ambassador-enterprises.com
Open in
urlscan Pro
159.203.103.60
Malicious Activity!
Public Scan
Submission: On September 29 via manual from MY — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 7th 2021. Valid for: 3 months.
This is the only time ambassador-enterprises.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Canadian Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 159.203.103.60 159.203.103.60 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
18 | 198.103.206.31 198.103.206.31 | 2665 (CDAGOVN) (CDAGOVN) | |
2 | 142.250.185.138 142.250.185.138 | 15169 (GOOGLE) (GOOGLE) | |
5 | 142.250.185.67 142.250.185.67 | 15169 (GOOGLE) (GOOGLE) | |
27 | 4 |
ASN14061 (DIGITALOCEAN-ASN, US)
ambassador-enterprises.com |
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
cra-arc.gc.ca
cms-sgj.cra-arc.gc.ca |
806 KB |
5 |
gstatic.com
fonts.gstatic.com |
94 KB |
2 |
googleapis.com
fonts.googleapis.com |
2 KB |
2 |
ambassador-enterprises.com
ambassador-enterprises.com |
5 KB |
27 | 4 |
Domain | Requested by | |
---|---|---|
18 | cms-sgj.cra-arc.gc.ca |
ambassador-enterprises.com
cms-sgj.cra-arc.gc.ca |
5 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | fonts.googleapis.com |
cms-sgj.cra-arc.gc.ca
|
2 | ambassador-enterprises.com |
cms-sgj.cra-arc.gc.ca
|
27 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.canada.ca |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.ambassador-enterprises.com R3 |
2021-09-07 - 2021-12-06 |
3 months | crt.sh |
cms-sgj.cra-arc.gc.ca Entrust Certification Authority - L1K |
2020-02-13 - 2022-05-12 |
2 years | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://ambassador-enterprises.com/cra-arc/confirm.php
Frame ID: 14A4AF7E2E8B3875D0D626F6978D97CC
Requests: 25 HTTP requests in this frame
Frame:
https://cms-sgj.cra-arc.gc.ca/ebci/wet/v5.0.1/GCWeb/assets/sig-blk-en.svg
Frame ID: F4237E9EFEE6412E5B91FF37A2B188E9
Requests: 1 HTTP requests in this frame
Frame:
https://cms-sgj.cra-arc.gc.ca/ebci/wet/v5.0.1/GCWeb/assets/wmms-blk.svg
Frame ID: 326D408A5F023DB96C55161E6B6C22D9
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Canada Revenue Agency - Change CRA security questions and answers—select questionsDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Terms and conditions
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Personal Information Collection Statement
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
confirm.php
ambassador-enterprises.com/cra-arc/ |
36 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
theme.min.css
cms-sgj.cra-arc.gc.ca/ebci/wet/v5.0.1/GCWeb/css/ |
313 KB 314 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apps.css
cms-sgj.cra-arc.gc.ca/ebci/wet/v5.0.1/cra-arc/ |
5 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
cms-sgj.cra-arc.gc.ca/gol-ged/awsc/cms/pub/css/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cms2.css
cms-sgj.cra-arc.gc.ca/gol-ged/awsc/cms/pub/css/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
amssUtils.js
cms-sgj.cra-arc.gc.ca/gol-ged/awsc/cms/pub/js/ |
4 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
capturequestions.js
cms-sgj.cra-arc.gc.ca/gol-ged/awsc/cms/pub/js/ |
1 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
cms-sgj.cra-arc.gc.ca/ebci/wet/v5.0.1/wet-boew/js/jquery/1.12.4/ |
95 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wet-boew.min.js
cms-sgj.cra-arc.gc.ca/ebci/wet/v5.0.1/wet-boew/js/ |
188 KB 189 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
theme.min.js
cms-sgj.cra-arc.gc.ca/ebci/wet/v5.0.1/GCWeb/js/ |
38 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apps.js
cms-sgj.cra-arc.gc.ca/ebci/wet/v5.0.1/cra-arc/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all.css
cms-sgj.cra-arc.gc.ca/ebci/wet/v5.0.1/cra-arc/font-awesome-5.8.1/css/ |
72 KB 72 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 949 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 943 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v21/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ |
22 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v21/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0TIpQlx3QUlC5A4PNr4Az5ZuyDzW0.woff2
fonts.gstatic.com/s/notosans/v21/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
sig-blk-en.svg
cms-sgj.cra-arc.gc.ca/ebci/wet/v5.0.1/GCWeb/assets/ Frame F423 |
10 KB 10 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
wmms-blk.svg
cms-sgj.cra-arc.gc.ca/ebci/wet/v5.0.1/GCWeb/assets/ Frame 326D |
5 KB 5 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
en.min.js
cms-sgj.cra-arc.gc.ca/ebci/wet/v5.0.1/wet-boew/js/i18n/ |
6 KB 6 KB |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
timeout.js
cms-sgj.cra-arc.gc.ca/gol-ged/awsc/cms/pub/js/ |
10 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
en.min.js
cms-sgj.cra-arc.gc.ca/ebci/wet/v5.0.1/wet-boew/js/i18n/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
timeout.css
ambassador-enterprises.com/gol-ged/awsc/cms/pub/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.magnific-popup.min.js
cms-sgj.cra-arc.gc.ca/ebci/wet/v5.0.1/wet-boew/js/deps/ |
12 KB 12 KB |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.magnific-popup.min.js
cms-sgj.cra-arc.gc.ca/ebci/wet/v5.0.1/wet-boew/js/deps/ |
21 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Canadian Government (Government)42 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster boolean| isNN function| autoTab function| isCanadianPostalCode function| containsElement function| getIndex function| cursorRestoration function| clearErrorFields function| clearAllFields function| setAutoComplete function| clearErrorText function| resetByName function| removeId function| decodeHtml object| selectElements object| inputElements object| submitButton object| clearBtn object| mode object| acceptCookie object| doNotAcceptCookie object| inputTextElements function| hasError object| qaForm object| cancelBtn object| resetBtn object| passwordInput boolean| submitted function| $ function| jQuery object| Modernizr function| yepnope object| wb object| jQuery112408577334166751247 function| onYouTubeIframeAPIReady object| youTube object| wb-data-ajax object| awsc object| contextPath0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ambassador-enterprises.com
cms-sgj.cra-arc.gc.ca
fonts.googleapis.com
fonts.gstatic.com
142.250.185.138
142.250.185.67
159.203.103.60
198.103.206.31
07e50c2f4e934631ce64e0fa11e6fc9407f9af9c870e25c4f770adcbbbc41f6a
16f91a9f949dd6b9c3a326bc0a7a95c79609bdf3c28e52bdd37bdcd37c2bdb87
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
33b033c0d9689026e51e3cc6d4137082a831aea11edc7f9d4735abde8dd68a54
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4c9b2a27075da307d5a735af2ed7a0117ccf1d64420ddccd7c16dd36f77feaef
680f969b93d1a6ddd6260f64676140659d75c286429f4cd51ccc629845ffc471
71755911a64c596475d48e3b42d90c4657a1e00c45fe61d77d897036acea54e5
772daac13b4bced8a79c017ff11e2391f31a73f0961fa2dc51b8c48075e35417
77e62b65eb4346a8c357a0f890e8044da7f5ad8fc503d5b5a721a48f81d47b3f
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d9def14152cda72c5c762c34a97c85479e23d340f925e450ccc808cf7b56af8
922b29982c604cb77c82a27900857b7e9be69252ef3d1686c87dc3893abcaaba
9d03d7e3baf335a1d4697726bea79d39f1edfde2b6dc8010620b0bb28c7b148c
a89700363be6cf481306367f5b12d68068efaf1ac3b7f17d9186f9c64ecc6ed7
b2e36d892559ddef5691afa5bfba0996945fade837eb649bf6761f583ed95007
ba21fbb46af1680aa5753e8bb57d998f3b3a450b89b1497307a3852a82c3e01a
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
d0b5a298ed4fb5109ec6d61c9290b4ebec4ca31f5b84df6837baaf22ed283e1e
d5f1c76620875851a634bc5349bc3177c262f6bfbfb5fcfa7c7b1ff91d1bd36d
dc827f391db1b0a6917a1773e98731ab7901dd9897f0ad46c0f797f27f279487
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb30d10a515b7997b878e0977d97157478237a247b06e2bdf5a60f9c5e81a434
ec7f61216039635a81b704dc68fb1e384db8e176993284497db42057148dbb1c