secureserver.net
| trendygoodsshop.com |
13
159.89.176.73
(Vancouver, Canada)
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
| 159.89.176.73 |
1
216.58.208.40
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f40.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f40.1e100.net
| www.googletagmanager.com |
1
198.211.112.20
(North Bergen, United States)
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
| analytics.cuvesk.com |
6
74.86.208.240
(Dallas, United States)
ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: f0.d0.564a.ip4.static.sl-reverse.com
ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: f0.d0.564a.ip4.static.sl-reverse.com
| www.mylivechat.com | |
| s2.mylivechat.com |
2
216.58.208.46
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f46.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f46.1e100.net
| www.google-analytics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 6 |
mylivechat.com
1 redirects
www.mylivechat.com s2.mylivechat.com |
64 KB |
| 2 |
google-analytics.com
www.google-analytics.com |
14 KB |
| 1 |
cuvesk.com
analytics.cuvesk.com |
368 B |
| 1 |
googletagmanager.com
www.googletagmanager.com |
22 KB |
| 1 |
trendygoodsshop.com
1 redirects
trendygoodsshop.com |
257 B |
| 22 | 5 |
| Domain | Requested by | |
|---|---|---|
| 5 | s2.mylivechat.com |
159.89.176.73
s2.mylivechat.com |
| 2 | www.google-analytics.com |
www.googletagmanager.com
159.89.176.73 |
| 1 | www.mylivechat.com | 1 redirects |
| 1 | analytics.cuvesk.com |
159.89.176.73
|
| 1 | www.googletagmanager.com |
159.89.176.73
|
| 1 | trendygoodsshop.com | 1 redirects |
| 22 | 6 |
This site contains no links.
| Subject Issuer | Validity | Valid |
|---|
This page contains 1 frames:
Primary Page:
http://159.89.176.73/
Frame ID: C4893BF3ABD031C596CC7B7072C6EA42
Requests: 23 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://trendygoodsshop.com/?utm_source=taboola&utm_medium=referral
HTTP 302
http://159.89.176.73/ Page URL
Detected technologies
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^google_tag_manager$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://trendygoodsshop.com/?utm_source=taboola&utm_medium=referral
HTTP 302
http://159.89.176.73/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- https://www.mylivechat.com/chatapi.aspx?hccid=59515955 HTTP 302
- https://s2.mylivechat.com/livechat2/livechat2.aspx?hccid=59515955&apimode=chatapi
22 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
159.89.176.73/ Redirect Chain
|
78 KB 43 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.css
159.89.176.73/css/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
image.jpg
159.89.176.73/ |
162 KB 162 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
orange-error-512.png
159.89.176.73/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
close-icon.png
159.89.176.73/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
64 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rout.js
analytics.cuvesk.com/rout/ |
26 B 368 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
livechat2.aspx
s2.mylivechat.com/livechat2/ Redirect Chain
|
6 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
239 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bg.png
159.89.176.73/css/images/ |
390 B 390 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SegoeUI-Semibold.woff2
159.89.176.73/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SegoeUI-Light.woff2
159.89.176.73/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SegoeUI.woff2
159.89.176.73/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
kk.mp3
159.89.176.73/chrome-assets/ |
58 KB 59 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
analytics.js
www.google-analytics.com/ |
34 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
collect
www.google-analytics.com/r/ |
35 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SegoeUI-Light.woff
159.89.176.73/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SegoeUI.woff
159.89.176.73/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SegoeUI-Semibold.woff
159.89.176.73/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
chatinline.css
s2.mylivechat.com/livechat2/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
resources2.aspx
s2.mylivechat.com/livechat2/ |
106 KB 40 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
livechatinit2.js
s2.mylivechat.com/livechat2/script/ |
61 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sprite.png
s2.mylivechat.com/livechat2/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online) Tech Support Scam (Consumer)133 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| stroka function| popupSite function| msg_chjam function| toggleFullScreen function| nocontextmenu function| norightclick function| get_browser boolean| InternetEx boolean| isIEedge object| browser undefined| msg_ff string| CustomAnlysis function| ca function| add_chatapi function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData boolean| myCustomFlag string| mlcp function| MyLiveChat_AddScript function| MyLiveChat_GetLastScriptTag function| MyLiveChat_ImportCss function| MyLiveChat_DocWrite object| MyLiveChat object| MyLiveChat_Lib object| MyLiveChat_WrapperBase function| MyLiveChat_WrapperBaseConstructor function| MyLiveChat_CreateWrapper function| MyLiveChat_BuildWrapper function| MyLiveChat_SetBaseCss function| MyLiveChat_DefineStyle function| MyLiveChat_RunStyle function| MyLiveChat_ApplyStyle object| MyLiveChat_InitCss2Handlers function| MyLiveChat_InitCss2 function| MLCUI_FireOAuthStart function| MLCUI_GetOAuthUrlBase function| MLCUI_TryLogoutOAuth function| MLCUI_TryGetOAuth function| MLCUI_ShowOAuth function| MLCUI_ImplOAuth function| MLCUI_CreateCustomFields function| MyLiveChat_SetupButtonMode function| MLCUI_InlineHelper function| MyLiveChat_CreateDialogPanel function| MyLiveChat_CreateMainPanel function| MyLiveChat_CreateInlinePanel function| MyLiveChat_InitOnce function| MyLiveChat_CalcImagePath function| MyLiveChat_CalcCustomUrl function| MyLiveChat_InitOnceInline function| MyLiveChat_InitOnceFinal function| MyLiveChat_IsDuringOperatingHours function| MyLiveChat_InitStorate function| MyLiveChat_LoadUserDataBehavior function| MyLiveChat_SupportLocalData function| MyLiveChat_GetCookie function| MyLiveChat_SetCookie function| MyLiveChat_GetLocalData function| MyLiveChat_SetLocalData function| MyLiveChat_SyncToCPR function| MyLiveChat_PatternMatch function| MyLiveChat_HtmlEncode function| MyLiveChat_InvokeEvent function| MyLiveChat_PlaySound function| MyLiveChat_DelayRequest function| MyLiveChat_SetNextReqTimeout function| MyLiveChat_NextRequest function| MyLiveChat_SyncFromCPR function| MyLiveChat_CPRDecode function| MyLiveChat_CPREncode function| MyLiveChat_GetSourceUrl function| MyLiveChat_GetReferrer function| MyLiveChat_AppendToUrl function| MyLiveChat_ChangeUrl function| MyLiveChat_GetDialogUrl function| MyLiveChat_IsUseInlineChat function| MyLiveChat_OpenDialog function| MyLiveChat_UpdateWidgetInline function| MyLiveChat_ShowChatWidget function| MyLiveChat_ForEachElement function| MyLiveChat_WriteOrSetHTML function| MyLiveChat_Initialize function| MyLiveChat_RunLoadingHandler function| MyLiveChat_AddCustomData function| MergeCustomData function| ConvertToJson function| MyLiveChat_InlineTriggerMatch function| MyLiveChat_FilterStringMatch function| MyLiveChat_InlineTriggerNewMatch function| MyLiveChat_MatchNewTriggers function| MyLiveChat_MatchServerTriggers function| MyLiveChat_TryServerInvitation function| MyLiveChat_OnServerInvitation function| MyLiveChat_RestoreServerInvite function| MyLiveChat_StartServerInvitation function| MyLiveChat_InlineChatInit function| mlcwidget_findelements function| mlcwidget_calcpoint function| mlcwidget_calcbodypoint function| mlcwidget_nextposition function| MyLiveChat_CalcBodyPoint function| MyLiveChat_CalcPoint function| MyLiveChat_MovePoint function| MyLiveChat_SetUserName function| MyLiveChat_SetEmail function| MyLiveChat_SetDepartment function| MyLiveChat_SetSubject function| MyLiveChat_SetQuestion function| MyLiveChat_SetCustomData function| MyLiveChat_SetContextData function| MyLiveChat_SetProductName function| MyLiveChat_SetProductKey function| MyLiveChat_OnUserIsOnline function| MyLiveChat_PrepairInlineChat function| MyLiveChat_ShowInPageChat function| MyLiveChat_ShowInlineChat function| MyLiveChat_ShowChatBox function| MyLiveChat_ShowInvite function| MyLiveChat_HideInvite function| MyLiveChat_AcceptInvite function| MyLiveChat_OnInviteAccepted function| MyLiveChat_RejectInvite function| MyLiveChat_ShowInviteTemplate function| MyLiveChat_HideInviteTemplate boolean| isnewid object| _mlctemp_ object| MlcBuidinWidget6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| 159.89.176.73/ | Name: CCCustomerId Value: 205c5b25-d057-f486-e67d-2ed930f70112 |
|
| 159.89.176.73/ | Name: uadt Value: 1525294094473 |
|
| 159.89.176.73/ | Name: _gat_gtag_UA_117826818_1 Value: 1 |
|
| 159.89.176.73/ | Name: Actions Value: 0 |
|
| 159.89.176.73/ | Name: _gid Value: GA1.1.827104427.1525294093 |
|
| 159.89.176.73/ | Name: _ga Value: GA1.1.1321767130.1525294093 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.cuvesk.com
s2.mylivechat.com
trendygoodsshop.com
www.google-analytics.com
www.googletagmanager.com
www.mylivechat.com
159.89.176.73
160.153.94.104
198.211.112.20
216.58.208.40
216.58.208.46
74.86.208.240
0a9ef6b6e70a43a91d3c0c77e6d0f6d0c0e7785242cbd30cd523bc666ca9002c
2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675
24fc48f70abc24855135fa0f74814f5bc66b4027c8aa44880f73e8ff62604bd1
26ddacb2ab4e8a3e0e6242ac05c896aabd340e6a0f573500c9c67e185c76da29
27a2b036c1ed8091a6520a2ec9c3fa9e7555a876518867309d5be5f5bc6a978d
35056de07bbfc3304e6ffb13088c9a8dce39b55f7341e943127cd999705369d0
5a6f321a11b27aacf21dfe083bb9e7a1831c34fc2a457f3dce2e3d0d9cb27296
5bfa2e420917eb9ebb3ac31af4b72a0823b659729ad32ed6befd0cdd394e4953
62ede3551644609cb48bab8702858adff28c59eada656c390e729342986a34f9
695d48bd8966cbd2741cb7f80990296840d5e08986d48a3979d98814078f042a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846e76fb4a36de018093bb0fb6f0acb781366be2f03052dd566c1fdc13926145
a72c1d3717d9e94a45a33a3c73c70bac7b3aeabdc331b495b372549d55dbcd80
b035901a6dfc1df323e788037193d4a46faf38d316dea563fba5b0768bdde6c3
bd08b9849632e73574f62ca80572a17f9bbd9bb1010fe8c6380e641460abd96c
cd7569637fadfcec29ab0a6ea5940862de3e54e11170e4c1188cf9047c0085d6
ec31d90b963db7620dbf2daf198d5ff05719471f1d3d23a6e39334d71a44d767