fedex.sendz-g.eu Open in urlscan Pro
2606:4700:3034::ac43:9577 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fedex.sendz-g.eu/18251398155
Submission: On March 04 via manual (March 4th 2024, 10:42:12 pm UTC) from GB — Scanned from GB

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3034::ac43:9577, located in United States and belongs to CLOUDFLARENET, US. The main domain is fedex.sendz-g.eu.
TLS certificate: Issued by GTS CA 1P5 on February 28th 2024. Valid for: 3 months.

This is the only time fedex.sendz-g.eu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Fedex (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
16	2606:4700:303... 2606:4700:3034::ac43:9577		13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	1

16 2606:4700:3034::ac43:9577 (United States)

ASN13335 (CLOUDFLARENET, US)

fedex.sendz-g.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	sendz-g.eu fedex.sendz-g.eu	1 MB
16	1

	Domain	Requested by
16	fedex.sendz-g.eu	fedex.sendz-g.eu
16	1

This site contains links to these domains. Also see Links.

Domain
fedex.com

Subject Issuer	Validity	Valid
sendz-g.eu GTS CA 1P5	`2024-02-28` - `2024-05-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://fedex.sendz-g.eu/18251398155
Frame ID: 499B74F83D6527159BE5662A9B6DB80C
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Two seater dark brown leather sofa

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1267 kB
Transfer

6905 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://fedex.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 18251398155 Show response fedex.sendz-g.eu/	27 KB 4 KB	1437ms 1317ms	Document text/html	2606:4700:3034::ac43:9577 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fedex.sendz-g.eu/18251398155 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:9577 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f0d199a78c292f851e2bf767a5a02974a7a4ac056f64249782321bc1fc198f7c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 85f56013ecb123d7-LHR content-encoding br content-type text/html date Mon, 04 Mar 2024 22:41:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BUcwjSq2SRovBE6AI5zKIwjvbAQ6BJ99BQ9%2F1yLTaAhjGPe6kYWhpiiAzgJERrO2Xa4xsjKRLqbw8YmUsAEHQ0b%2B3uDaW%2BCQCLysvAejoCuGTUKCimHtJ02TzTNBHk1hr1WMPdyLiAhhWA6TgYD"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	runtime.a73ffae6c04e2806.js Show response fedex.sendz-g.eu/	3 KB 2 KB	265ms 264ms	Script application/javascript	2606:4700:3034::ac43:9577 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fedex.sendz-g.eu/runtime.a73ffae6c04e2806.js Requested by Host: fedex.sendz-g.eu URL: https://fedex.sendz-g.eu/18251398155 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:9577 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5b062e99757cc048abf1dcfd90449b8db64d590f7a850559f781440c024a0829` Request headers Referer https://fedex.sendz-g.eu/18251398155 Origin https://fedex.sendz-g.eu accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 22:41:44 GMT content-encoding br cf-cache-status MISS last-modified Wed, 28 Feb 2024 19:28:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65df896b-bf0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tf4m9AD%2FamVehu0Io5QXFUxcEZwjEzw0V7aLPR1wog%2Fq47wwbZLEZJNZcKwqfIhfJw21TFiqYHAYBmrzo33RNaSXCns5bYMbk18EkEi5Yhq1yGOdm6Tp%2Fm8Ryi8yH%2F8OWHCAh1vOu52oMWxzUk9B"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 85f5601c2efc23d7-LHR alt-svc h3=":443"; ma=86400 expires Mon, 04 Mar 2024 23:41:44 GMT
GET H2	200	polyfills.ed2f690f70bee1a4.js Show response fedex.sendz-g.eu/	35 KB 13 KB	432ms 431ms	Script application/javascript	2606:4700:3034::ac43:9577 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fedex.sendz-g.eu/polyfills.ed2f690f70bee1a4.js Requested by Host: fedex.sendz-g.eu URL: https://fedex.sendz-g.eu/18251398155 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:9577 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `50aa115a1086e1cb28e923d2dff6ca6092fce8b53bfeb8b7fdbf4fa46e659b4f` Request headers Referer https://fedex.sendz-g.eu/18251398155 Origin https://fedex.sendz-g.eu accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 22:41:44 GMT content-encoding br cf-cache-status MISS last-modified Wed, 28 Feb 2024 19:28:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65df896b-8d99" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCAEJePIgK1oMTu%2Fo1qlgEDWZ34Zzi1ODGFoIOET7G6gBzDDOPNK5pVCNVhRcLKiofU3yUsE5QnH2%2BMlo774UBh4j%2BdxjDZGDCsJuPzzMRhGIZtKe5zGmoV9L%2BybxjFayzbahmDBXS02NjOMQPY%2B"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 85f5601c2efe23d7-LHR alt-svc h3=":443"; ma=86400 expires Mon, 04 Mar 2024 23:41:44 GMT
GET H2	200	main.43ce8f680310875d.js Show response fedex.sendz-g.eu/	3 MB 503 KB	4999ms 4999ms	Script application/javascript	2606:4700:3034::ac43:9577 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fedex.sendz-g.eu/main.43ce8f680310875d.js Requested by Host: fedex.sendz-g.eu URL: https://fedex.sendz-g.eu/18251398155 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:9577 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d82d82dc76d4ced2d39aaf996eb6ad05d825767e0bc78dd4f9333af2b914512c` Request headers Referer https://fedex.sendz-g.eu/18251398155 Origin https://fedex.sendz-g.eu accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 22:41:49 GMT content-encoding br cf-cache-status MISS last-modified Wed, 28 Feb 2024 19:28:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65df896b-31c3e7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NiStrC1NBiKS1uX9PDmU%2F5i%2B55rT5olivge5JLGStZ5O0nOPcKdsHNoKDiwQJaRQS4%2B%2Fr6sLmPQ4ZKm%2FaeV0h78tp%2Fde1wioYDAktKLWowj%2FRtkDszVn2GcdAbaXFRO2mOktpvlUeJOTEEIqxgS1"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 85f5601c2eff23d7-LHR alt-svc h3=":443"; ma=86400 expires Mon, 04 Mar 2024 23:41:44 GMT
GET H2	200	styles.d5913676bc5701b0.css fedex.sendz-g.eu/	230 KB 29 KB	2717ms 2717ms	Stylesheet text/css	2606:4700:3034::ac43:9577 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fedex.sendz-g.eu/styles.d5913676bc5701b0.css Requested by Host: fedex.sendz-g.eu URL: https://fedex.sendz-g.eu/18251398155 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:9577 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `502c062dedcc924440fc2e9c28ac175de05f620d0d775217f95d710129718be2` Request headers accept-language en-GB,en;q=0.9 Referer https://fedex.sendz-g.eu/18251398155 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 22:41:47 GMT content-encoding br cf-cache-status MISS last-modified Wed, 28 Feb 2024 19:28:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65df896b-399e4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aQyo%2BxYKiIoA%2BdOYPY%2FM2MFMNowV6l5RikU6Iolfl9PWoHfXPZqZspgV7%2BFxAE6F6VxjypcL%2FxydBnJ2l2yIh4Ij0%2F3VbjI5tqdCgFRpfYXednse84xiCc7mv%2BnNjEicdh1DBW%2FGbVsPfpMed0U"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 85f5601c2f0023d7-LHR alt-svc h3=":443"; ma=86400 expires Mon, 04 Mar 2024 23:41:44 GMT
GET H3	200	styles.d5913676bc5701b0.css fedex.sendz-g.eu/	230 KB 29 KB	650ms 650ms	Stylesheet text/css	2606:4700:3034::ac43:9577 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fedex.sendz-g.eu/styles.d5913676bc5701b0.css Requested by Host: fedex.sendz-g.eu URL: https://fedex.sendz-g.eu/18251398155 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9577 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `502c062dedcc924440fc2e9c28ac175de05f620d0d775217f95d710129718be2` Request headers accept-language en-GB,en;q=0.9 Referer https://fedex.sendz-g.eu/18251398155 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 22:41:47 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 28 Feb 2024 19:28:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65df896b-399e4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76zaq3qcSRkpIau5pE4qu1MhqiOvM9kucng9C8Fxs2Oody1AQoWZJKHkC9gbILmQ5hUtJGBVIka5qsFxeKb9G7RCtPBUjeYOBjH%2FPl01DFzWRE1%2By88yMzbc73xh9VYYy8sWqTM%2BuEeAXROWwcCK"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 85f5602d3abf6323-LHR alt-svc h3=":443"; ma=86400 expires Mon, 04 Mar 2024 23:41:47 GMT
GET H3	200	order Show response fedex.sendz-g.eu/api/18251398155/	979 B 1 KB	421ms 421ms	XHR application/json	2606:4700:3034::ac43:9577 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fedex.sendz-g.eu/api/18251398155/order Requested by Host: fedex.sendz-g.eu URL: https://fedex.sendz-g.eu/polyfills.ed2f690f70bee1a4.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9577 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `225d010b731b305a831e5030186eafdf0dcf73d269ca8b980258ee0438fbf198` Request headers Accept application/json, text/plain, / Referer https://fedex.sendz-g.eu/18251398155 accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers pragma no-cache date Mon, 04 Mar 2024 22:42:07 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FitkCyg%2FaGFCR3iGiG5Tti0RFtSzEo0AFPqk%2BFV1M0nys0YgHUyzlcDIJSFozB49bUFmv911Bkmj8EhuqygzdJSmaPlzaN05g4CMYsXf9TyEhnsbdZxybqvVG8cTz%2FlFGZ2keiffWlTmLTv88lD1"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate cf-ray 85f560acfb0b6323-LHR alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	783.51e124cabe99fa6d.js Show response fedex.sendz-g.eu/	193 KB 30 KB	269ms 268ms	Script application/javascript	2606:4700:3034::ac43:9577 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fedex.sendz-g.eu/783.51e124cabe99fa6d.js Requested by Host: fedex.sendz-g.eu URL: https://fedex.sendz-g.eu/runtime.a73ffae6c04e2806.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9577 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cfeeb0506a99b156ae906c0ac2a3d2e50516bbed36e51fece4f36789721b14b1` Request headers Referer https://fedex.sendz-g.eu/18251398155 Origin https://fedex.sendz-g.eu accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 22:42:08 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 28 Feb 2024 19:28:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65df896b-303f6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mxpMyChkQpJEEGQ%2Frv2dzLGE56yIEO9n1hIjkQZtmjoMlq5OKmeQ7lbFEb%2FIFC%2ByKzOuVILNcWZ3Xo2rYnoqQUCH5boPes0vkoKh33q06z9kBwaQWI64p0cZqXBmwOF5BDiFvJD9L8BQi5tjer0"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 85f560af9f346323-LHR alt-svc h3=":443"; ma=86400 expires Mon, 04 Mar 2024 23:42:08 GMT
GET H3	200	913.03e8e3b3da5b1ea2.js Show response fedex.sendz-g.eu/	184 KB 31 KB	299ms 299ms	Script application/javascript	2606:4700:3034::ac43:9577 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fedex.sendz-g.eu/913.03e8e3b3da5b1ea2.js Requested by Host: fedex.sendz-g.eu URL: https://fedex.sendz-g.eu/runtime.a73ffae6c04e2806.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9577 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9ddf4c1540d6ea1847e40a30457cf5b0871483df0e72677d32548b0ac595deba` Request headers Referer https://fedex.sendz-g.eu/18251398155 Origin https://fedex.sendz-g.eu accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 22:42:08 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 28 Feb 2024 19:28:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65df896b-2de63" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmbRfl5o1MjkgujxZj5OoAFQzYVkhBk2TnYf3hr546ucuAHF2GdjLVYOeraTYFkktWy91hcyfU7BMjbv7lm67aAYjNTjd%2FIcXW4ICPNtJ%2BVnfT2d4pvbMI5sBYfM5f5omfsVXLyChP7u24JKu1hF"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 85f560af9f356323-LHR alt-svc h3=":443"; ma=86400 expires Mon, 04 Mar 2024 23:42:08 GMT
GET H3	200	645.847dddfcd2feef51.js Show response fedex.sendz-g.eu/	3 MB 433 KB	305ms 305ms	Script application/javascript	2606:4700:3034::ac43:9577 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fedex.sendz-g.eu/645.847dddfcd2feef51.js Requested by Host: fedex.sendz-g.eu URL: https://fedex.sendz-g.eu/runtime.a73ffae6c04e2806.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9577 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8abefaaf0b04e1fb34e26c6331995a70520300b58f9dfb80d83b6911c5465dd8` Request headers Referer https://fedex.sendz-g.eu/18251398155 Origin https://fedex.sendz-g.eu accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 22:42:08 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 28 Feb 2024 19:28:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65df896b-28a33c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIP3wz2T6zMRLsJaJOcJxrPP9PAonMkTSxcPW1eXPwOHGasnXTxwFuovj537%2FVWK9xVzEXx2LxiLGLX6Wg7X3ZAmkbcijRW%2F1dAbhN68WH1ZIBLEWxwVNKC6ghoPuI601VpRvCtR9sObAqPOt0ej"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 85f560b19a446323-LHR alt-svc h3=":443"; ma=86400 expires Mon, 04 Mar 2024 23:42:08 GMT
GET H3	200	en-GB.json Show response fedex.sendz-g.eu/assets/i18n/	36 KB 12 KB	195ms 195ms	XHR application/json	2606:4700:3034::ac43:9577 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fedex.sendz-g.eu/assets/i18n/en-GB.json Requested by Host: fedex.sendz-g.eu URL: https://fedex.sendz-g.eu/polyfills.ed2f690f70bee1a4.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9577 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1f7ccb6c4be553438c515853084b7eae8a75c65fed85ef01a2ac343c385f7934` Request headers Accept application/json, text/plain, / Referer https://fedex.sendz-g.eu/18251398155 accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 22:42:08 GMT content-encoding br cf-cache-status DYNAMIC last-modified Thu, 29 Feb 2024 11:24:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65e06984-91c5" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BH%2F9meS2nHh3OXZrkp1pJgyFPDvKhYCD2Cu0SSDMBYK9VTAzsxqrqm%2Fz%2BNRry2Ac9ZOG9l03s12bRZ8qC9l5%2BHS%2BFbVsNb%2FT%2BZ8yo6XpX27B8pK6kzMpsp7iyhOkBr5ojLc4SLTeRoV%2F3SApsP1%2B"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 85f560b19a4d6323-LHR alt-svc h3=":443"; ma=86400
GET H3	200	roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2 fedex.sendz-g.eu/assets/fonts/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic/	49 KB 50 KB	367ms 366ms	Font application/octet-stream	2606:4700:3034::ac43:9577 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fedex.sendz-g.eu/assets/fonts/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9577 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `34ccd21cf8cc2a2bdcd7dbe6bef05246067ff849bf71308e207bf525f581763d` Request headers Referer https://fedex.sendz-g.eu/18251398155 Origin https://fedex.sendz-g.eu accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 22:42:08 GMT cf-cache-status REVALIDATED last-modified Wed, 28 Feb 2024 19:28:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65df896c-c428" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9QFUzUuMZ8rABi0SlUY8nHyx6hYRpwk1OhWYPirmNTaa5ejB%2FaGVKzqmJeu49QfeMNekXnomD3r%2FV9wWSeFV7XKa%2FMDkvLf6n%2BnBFDguLpXv6V6PdT44uT493bBUF%2BIh3qUaebVMZQECyOqGiEf"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 85f560b1aa556323-LHR alt-svc h3=":443"; ma=86400 content-length 50216 expires Mon, 04 Mar 2024 23:42:08 GMT
GET H3	200	matIcons.woff2 fedex.sendz-g.eu/assets/	111 KB 111 KB	265ms 265ms	Font application/octet-stream	2606:4700:3034::ac43:9577 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fedex.sendz-g.eu/assets/matIcons.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9577 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `95aecfa41fc5cc8287943526f51882cdfeeca2c815ecd42860a0b63e72371f37` Request headers Referer https://fedex.sendz-g.eu/18251398155 Origin https://fedex.sendz-g.eu accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 22:42:08 GMT cf-cache-status REVALIDATED last-modified Wed, 28 Feb 2024 19:28:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65df896c-1bab0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zN0nin3mRdAnjsTXzrOQdGzBIZ2n5anIU2eBrIvWDcZp79w177qvbva%2FHjJXXlri3wal6KF2B%2FS1M%2FOcI6ThhR%2B6o0oGdfKPC8Ww6aDyz9bKRZ0PPNhB7c%2B4wUPv4CCKQEC%2FI%2BpiwC7auCic02vf"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 85f560b1aa576323-LHR alt-svc h3=":443"; ma=86400 content-length 113328 expires Mon, 04 Mar 2024 23:42:08 GMT
GET H3	200	fedex.png fedex.sendz-g.eu/assets/img/platform/logo/	18 KB 18 KB	1473ms 1473ms	Image image/png	2606:4700:3034::ac43:9577 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://fedex.sendz-g.eu/assets/img/platform/logo/fedex.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9577 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90` Request headers accept-language en-GB,en;q=0.9 Referer https://fedex.sendz-g.eu/18251398155 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 22:42:10 GMT cf-cache-status MISS last-modified Wed, 28 Feb 2024 19:28:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65df896c-462c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewZ%2Brb39iBvVBpQYtwqUAUmw21v2BFf8hZl7D2RCVC6Ks2vT43NkRmVNvNJ7iOIVHB8b21cwlt0x6Y0VPh%2FJKBZVVxUNZ7%2FJKo6ljv9lKMp0%2B9nxE9WQ9DG23CTnn465kQ4awOxBrvKhTm7i6n4b"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=86400 accept-ranges bytes cf-ray 85f560b45e1f6323-LHR alt-svc h3=":443"; ma=86400 content-length 17964 expires Tue, 05 Mar 2024 22:42:09 GMT
GET H3	200	id Show response fedex.sendz-g.eu/api/4463745/order/	979 B 1 KB	221ms 221ms	XHR application/json	2606:4700:3034::ac43:9577 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fedex.sendz-g.eu/api/4463745/order/id Requested by Host: fedex.sendz-g.eu URL: https://fedex.sendz-g.eu/polyfills.ed2f690f70bee1a4.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9577 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `225d010b731b305a831e5030186eafdf0dcf73d269ca8b980258ee0438fbf198` Request headers Accept application/json, text/plain, / Referer https://fedex.sendz-g.eu/18251398155 accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers pragma no-cache date Mon, 04 Mar 2024 22:42:10 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BF10It%2B8R8kogPY6mTpoany37TyO9Z64EQVSjTUVJTVQ97sgc7tkNdOJsIMQdZr2iIsNd6QMPcsiq%2FCcLcGZLV%2FkC%2FrctNQruo7jlLd5Zx1d%2BAeJcT6OxVd%2FUHJHo7UXUgxIDlIjOQFyEzir8Txl"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate cf-ray 85f560bb98c36323-LHR alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	id Show response fedex.sendz-g.eu/api/4463745/order/	979 B 1 KB	218ms 218ms	XHR application/json	2606:4700:3034::ac43:9577 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fedex.sendz-g.eu/api/4463745/order/id Requested by Host: fedex.sendz-g.eu URL: https://fedex.sendz-g.eu/polyfills.ed2f690f70bee1a4.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9577 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `225d010b731b305a831e5030186eafdf0dcf73d269ca8b980258ee0438fbf198` Request headers Accept application/json, text/plain, / Referer https://fedex.sendz-g.eu/18251398155 accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers pragma no-cache date Mon, 04 Mar 2024 22:42:11 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8RzcXnEcWO7Jn7rfBA1y9D7m4lR9A5Uzv%2FLDh1LtHeLGTksTQw4283%2B1wzpVHyOR8ZRnL%2F7zfG9Q30TXgqWmiESCQPSn%2BnOQzIEWkgk4bKTLQsh3e%2BvRa95Y3y5CUYo%2F3%2BhcaCK5qERjb7a207P"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate cf-ray 85f560c4ff326323-LHR alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fedex (Transportation)

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkangApp function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononscrollendpatched function| __zone_symbol__queueMicrotask function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			fedex.sendz-g.eu/	1970-01-20 18:54:38	Name: cf_sid_ray Value: 8242969333be6bed7661f74311367515

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fedex.sendz-g.eu
2606:4700:3034::ac43:9577
1f7ccb6c4be553438c515853084b7eae8a75c65fed85ef01a2ac343c385f7934
225d010b731b305a831e5030186eafdf0dcf73d269ca8b980258ee0438fbf198
34ccd21cf8cc2a2bdcd7dbe6bef05246067ff849bf71308e207bf525f581763d
502c062dedcc924440fc2e9c28ac175de05f620d0d775217f95d710129718be2
50aa115a1086e1cb28e923d2dff6ca6092fce8b53bfeb8b7fdbf4fa46e659b4f
5b062e99757cc048abf1dcfd90449b8db64d590f7a850559f781440c024a0829
8abefaaf0b04e1fb34e26c6331995a70520300b58f9dfb80d83b6911c5465dd8
95aecfa41fc5cc8287943526f51882cdfeeca2c815ecd42860a0b63e72371f37
99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90
9ddf4c1540d6ea1847e40a30457cf5b0871483df0e72677d32548b0ac595deba
cfeeb0506a99b156ae906c0ac2a3d2e50516bbed36e51fece4f36789721b14b1
d82d82dc76d4ced2d39aaf996eb6ad05d825767e0bc78dd4f9333af2b914512c
f0d199a78c292f851e2bf767a5a02974a7a4ac056f64249782321bc1fc198f7c

fedex.sendz-g.eu Open in urlscan Pro 2606:4700:3034::ac43:9577 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1267 kBTransfer

6905 kBSize

1 Cookies

1 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

149 JavaScript Global Variables

1 Cookies

Indicators

fedex.sendz-g.eu Open in urlscan Pro
2606:4700:3034::ac43:9577 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1267 kB
Transfer

6905 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!