click1.canadianvisaexpert.services Open in urlscan Pro
74.214.203.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click1.canadianvisaexpert.services/ViewMessage.do?m=vgygmfjgp&r=ygqklvvbgmkm&s=lmnqslhdjjjjfdjdkdmsdfymmzkygkyjsgl&q=1685588400&a=view
Effective URL:
https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=743049A035CD0161D1795408487D561F
Submission: On June 01 via api (June 1st 2023, 5:01:29 am UTC) from HK — Scanned from ES

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 8 HTTP transactions. The main IP is 74.214.203.11, located in United States and belongs to AMAZON-AES, US. The main domain is click1.canadianvisaexpert.services.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 7th 2022. Valid for: a year.

This is the only time click1.canadianvisaexpert.services was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 5	74.214.203.11 74.214.203.11	14618 (AMAZON-AES) (AMAZON-AES)
1	96.46.128.252 96.46.128.252	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:223... 2600:9000:223e:800:0:9845:40:93a1	16509 (AMAZON-02) (AMAZON-02)
8	4

5 74.214.203.11 (United States) 3 redirects

ASN14618 (AMAZON-AES, US)

click1.canadianvisaexpert.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.46.128.252 (United States)

ASN14618 (AMAZON-AES, US)
PTR: www.efeedbacktrk.com

58a44b.efeedbacktrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223e:800:0:9845:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2r7cfber3va4h.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	canadianvisaexpert.services 3 redirects click1.canadianvisaexpert.services	20 KB
3	cloudfront.net d2r7cfber3va4h.cloudfront.net	28 KB
1	efeedbacktrk.com 58a44b.efeedbacktrk.com	466 B
0	facebook.net Failed connect.facebook.net Failed
8	4

	Domain	Requested by
5	click1.canadianvisaexpert.services	3 redirects
3	d2r7cfber3va4h.cloudfront.net	click1.canadianvisaexpert.services
1	58a44b.efeedbacktrk.com	click1.canadianvisaexpert.services
0	connect.facebook.net Failed	click1.canadianvisaexpert.services
8	4

This site contains no links.

Subject Issuer	Validity	Valid
click1.canadianvisaexpert.services Go Daddy Secure Certificate Authority - G2	`2022-08-07` - `2023-08-07`	a year	crt.sh
*.efeedbacktrk.com Go Daddy Secure Certificate Authority - G2	`2023-03-19` - `2024-04-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=743049A035CD0161D1795408487D561F
Frame ID: AAEFD11508FCFDD2FED66F97980A42E1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

REQUISITION FORM 106 - Roxna Cheng (151688990)

Page URL History Show full URLs

https://click1.canadianvisaexpert.services/ViewMessage.do?m=vgygmfjgp&r=ygqklvvbgmkm&s=lmnqslhdjjjjfdjdkdmsdfymmzkygkyj... Page URL
https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=743049A035CD0161D1795408487D561F Page URL

Page Statistics

8
Requests

38 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

47 kB
Transfer

45 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click1.canadianvisaexpert.services/ViewMessage.do?m=vgygmfjgp&r=ygqklvvbgmkm&s=lmnqslhdjjjjfdjdkdmsdfymmzkygkyjsgl&q=1685588400&a=view Page URL
https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=743049A035CD0161D1795408487D561F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://click1.canadianvisaexpert.services/i.do?id=-3345~:529976050:8BE94555-5A45-4241-B4AF-1102F32F5B3E HTTP 302
https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3345

Request Chain 4

https://click1.canadianvisaexpert.services/i.do?id=-3810~:529976050:8BE94555-5A45-4241-B4AF-1102F32F5B3E HTTP 302
https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3810

Request Chain 5

https://click1.canadianvisaexpert.services/i.do?id=-3811~:529976050:8BE94555-5A45-4241-B4AF-1102F32F5B3E HTTP 302
https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3811

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	ViewMessage.do Show response click1.canadianvisaexpert.services/	3 KB 3 KB	627ms 130ms	Document text/html	74.214.203.11 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://click1.canadianvisaexpert.services/ViewMessage.do?m=vgygmfjgp&r=ygqklvvbgmkm&s=lmnqslhdjjjjfdjdkdmsdfymmzkygkyjsgl&q=1685588400&a=view Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 74.214.203.11 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash `27a64b9ad0dfcb9ec0e601958c7ed69b9b44fcec2ef7db45ae22e085c93de7fc` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers Connection Keep-Alive Content-Type text/html;charset=utf-8 Date Thu, 01 Jun 2023 05:01:22 GMT Keep-Alive timeout=60 Server Apache-Coyote/1.1 Transfer-Encoding chunked
GET		all.js connect.facebook.net/en_US/	0 0

POST H/1.1	200 OK	Primary Request ViewMessage.do;jsessionid=743049A035CD0161D1795408487D561F Show response click1.canadianvisaexpert.services/	16 KB 16 KB	286ms 285ms	Document text/html	74.214.203.11 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=743049A035CD0161D1795408487D561F Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 74.214.203.11 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash `421d7ecb84b69d715cd95e18e627f6f198ca77787788c00cd7375b298694f1c3` Request headers Content-Type application/x-www-form-urlencoded Origin https://click1.canadianvisaexpert.services Referer https://click1.canadianvisaexpert.services/ViewMessage.do?m=vgygmfjgp&r=ygqklvvbgmkm&s=lmnqslhdjjjjfdjdkdmsdfymmzkygkyjsgl&q=1685588400&a=view Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers Connection Keep-Alive Content-Type text/html;charset=utf-8 Date Thu, 01 Jun 2023 05:01:22 GMT Keep-Alive timeout=60 Server Apache-Coyote/1.1 Transfer-Encoding chunked
GET H/1.1	200 OK	vrrmdcykhhhnhqkhnkvkfndkqtnffrvtpvthdpcfkkpggmv_oftwzqqrlfwfdtlmwwmmkff_0.gif 58a44b.efeedbacktrk.com/	68 B 466 B	665ms 128ms	Image image/png	96.46.128.252 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://58a44b.efeedbacktrk.com/vrrmdcykhhhnhqkhnkvkfndkqtnffrvtpvthdpcfkkpggmv_oftwzqqrlfwfdtlmwwmmkff_0.gif Requested by Host: click1.canadianvisaexpert.services URL: https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=743049A035CD0161D1795408487D561F Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 96.46.128.252 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS www.efeedbacktrk.com Software sp / Resource Hash `2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11` Request headers accept-language es-ES,es;q=0.9 Referer https://click1.canadianvisaexpert.services/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Pragma no-cache Date Thu, 01 Jun 2023 05:01:23 GMT Server sp Content-Type image/png;charset=utf-8 Cache-Control private, max-age=0, no-cache, no-store, must-revalidate imagetoolbar no Connection Keep-Alive Keep-Alive timeout=60 Content-Length 68 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	3345 d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/ Redirect Chain https://click1.canadianvisaexpert.services/i.do?id=-3345~:529976050:8BE94555-5A45-4241-B4AF-1102F32F5B3E https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3345	22 KB 23 KB	203ms 73ms	Image image/png	2600:9000:223e:800:0:9845:40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3345 Requested by Host: click1.canadianvisaexpert.services URL: https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=743049A035CD0161D1795408487D561F Protocol H2 Server 2600:9000:223e:800:0:9845:40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `0d2983821fca3f40bc79a6137675aa6d6b7da830d7bf66a323b896118f7aa948` Request headers accept-language es-ES,es;q=0.9 Referer https://click1.canadianvisaexpert.services/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 31 May 2023 06:43:48 GMT x-amz-version-id siOxQ3J.oEgaAOglZTymiKoXP7V0jRXC via 1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront) last-modified Tue, 14 Jul 2020 16:54:25 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 80256 etag "12c1b7b28a8cdba570eefd45197acd99" x-cache Hit from cloudfront content-type IMAGE/png accept-ranges bytes content-length 22718 x-amz-cf-id xZ2j71h2p1RZYm4zFmE8oEr_4YJDTvZI4Ws2ucuwX5br8JQTLZrO4g== Redirect headers Location https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3345 Date Thu, 01 Jun 2023 05:01:23 GMT Server Apache-Coyote/1.1 Connection Keep-Alive Keep-Alive timeout=60 Content-Length 0 Content-Type text/html;charset=utf-8
GET H2	200	3810 d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/ Redirect Chain https://click1.canadianvisaexpert.services/i.do?id=-3810~:529976050:8BE94555-5A45-4241-B4AF-1102F32F5B3E https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3810	3 KB 3 KB	455ms 455ms	Image image/png	2600:9000:223e:800:0:9845:40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3810 Requested by Host: click1.canadianvisaexpert.services URL: https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=743049A035CD0161D1795408487D561F Protocol H2 Server 2600:9000:223e:800:0:9845:40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `ee69e54e232c5048574879b90d4fd995413b504dd5d9ca4deb7951c2e9ccb53b` Request headers accept-language es-ES,es;q=0.9 Referer https://click1.canadianvisaexpert.services/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 01 Jun 2023 05:01:24 GMT x-amz-version-id y5l6Buf8qwaOgiS_3YEJGVVACCa_OZ2E via 1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront) last-modified Thu, 08 Sep 2022 13:20:13 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 etag "feaefc3cf969812aa9cd743eb11d1a42" x-cache Miss from cloudfront content-type IMAGE/png accept-ranges bytes content-length 3056 x-amz-cf-id ig6ooQckC68_q6-V9EzW9titYTCrTENF6gIflJ0Gkw_kZMSoaQ7ejw== Redirect headers Location https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3810 Date Thu, 01 Jun 2023 05:01:22 GMT Server Apache-Coyote/1.1 Connection Keep-Alive Keep-Alive timeout=60 Content-Length 0 Content-Type text/html;charset=utf-8
GET H2	200	3811 d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/ Redirect Chain https://click1.canadianvisaexpert.services/i.do?id=-3811~:529976050:8BE94555-5A45-4241-B4AF-1102F32F5B3E https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3811	1 KB 2 KB	464ms 464ms	Image image/png	2600:9000:223e:800:0:9845:40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3811 Requested by Host: click1.canadianvisaexpert.services URL: https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=743049A035CD0161D1795408487D561F Protocol H2 Server 2600:9000:223e:800:0:9845:40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `7a37552a9f4e15ad0f6d6dc236505eef5c08b934c0eb98152c7b77c72400288e` Request headers accept-language es-ES,es;q=0.9 Referer https://click1.canadianvisaexpert.services/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 01 Jun 2023 05:01:24 GMT x-amz-version-id mu.D1WfDKFGJyFLWoP8wmEkeLMrSdRIQ via 1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront) last-modified Thu, 08 Sep 2022 13:20:13 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 etag "77342fc7b206a2c8e20e94fc9bfb2b43" x-cache Miss from cloudfront content-type IMAGE/png accept-ranges bytes content-length 1349 x-amz-cf-id wezTHY8YUYpuflFR7ItdpvidGymiFfGgyABfVk7-uJ2B_MYdOX71Qg== Redirect headers Location https://d2r7cfber3va4h.cloudfront.net/8BE94555-5A45-4241-B4AF-1102F32F5B3E/3811 Date Thu, 01 Jun 2023 05:01:22 GMT Server Apache-Coyote/1.1 Connection Keep-Alive Keep-Alive timeout=60 Content-Length 0 Content-Type text/html;charset=utf-8
GET		all.js connect.facebook.net/en_US/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Domain: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			click1.canadianvisaexpert.services/	1969-12-31 23:59:59	Name: JSESSIONID Value: C4EDA171D31CCEA0AC311C999BEBB96B

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://click1.canadianvisaexpert.services/ViewMessage.do?m=vgygmfjgp&r=ygqklvvbgmkm&s=lmnqslhdjjjjfdjdkdmsdfymmzkygkyjsgl&q=1685588400&a=view Message: Mixed Content: The page at 'https://click1.canadianvisaexpert.services/ViewMessage.do?m=vgygmfjgp&r=ygqklvvbgmkm&s=lmnqslhdjjjjfdjdkdmsdfymmzkygkyjsgl&q=1685588400&a=view' was loaded over HTTPS, but requested an insecure script 'http://connect.facebook.net/en_US/all.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=743049A035CD0161D1795408487D561F Message: Mixed Content: The page at 'https://click1.canadianvisaexpert.services/ViewMessage.do;jsessionid=743049A035CD0161D1795408487D561F' was loaded over HTTPS, but requested an insecure script 'http://connect.facebook.net/en_US/all.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

58a44b.efeedbacktrk.com
click1.canadianvisaexpert.services
connect.facebook.net
d2r7cfber3va4h.cloudfront.net
connect.facebook.net
2600:9000:223e:800:0:9845:40:93a1
74.214.203.11
96.46.128.252
0d2983821fca3f40bc79a6137675aa6d6b7da830d7bf66a323b896118f7aa948
27a64b9ad0dfcb9ec0e601958c7ed69b9b44fcec2ef7db45ae22e085c93de7fc
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
421d7ecb84b69d715cd95e18e627f6f198ca77787788c00cd7375b298694f1c3
7a37552a9f4e15ad0f6d6dc236505eef5c08b934c0eb98152c7b77c72400288e
ee69e54e232c5048574879b90d4fd995413b504dd5d9ca4deb7951c2e9ccb53b

click1.canadianvisaexpert.services Open in urlscan Pro 74.214.203.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

38 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

47 kBTransfer

45 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

click1.canadianvisaexpert.services Open in urlscan Pro
74.214.203.11 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

38 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

47 kB
Transfer

45 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions