canada884-ground-fedex-service.com
Open in
urlscan Pro
91.202.233.158
Malicious Activity!
Public Scan
Submitted URL: https://canada884-ground-fedex-service.com/
Effective URL: https://canada884-ground-fedex-service.com/page/captcha.php
Submission: On July 18 via automatic, source certstream-suspicious — Scanned from DE
Effective URL: https://canada884-ground-fedex-service.com/page/captcha.php
Submission: On July 18 via automatic, source certstream-suspicious — Scanned from DE
Summary
This website contacted 3 IPs
in 2 countries
across 3 domains to perform 25 HTTP transactions.
The main IP is 91.202.233.158, located in
Ashgabat, Turkmenistan and
belongs to PROSPERO-AS, RU.
The main domain is canada884-ground-fedex-service.com.
TLS certificate: Issued by R11 on July 18th 2024. Valid for: 3 months.
This is the only time canada884-ground-fedex-service.com was scanned on urlscan.io!
TLS certificate: Issued by R11 on July 18th 2024. Valid for: 3 months.
This is the only time canada884-ground-fedex-service.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Fedex (Transportation)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 23 | 91.202.233.158 91.202.233.158 | 200593 (PROSPERO-AS) (PROSPERO-AS) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:831::2004 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:82f::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 25 | 3 |
23
91.202.233.158
(Ashgabat, Turkmenistan)
ASN200593 (PROSPERO-AS, RU)
ASN200593 (PROSPERO-AS, RU)
| canada884-ground-fedex-service.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 23 |
canada884-ground-fedex-service.com
2 redirects
canada884-ground-fedex-service.com |
64 KB |
| 3 |
google.com
www.google.com — Cisco Umbrella Rank: 10 |
961 B |
| 1 |
gstatic.com
www.gstatic.com |
213 KB |
| 25 | 3 |
| Domain | Requested by | |
|---|---|---|
| 23 | canada884-ground-fedex-service.com |
2 redirects
canada884-ground-fedex-service.com
|
| 3 | www.google.com |
canada884-ground-fedex-service.com
www.gstatic.com |
| 1 | www.gstatic.com |
www.google.com
|
| 25 | 3 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| canada884-ground-fedex-service.com R11 |
2024-07-18 - 2024-10-16 |
3 months | crt.sh |
| *.google.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
| *.gstatic.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://canada884-ground-fedex-service.com/page/captcha.php
Frame ID: BC5FCF5A2D5301F55E4C53CA7E298C71
Requests: 23 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcVtmYpAAAAAN038gJ8TQWH8ntOG7fLZLHkaF40&co=aHR0cHM6Ly9jYW5hZGE4ODQtZ3JvdW5kLWZlZGV4LXNlcnZpY2UuY29tOjQ0Mw..&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=7nyrozezaucy
Frame ID: BE75EEC861C5B857C040694C3A4286F1
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LcVtmYpAAAAAN038gJ8TQWH8ntOG7fLZLHkaF40
Frame ID: 3A2F6BD6AA24F02ADDC777B8DE3CFB5A
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Security CheckPage URL History Show full URLs
-
https://canada884-ground-fedex-service.com/
HTTP 301
https://canada884-ground-fedex-service.com/page/ HTTP 302
https://canada884-ground-fedex-service.com/page/captcha.php Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
reCAPTCHA
(Captchas)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <div[^>]+class="g-recaptcha"
- /recaptcha/api\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://canada884-ground-fedex-service.com/
HTTP 301
https://canada884-ground-fedex-service.com/page/ HTTP 302
https://canada884-ground-fedex-service.com/page/captcha.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
captcha.php
canada884-ground-fedex-service.com/page/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
api.js
www.google.com/recaptcha/ |
1 KB 961 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.css
canada884-ground-fedex-service.com/page/assets/css/ |
143 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
font-awesome.css
canada884-ground-fedex-service.com/page/assets/css/ |
28 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common.css
canada884-ground-fedex-service.com/page/assets/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
signin.css
canada884-ground-fedex-service.com/page/assets/css/ |
2 KB 995 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dashboard.css
canada884-ground-fedex-service.com/page/assets/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
csscreateaccount.css
canada884-ground-fedex-service.com/page/assets/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cssmodals.css
canada884-ground-fedex-service.com/page/assets/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ted-next.css
canada884-ground-fedex-service.com/page/assets/css/ |
1 KB 553 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
authorizedApplications.css
canada884-ground-fedex-service.com/page/assets/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
accountInformation.css
canada884-ground-fedex-service.com/page/assets/css/ |
2 KB 889 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
changePassword.css
canada884-ground-fedex-service.com/page/assets/css/ |
218 B 485 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
authentication.css
canada884-ground-fedex-service.com/page/assets/css/ |
230 B 489 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
alternateContactInfo.css
canada884-ground-fedex-service.com/page/assets/css/ |
2 KB 902 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
accountActivity.css
canada884-ground-fedex-service.com/page/assets/css/ |
865 B 677 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rui-icons.css
canada884-ground-fedex-service.com/page/assets/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
appHeader.css
canada884-ground-fedex-service.com/page/assets/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
appFooter.css
canada884-ground-fedex-service.com/page/assets/css/ |
845 B 708 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logoFEDY.png
canada884-ground-fedex-service.com/page/assets/images/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
white-menu.svg
canada884-ground-fedex-service.com/page/assets/images/ |
528 B 816 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ |
536 KB 213 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
anchor
www.google.com/recaptcha/api2/ Frame BE75 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
canada884-ground-fedex-service.com/ |
297 B 513 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
bframe
www.google.com/recaptcha/api2/ Frame 3A2F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Fedex (Transportation)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha function| onReCaptchaSuccess object| closure_lm_3087431 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| canada884-ground-fedex-service.com/ | Name: PHPSESSID Value: nqakklqadaspac80jldhkfrn4q |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
canada884-ground-fedex-service.com
www.google.com
www.gstatic.com
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2004
91.202.233.158
01ab9806a444a0ffdac612914fb8a076fc588e08af23cc36a77fa7387dbd5490
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
074f45ce59f29ffaa25622bc8bfda5fa97de6f4793ca73a6ce0333079110b4ac
0cd75d45e8876e5aa60c9910126f87a5a3d28c17e01715c142c3312d8c3c1407
195df29293c11bba30f7352d7f8ab24a8eb610d4f1b989be8ea66c854723b119
2ccfd1065a464bc9586e6db57608126b53aaeb7140c9d4bf51a7d00eedb8909a
3288ac93992f590d09f165de95cc9f9b31981d9986d78b17741d9c9f6a7a1b63
43ccff43c9aff9bec6e710fec50ee68ea3ea2feadbf4b8b6bb5897b6df96e514
50dae57c8d676fe2ca613a2decc3881aa7592b0fd63f16e97ae0bfba083ef3ab
5f087b92a7f132219f628c295d1b491e680d65eacfe7fa58930da08dee8dc7c5
773627ac86dd0f857b9426b9dea871bae49a8aa86d2f21ffb88f2fe84637bea8
7bf92f024cb08a9779c5404f5cb312c34f1b1dac73f8787aec9db3c4d84beb9f
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a
8e685b013d3ffd8d5283fa5429ca4bac19e2190b7a4432609e549aee3af33ef9
966e6016fac4a25b2f32d9e257bb3e84242b9a0b60ef4d5e599b3df952fe1f2f
99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90
a4492b4e7f390aa5e188c2e248801b1a1568ab588350908da90fcabec2266457
c9301c611f5c241ac5aae2b4175d67e473512058c41ef5539a51068c52f6ec61
d2cfacbba59f61d89c9839d08aaba0ed773b558dad8c9e9a7d15de3b210b8330
da12fba31b7154b9c2d77af2326b35c725d3c1c1b5c4f8ef2c2fdf26f87a8466
df85e001ce72e46c578531cf3ea8bbb0712a4af63abc112d9d633e474c05965f