ical.fedexdigitalcalendar.com Open in urlscan Pro
2606:4700:20::681a:96a  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request confirmationpage Show response ical.fedexdigitalcalendar.com/digitalcalendar/home/	4 KB 2 KB	635ms 568ms	Document text/html	2606:4700:20::681a:96a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ical.fedexdigitalcalendar.com/digitalcalendar/home/confirmationpage?eventGUID=A0891F5D-3078-4542-B586-3B260C9C78F6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:96a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash f95fbaeeb6c592ec97cb4197f57c9dc47639e01dd5c17df7956067fee7a47017 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 72a3b56e4fce9bbe-FRA content-encoding br content-type text/html; charset=utf-8 date Wed, 13 Jul 2022 17:23:50 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvF7JzLVLbP9zxJsg8YkNkLAL6FZVJOpko3s%2B3JLa0cLTJCDTCdof5CyI%2Bj2Wek70V0BVjD4CK%2F7OdhB3ZzS9RkgFn7tg0%2FG6BxjenFu4FxN0O%2FeP8rWt5M%2FMFQadiZdoH3JOJ%2BiBxWuK5o2MDqzx6rtJL%2FH%2FIa2Joyz"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by ASP.NET
GET H/1.1	200 OK	FedEx_Whitelogo.png ftp.infinitycontact.com/img/	18 KB 18 KB	1065ms 412ms	Image image/png	208.101.240.116 INVOLTA
General Check archive.org Show headers Download Go to Show image Full URL https://ftp.infinitycontact.com/img/FedEx_Whitelogo.png Requested by Host: ical.fedexdigitalcalendar.com URL: https://ical.fedexdigitalcalendar.com/digitalcalendar/home/confirmationpage?eventGUID=A0891F5D-3078-4542-B586-3B260C9C78F6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 208.101.240.116 , United States, ASN14230 (INVOLTA, US), Reverse DNS Software Microsoft-IIS/8.0 / ASP.NET Resource Hash a522687d8b152efdd12ccec781f54d91fa60de20408684f1ef41c1e672619c56 Request headers accept-language de-DE,de;q=0.9 Referer https://ical.fedexdigitalcalendar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Wed, 13 Jul 2022 17:23:50 GMT Last-Modified Tue, 04 Feb 2020 14:19:56 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET ETag "9f4f152d66dbd51:0" Content-Type image/png Accept-Ranges bytes Content-Length 17964
GET H2	200	invisible.js Show response ical.fedexdigitalcalendar.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 0BB5	40 KB 15 KB	17ms 16ms	Script application/javascript	2606:4700:20::681a:96a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ical.fedexdigitalcalendar.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1657728000 Requested by Host: ical.fedexdigitalcalendar.com URL: https://ical.fedexdigitalcalendar.com/digitalcalendar/home/confirmationpage?eventGUID=A0891F5D-3078-4542-B586-3B260C9C78F6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:96a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 333c6789c764d0c01d84761818d5316bbdcf123d9dd5006f254555a99228c6f6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 17:23:50 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5SYd%2FRcKO0aP%2BfqG7VUh%2FabZ4Wkon6SJXpRyVz1HjRs%2F3dkGCqEPxEbuVODn2g2Eo%2BYZco3brJwCi6cLVg1z6Fx2HoyT2%2BQSxB4b2ZnA6UHu8WJ8bKhkV1%2BAABCPQZvQmEuzeFJ%2FSTThzn7IQKStbjWKrDZvsPLBoEGn"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 72a3b5722e569bbe-FRA
GET H2	200	pica.js ical.fedexdigitalcalendar.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 0BB5	21 KB 8 KB	20ms 20ms	Other application/javascript	2606:4700:20::681a:96a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ical.fedexdigitalcalendar.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js Requested by Host: ical.fedexdigitalcalendar.com URL: https://ical.fedexdigitalcalendar.com/digitalcalendar/home/confirmationpage?eventGUID=A0891F5D-3078-4542-B586-3B260C9C78F6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:96a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed4ec6905203b74855ab3b0745fd1935f4d614b905dc5ed3a67b4e4666d32833 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 17:23:50 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcXeiyx0MyDOPzyFns2mlvTdz789enR%2BLT9f4fD966GcjenD%2FgbE06X%2BINt2zKjoFm1dLR3C9W3F6UwaqOYSX8QEscFXHhYfwXxDqU9rejehMM%2Bp6eJxyY7Lgvem8h%2FcAK5O1pGSK3O4QsPLU2KS5uSSmRzSg9DNHSrq"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=604800, public x-control-type-options nosniff cf-ray 72a3b5724eb69bbe-FRA
POST H2	200	72a3b56e4fce9bbe Show response ical.fedexdigitalcalendar.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 0BB5	2 B 581 B	36ms 35ms	XHR text/plain	2606:4700:20::681a:96a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ical.fedexdigitalcalendar.com/cdn-cgi/challenge-platform/h/g/cv/result/72a3b56e4fce9bbe Requested by Host: ical.fedexdigitalcalendar.com URL: https://ical.fedexdigitalcalendar.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1657728000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:96a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type application/json Response headers date Wed, 13 Jul 2022 17:23:51 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIRyQVi8rgt0lxMTxHJgooU1BpxqB6cBTLA4GO9Jvy4HxwYyC73Uc0OeDjaVTMU%2FN0BPWZnxNggZy4IxjQgSB4Prps5ArMADoeTroQ5u%2BJFuqmWjECPUE3TnFY8%2Bjj7MaNWjBmnbGCdMC%2BSVL4imsCAmCB6kTBlhc4aI"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 72a3b575dd379bbe-FRA

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fedex (Transportation)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.fedexdigitalcalendar.com/	1970-01-20 04:28:54	Name: __cf_bm Value: DcqqRYDO4NLcwET_Rrj2UC9D5PGpHmPEHSDW8HHjlbU-1657733031-0-AUoAfiSZTL7WkVbatLxopN53cTwWjV8eMR0neaIc7794CQVwBtQe8hdPyeyagiQH3A0pyZhk2R0xjF9eSeIGGRgSA65T70c2viwKe5YDvW3yyqTOxEtbMWmU23l2XMQiTg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ftp.infinitycontact.com
ical.fedexdigitalcalendar.com
208.101.240.116
2606:4700:20::681a:96a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
333c6789c764d0c01d84761818d5316bbdcf123d9dd5006f254555a99228c6f6
a522687d8b152efdd12ccec781f54d91fa60de20408684f1ef41c1e672619c56
ed4ec6905203b74855ab3b0745fd1935f4d614b905dc5ed3a67b4e4666d32833
f95fbaeeb6c592ec97cb4197f57c9dc47639e01dd5c17df7956067fee7a47017