consumermasters.com Open in urlscan Pro
173.255.193.209 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://kekvpqp.com/path/lp.php?trvid=10002&trvx=d9199e4c&postback=1578683002046_1578682935303_89_173_3226492_1&bid=...
Effective URL:
https://consumermasters.com/xtrta/acvrtds-v5c.php?ip=37.120.143.212&sxid=90hhajmha5y7&ttorigin=90hhajmha5y7
Submission: On March 08 via manual (March 8th 2020, 6:59:26 pm UTC) from US

Summary HTTP 30 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 30 HTTP transactions. The main IP is 173.255.193.209, located in Dallas, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is consumermasters.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 6th 2020. Valid for: 3 months.

This is the only time consumermasters.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 3	3.125.239.17 3.125.239.17	16509 (AMAZON-02) (AMAZON-02)
24	173.255.193.209 173.255.193.209	63949 (LINODE-AP...) (LINODE-AP Linode)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
30	5

3 3.125.239.17 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-239-17.eu-central-1.compute.amazonaws.com

kekvpqp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 173.255.193.209 (Dallas, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li203-209.members.linode.com

consumermasters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	consumermasters.com consumermasters.com	235 KB
3	kekvpqp.com 1 redirects kekvpqp.com	4 KB
2	jquery.com code.jquery.com	92 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	24 KB
30	4

	Domain	Requested by
24	consumermasters.com	consumermasters.com
3	kekvpqp.com	1 redirects
2	code.jquery.com	consumermasters.com
2	maxcdn.bootstrapcdn.com	consumermasters.com
30	4

This site contains links to these domains. Also see Links.

Domain
kekvpqp.com

Subject Issuer	Validity	Valid
kekvpqp.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-15` - `2020-10-14`	a year	crt.sh
consumermasters.com Let's Encrypt Authority X3	`2020-03-06` - `2020-06-04`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://consumermasters.com/xtrta/acvrtds-v5c.php?ip=37.120.143.212&sxid=90hhajmha5y7&ttorigin=90hhajmha5y7
Frame ID: 3DAD430A8C472FF97F1C329FF33B5AE3
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://kekvpqp.com/path/lp.php?trvid=10002&trvx=d9199e4c&postback=1578683002046_1578682935303_8... HTTP 302
https://kekvpqp.com/click?trvid=10002&trvx=d9199e4c&postback=1578683002046_1578682935303_89_173_... Page URL
https://kekvpqp.com/double?t=2&d=eyJVUkwiOiJodHRwczovL2NvbnN1bWVybWFzdGVycy5jb20veHRydGEvYWN2cnR... Page URL
https://consumermasters.com/xtrta/acvrtds-v5c.php?ip=37.120.143.212&sxid=90hhajmha5y7&ttorigin=90hhajmha5y7 Page URL