click1.canadianvisaexpert.services Open in urlscan Pro
74.214.203.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click1.canadianvisaexpert.services/ViewMessage.do?m=etdhpppbz&r=nrrdfwtfwptj&s=xdbskycprrrrnprpvpdkpnmddgvmhvmrkhy&q=1692759600&a=view
Effective URL:
https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=1C340B316D3DDD68CD70D1E97D104071
Submission: On August 23 via api (August 23rd 2023, 6:14:31 pm UTC) from US — Scanned from ES

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 8 HTTP transactions. The main IP is 74.214.203.11, located in United States and belongs to AMAZON-AES, US. The main domain is click1.canadianvisaexpert.services.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 8th 2023. Valid for: a year.

This is the only time click1.canadianvisaexpert.services was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 5	74.214.203.11 74.214.203.11	14618 (AMAZON-AES) (AMAZON-AES)
1	96.46.128.252 96.46.128.252	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:238... 2600:9000:238d:f000:0:9845:40:93a1	16509 (AMAZON-02) (AMAZON-02)
8	4

5 74.214.203.11 (United States) 3 redirects

ASN14618 (AMAZON-AES, US)

click1.canadianvisaexpert.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.46.128.252 (United States)

ASN14618 (AMAZON-AES, US)
PTR: www.efeedbacktrk.com

7a90f8.efeedbacktrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:238d:f000:0:9845:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2r7cfber3va4h.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	canadianvisaexpert.services 3 redirects click1.canadianvisaexpert.services	18 KB
3	cloudfront.net d2r7cfber3va4h.cloudfront.net	22 KB
1	efeedbacktrk.com 7a90f8.efeedbacktrk.com	466 B
0	facebook.net Failed connect.facebook.net Failed
8	4

	Domain	Requested by
5	click1.canadianvisaexpert.services	3 redirects
3	d2r7cfber3va4h.cloudfront.net	click1.canadianvisaexpert.services
1	7a90f8.efeedbacktrk.com	click1.canadianvisaexpert.services
0	connect.facebook.net Failed	click1.canadianvisaexpert.services
8	4

This site contains no links.

Subject Issuer	Validity	Valid
click1.canadianvisaexpert.services Go Daddy Secure Certificate Authority - G2	`2023-06-08` - `2024-07-09`	a year	crt.sh
*.efeedbacktrk.com Go Daddy Secure Certificate Authority - G2	`2023-03-19` - `2024-04-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=1C340B316D3DDD68CD70D1E97D104071
Frame ID: E3CEA8FF7D2AA54E5408DEE46D9258A8
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Catalina, please confirm your details

Page URL History Show full URLs

https://click1.canadianvisaexpert.services/ViewMessage.do?m=etdhpppbz&r=nrrdfwtfwptj&s=xdbskycprrrrnprpvpdkpnmddgvmhvmr... Page URL
https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=1C340B316D3DDD68CD70D1E97D104071 Page URL

Page Statistics

8
Requests

38 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

40 kB
Transfer

38 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click1.canadianvisaexpert.services/ViewMessage.do?m=etdhpppbz&r=nrrdfwtfwptj&s=xdbskycprrrrnprpvpdkpnmddgvmhvmrkhy&q=1692759600&a=view Page URL
https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=1C340B316D3DDD68CD70D1E97D104071 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://click1.canadianvisaexpert.services/i.do?id=-3532~:530430648:8BE94555-5A45-4241-B4AF-1102F32F5B3E HTTP 302
https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3532

Request Chain 4

https://click1.canadianvisaexpert.services/i.do?id=-3810~:530430648:8BE94555-5A45-4241-B4AF-1102F32F5B3E HTTP 302
https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3810

Request Chain 5

https://click1.canadianvisaexpert.services/i.do?id=-3811~:530430648:8BE94555-5A45-4241-B4AF-1102F32F5B3E HTTP 302
https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3811

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	ViewMessage.do Show response click1.canadianvisaexpert.services/	3 KB 3 KB	733ms 119ms	Document text/html	74.214.203.11 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://click1.canadianvisaexpert.services/ViewMessage.do?m=etdhpppbz&r=nrrdfwtfwptj&s=xdbskycprrrrnprpvpdkpnmddgvmhvmrkhy&q=1692759600&a=view Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 74.214.203.11 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash `61d1a00fc81a3b5092c306397cb17675c690808ae79695421dc4d833224c8899` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers Connection Keep-Alive Content-Type text/html;charset=utf-8 Date Wed, 23 Aug 2023 18:14:25 GMT Keep-Alive timeout=60 Server Apache-Coyote/1.1 Transfer-Encoding chunked
GET		all.js connect.facebook.net/en_US/	0 0

POST H/1.1	200 OK	Primary Request ViewMessage.do;jsessionid=1C340B316D3DDD68CD70D1E97D104071 Show response click1.canadianvisaexpert.services/	14 KB 14 KB	184ms 184ms	Document text/html	74.214.203.11 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=1C340B316D3DDD68CD70D1E97D104071 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 74.214.203.11 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash `27ce055b7e842380a8f3c7b06b925111e0301931f430e90509f3b0738d8925f1` Request headers Content-Type application/x-www-form-urlencoded Origin https://click1.canadianvisaexpert.services Referer https://click1.canadianvisaexpert.services/ViewMessage.do?m=etdhpppbz&r=nrrdfwtfwptj&s=xdbskycprrrrnprpvpdkpnmddgvmhvmrkhy&q=1692759600&a=view Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers Connection Keep-Alive Content-Type text/html;charset=utf-8 Date Wed, 23 Aug 2023 18:14:25 GMT Keep-Alive timeout=60 Server Apache-Coyote/1.1 Transfer-Encoding chunked
GET H/1.1	200 OK	wdnzkhjwgggbgtwgbwlwdbkwtybddflyvlygkvhdwwzgdnn_mscnywtywdtslcdpqbnpdww_0.gif 7a90f8.efeedbacktrk.com/	68 B 466 B	625ms 121ms	Image image/png	96.46.128.252 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://7a90f8.efeedbacktrk.com/wdnzkhjwgggbgtwgbwlwdbkwtybddflyvlygkvhdwwzgdnn_mscnywtywdtslcdpqbnpdww_0.gif Requested by Host: click1.canadianvisaexpert.services URL: https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=1C340B316D3DDD68CD70D1E97D104071 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 96.46.128.252 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS www.efeedbacktrk.com Software sp / Resource Hash `2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11` Request headers accept-language es-ES,es;q=0.9 Referer https://click1.canadianvisaexpert.services/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Pragma no-cache Date Wed, 23 Aug 2023 18:14:26 GMT Server sp Content-Type image/png;charset=utf-8 Cache-Control private, max-age=0, no-cache, no-store, must-revalidate imagetoolbar no Connection Keep-Alive Keep-Alive timeout=60 Content-Length 68 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	3532 d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/ Redirect Chain https://click1.canadianvisaexpert.services/i.do?id=-3532~:530430648:8BE94555-5A45-4241-B4AF-1102F32F5B3E https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3532	17 KB 17 KB	186ms 72ms	Image image/png	2600:9000:238d:f000:0:9845:40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3532 Requested by Host: click1.canadianvisaexpert.services URL: https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=1C340B316D3DDD68CD70D1E97D104071 Protocol H2 Server 2600:9000:238d:f000:0:9845:40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `a8e968ad0f014fae28501c8a871450c2640d27f139af51c58631a8f9e1850244` Request headers accept-language es-ES,es;q=0.9 Referer https://click1.canadianvisaexpert.services/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers x-amz-version-id y7n8_rmFE.a33.qrY2y86.LVETox6BVk date Wed, 23 Aug 2023 06:56:22 GMT via 1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront) last-modified Tue, 08 Sep 2020 06:02:36 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 40685 etag "5eac572c60cd5a93e9199374d36b8ea1" x-cache Hit from cloudfront content-type IMAGE/png accept-ranges bytes content-length 17420 x-amz-cf-id 5dV3tJfeakHZ496we7vPFirqpzk3_DbEKnmd6lnSCNRJPZG7TP7UgQ== Redirect headers Location https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3532 Date Wed, 23 Aug 2023 18:14:25 GMT Server Apache-Coyote/1.1 Connection Keep-Alive Keep-Alive timeout=60 Content-Length 0 Content-Type text/html;charset=utf-8
GET H2	200	3810 d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/ Redirect Chain https://click1.canadianvisaexpert.services/i.do?id=-3810~:530430648:8BE94555-5A45-4241-B4AF-1102F32F5B3E https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3810	3 KB 3 KB	565ms 470ms	Image image/png	2600:9000:238d:f000:0:9845:40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3810 Requested by Host: click1.canadianvisaexpert.services URL: https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=1C340B316D3DDD68CD70D1E97D104071 Protocol H2 Server 2600:9000:238d:f000:0:9845:40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `ee69e54e232c5048574879b90d4fd995413b504dd5d9ca4deb7951c2e9ccb53b` Request headers accept-language es-ES,es;q=0.9 Referer https://click1.canadianvisaexpert.services/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers x-amz-version-id y5l6Buf8qwaOgiS_3YEJGVVACCa_OZ2E date Wed, 23 Aug 2023 18:14:27 GMT via 1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront) last-modified Thu, 08 Sep 2022 13:20:13 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 etag "feaefc3cf969812aa9cd743eb11d1a42" x-cache RefreshHit from cloudfront content-type IMAGE/png accept-ranges bytes content-length 3056 x-amz-cf-id TWvheatTmeOHY5IVeXEye_sk4f5G5GhJ4x1YjA0y-uRUd2fbq_wyBA== Redirect headers Location https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3810 Date Wed, 23 Aug 2023 18:14:24 GMT Server Apache-Coyote/1.1 Connection Keep-Alive Keep-Alive timeout=60 Content-Length 0 Content-Type text/html;charset=utf-8
GET H2	200	3811 d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/ Redirect Chain https://click1.canadianvisaexpert.services/i.do?id=-3811~:530430648:8BE94555-5A45-4241-B4AF-1102F32F5B3E https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3811	1 KB 2 KB	74ms 73ms	Image image/png	2600:9000:238d:f000:0:9845:40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3811 Requested by Host: click1.canadianvisaexpert.services URL: https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=1C340B316D3DDD68CD70D1E97D104071 Protocol H2 Server 2600:9000:238d:f000:0:9845:40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `7a37552a9f4e15ad0f6d6dc236505eef5c08b934c0eb98152c7b77c72400288e` Request headers accept-language es-ES,es;q=0.9 Referer https://click1.canadianvisaexpert.services/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers x-amz-version-id mu.D1WfDKFGJyFLWoP8wmEkeLMrSdRIQ date Wed, 23 Aug 2023 18:14:26 GMT via 1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront) last-modified Thu, 08 Sep 2022 13:20:13 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 53444 etag "77342fc7b206a2c8e20e94fc9bfb2b43" x-cache Hit from cloudfront content-type IMAGE/png accept-ranges bytes content-length 1349 x-amz-cf-id ZfsD6--MZxnAnlAMNtMHSpyDPONA_nyBggt-OgJki_FE4ReRsu7MpA== Redirect headers Location https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3811 Date Wed, 23 Aug 2023 18:14:25 GMT Server Apache-Coyote/1.1 Connection Keep-Alive Keep-Alive timeout=60 Content-Length 0 Content-Type text/html;charset=utf-8
GET		all.js connect.facebook.net/en_US/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Domain: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			click1.canadianvisaexpert.services/	1969-12-31 23:59:59	Name: JSESSIONID Value: 419C947354A7EE795F768D68D5CB439A

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://click1.canadianvisaexpert.services/ViewMessage.do?m=etdhpppbz&r=nrrdfwtfwptj&s=xdbskycprrrrnprpvpdkpnmddgvmhvmrkhy&q=1692759600&a=view Message: Mixed Content: The page at 'https://click1.canadianvisaexpert.services/ViewMessage.do?m=etdhpppbz&r=nrrdfwtfwptj&s=xdbskycprrrrnprpvpdkpnmddgvmhvmrkhy&q=1692759600&a=view' was loaded over HTTPS, but requested an insecure script 'http://connect.facebook.net/en_US/all.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=1C340B316D3DDD68CD70D1E97D104071 Message: Mixed Content: The page at 'https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=1C340B316D3DDD68CD70D1E97D104071' was loaded over HTTPS, but requested an insecure script 'http://connect.facebook.net/en_US/all.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7a90f8.efeedbacktrk.com
click1.canadianvisaexpert.services
connect.facebook.net
d2r7cfber3va4h.cloudfront.net
connect.facebook.net
2600:9000:238d:f000:0:9845:40:93a1
74.214.203.11
96.46.128.252
27ce055b7e842380a8f3c7b06b925111e0301931f430e90509f3b0738d8925f1
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
61d1a00fc81a3b5092c306397cb17675c690808ae79695421dc4d833224c8899
7a37552a9f4e15ad0f6d6dc236505eef5c08b934c0eb98152c7b77c72400288e
a8e968ad0f014fae28501c8a871450c2640d27f139af51c58631a8f9e1850244
ee69e54e232c5048574879b90d4fd995413b504dd5d9ca4deb7951c2e9ccb53b

click1.canadianvisaexpert.services Open in urlscan Pro 74.214.203.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

38 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

40 kBTransfer

38 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

click1.canadianvisaexpert.services Open in urlscan Pro
74.214.203.11 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

38 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

40 kB
Transfer

38 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions