queenargo.ru
Open in
urlscan Pro
45.130.41.4
Malicious Activity!
Public Scan
Submitted URL: https://rebrand.ly/wtqg7um
Effective URL: https://queenargo.ru/1/fedex_EN/fedex_EN/
Submission: On July 18 via manual from US — Scanned from DE
Effective URL: https://queenargo.ru/1/fedex_EN/fedex_EN/
Submission: On July 18 via manual from US — Scanned from DE
Summary
This website contacted 1 IPs
in 2 countries
across 2 domains to perform 25 HTTP transactions.
The main IP is 45.130.41.4, located in
Russian Federation and
belongs to BEGET-AS, RU.
The main domain is queenargo.ru.
TLS certificate: Issued by R3 on June 9th 2022. Valid for: 3 months.
This is the only time queenargo.ru was scanned on urlscan.io!
TLS certificate: Issued by R3 on June 9th 2022. Valid for: 3 months.
This is the only time queenargo.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Fedex (Transportation)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 52.71.250.191 52.71.250.191 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 25 | 45.130.41.4 45.130.41.4 | 198610 (BEGET-AS) (BEGET-AS) | |
| 25 | 1 |
1
52.71.250.191
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-250-191.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-250-191.compute-1.amazonaws.com
| rebrand.ly |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 25 |
queenargo.ru
queenargo.ru |
629 KB |
| 1 |
rebrand.ly
1 redirects
rebrand.ly — Cisco Umbrella Rank: 67343 |
301 B |
| 25 | 2 |
| Domain | Requested by | |
|---|---|---|
| 25 | queenargo.ru |
queenargo.ru
|
| 1 | rebrand.ly | 1 redirects |
| 25 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.facebook.com |
| www.youtube.com |
| lin.ee |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| queenargo.ru R3 |
2022-06-09 - 2022-09-07 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://queenargo.ru/1/fedex_EN/fedex_EN/
Frame ID: BFC5CDD508C3A02A3B787A6D7FAD7B38
Requests: 25 HTTP requests in this frame
Screenshot
Page Title
Global Express International Shipping Service | FedExPage URL History Show full URLs
-
https://rebrand.ly/wtqg7um
HTTP 301
https://queenargo.ru/1/fedex_EN/fedex_EN/ Page URL
Detected technologies
Adobe Experience Manager
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /etc/clientlibs/
- /etc\.clientlibs/
Lodash
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- lodash.*\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
URL: http://www.facebook.com/FedexAPAC
Search URL Search Domain Scan URL
URL: https://www.youtube.com/user/FedEx
Search URL Search Domain Scan URL
URL: https://lin.ee/1e3s9n4
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://rebrand.ly/wtqg7um
HTTP 301
https://queenargo.ru/1/fedex_EN/fedex_EN/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
queenargo.ru/1/fedex_EN/fedex_EN/ Redirect Chain
|
102 KB 102 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.cee8557e8779d371fe722bbcdd3b3eb7.js
queenargo.ru/1/fedex_EN/fedex_EN/etc.clientlibs/clientlibs/granite/ |
98 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cleave.min.js
queenargo.ru/1/fedex_EN/fedex_EN/etc/ |
32 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
homepage.min.da37f6d6730dcd84cd00f47af53baf37.css
queenargo.ru/1/fedex_EN/fedex_EN/etc.clientlibs/clientlibs/fedex/page/ |
647 KB 92 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css6.css
queenargo.ru/1/fedex_EN/fedex_EN/css/ |
567 B 475 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
shipping-routing.min.js
queenargo.ru/1/fedex_EN/fedex_EN/mags/shipping-routing/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gdl-fedex.html
queenargo.ru/1/fedex_EN/fedex_EN/gdl/ |
40 KB 40 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.png
queenargo.ru/1/fedex_EN/fedex_EN/content/dam/fedex-com/logos/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sprite-placeholder.png
queenargo.ru/1/fedex_EN/fedex_EN/content/dam/fedex-com/common/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.png
queenargo.ru/1/fedex_EN/fedex_EN/img/ |
597 B 782 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2.png
queenargo.ru/1/fedex_EN/fedex_EN/img/ |
572 B 757 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3.png
queenargo.ru/1/fedex_EN/fedex_EN/img/ |
564 B 749 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4.png
queenargo.ru/1/fedex_EN/fedex_EN/img/ |
657 B 842 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lodash.min.js
queenargo.ru/1/fedex_EN/fedex_EN/etc/clientlibs/fedex/common/libs/lodashjs/ |
73 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
homepage.min.570a04c5cdbe53c7d4acf5f52a45d938.js
queenargo.ru/1/fedex_EN/fedex_EN/etc.clientlibs/clientlibs/fedex/page/ |
636 KB 167 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
chgB
queenargo.ru/1/fedex_EN/dtp4BG/H/J/1GJWWG3MxGau/7L1VrhmNhYJ9/bTZxKC1lBA/YTQPPjIh/ |
40 KB 41 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
menu-sprite.png
queenargo.ru/1/fedex_EN/fedex_EN/etc.clientlibs/clientlibs/fedex/images/resources/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer-sprite.png
queenargo.ru/1/fedex_EN/fedex_EN/etc.clientlibs/clientlibs/fedex/images/resources/ |
55 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fx_linkedin.svg
queenargo.ru/1/fedex_EN/fedex_EN/etc.clientlibs/clientlibs/fedex/images/resources/ |
1 KB 870 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fx_facebook.svg
queenargo.ru/1/fedex_EN/fedex_EN/etc.clientlibs/clientlibs/fedex/images/resources/ |
886 B 695 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fx_youtube.svg
queenargo.ru/1/fedex_EN/fedex_EN/etc.clientlibs/clientlibs/fedex/images/resources/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
line_icon.svg
queenargo.ru/1/fedex_EN/fedex_EN/content/dam/fedex/apac-asia-pacific/MVP-APAC/images/2020/Q2/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
getapigconfigs.queenargo.jsonp
queenargo.ru/etc/services/ |
2 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
undefined
queenargo.ru/1/fedex_EN/fedex_EN/ |
16 KB 16 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
.jsonp
queenargo.ru/etc/services/getalerts.false.apac.tw.zh_tw./1/fedex_EN/fedex_EN/ |
2 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Fedex (Transportation)43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| FDX object| fdx function| $ function| jQuery object| matched object| browser function| Cleave function| isInputNumber function| _ function| Swipe function| anchorLink function| multiAccordion object| WTRK function| initTimer function| silentCountdown function| countdown function| schLoadTracking string| GEO_CLASS function| autoExpandAccordion function| r object| players function| createPlayers function| onPlay object| jQuery1124021868179214368966 string| ua object| tem object| M object| mobilePatt boolean| isMobile boolean| returnType string| osTemp string| browserType string| fdx_browserType number| fdx_browserVMajor function| openModal1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| queenargo.ru/ | Name: 83145217c1a0203c4eb4ea481f6475a7 Value: 95c4349cf703be4cfe1861d2c3d9a83e |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
queenargo.ru
rebrand.ly
45.130.41.4
52.71.250.191
1dd20181a733ac6bad0e65d39105cd1fe1bdd5cb9f68341a82d7a206310a1290
255ac343be8acf31ca3debe1a89ecfeb7bf7949ca9bfcce726ec20db90d4ff71
2b8655490b3625bd3d1a1605a29ccfbbe2b54619e0b7beac72fee4716adbc89f
2ed127284f8f4caaee4c7dceeaab3657e6528f9f84fc47734b58ba099c95fa42
3def24eae81de0efad8a1e65bd7bc9f9aa2a983f738e3c5d761a52f23d87801c
4101aa02d68cd3d07bf6340516c410b5fe6311214576622f7c4da72e26544e18
441985bca86f350bd89721c5219dbcee393f2d9b206930ba3997919a1f4d2e9c
4951aceb7d36fd4b83758a9558838d56d705acd10e37796815d49c41b8f8466a
4a920f46ff4559358834271720b8da610a5ad4d50578f90c136550adf7fd231e
4fc36edbb61a0cad51f4cb3f8e64c7c80d533ebfeb8d5a8583d2e2f4a5364c0a
56b7e8ca4092fc7f4ce541932df6a5d30143414550046ab65387c5f4c134ad21
6f46e13ab4b86da0407a98685e6cdf678aa732e29335fe0f441c2b816ddf0e46
8c8e4cee94204596733d23753ae8cebddfc2157e56eae975f0ae7127b795a03d
99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90
b07b4ba931d2ff580554dec6bcdad83977282139a2c2278df7b37eeb811c9ade
bddd68dd64c38022534d5595dc5d08f70503dbe7d77d789a88ee0daa043115ea
c342db54828eea92dfc1bf38305917ba3c37f704ace21a0791b344134d26d8a3
c774620028f108842050fdfb5a94b095250190ee0b9788fcf9b80e64006786fa
c99050f56a0c6149812f19e4d5eb8c9bff974fe94217765e9c32ac5718d62384
cfdf24db724fadeb310314c6c58c890cc5c6755de7a6513cdbe8c290a1f682d8
d8a75d918ddd574026d721058790dd07fc7424ad500e3d9f5be856e921be08f1
dde836549d234c25efd8f474e256654b44e9ebff03bf85b382ace219fed688f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61a9dd8cc9e36af7b8a5ff42dfb05460c9625c39fc6e1b01345b74ffcd550a0