mahatmavidyalaya.org
Open in
urlscan Pro
184.168.96.143
Malicious Activity!
Public Scan
Effective URL: https://mahatmavidyalaya.org/Home/-/fedex/main/home
Submission: On September 21 via manual from QA — Scanned from CA
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 19th 2021. Valid for: a year.
This is the only time mahatmavidyalaya.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Fedex (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 158.69.1.76 158.69.1.76 | 16276 (OVH) (OVH) | |
1 17 | 184.168.96.143 184.168.96.143 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
2 | 2606:4700::68... 2606:4700::6812:1634 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 68.65.122.196 68.65.122.196 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
20 | 4 |
ASN16276 (OVH, FR)
PTR: vps-3c0c5892.vps.ovh.ca
estate.solidtech.in |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 143.96.168.184.host.secureserver.net
mahatmavidyalaya.org |
ASN22612 (NAMECHEAP-NET, US)
PTR: premium23-2.web-hosting.com
mincex.fun |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
mahatmavidyalaya.org
1 redirects
mahatmavidyalaya.org |
103 KB |
2 |
fontawesome.com
pro.fontawesome.com — Cisco Umbrella Rank: 4968 |
191 KB |
1 |
mincex.fun
mincex.fun |
4 KB |
1 |
solidtech.in
estate.solidtech.in |
661 B |
20 | 4 |
Domain | Requested by | |
---|---|---|
17 | mahatmavidyalaya.org |
1 redirects
estate.solidtech.in
mahatmavidyalaya.org |
2 | pro.fontawesome.com |
mahatmavidyalaya.org
pro.fontawesome.com |
1 | mincex.fun |
mahatmavidyalaya.org
|
1 | estate.solidtech.in | |
20 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
estate.solidtech.in R3 |
2022-09-18 - 2022-12-17 |
3 months | crt.sh |
mahatmavidyalaya.org Go Daddy Secure Certificate Authority - G2 |
2021-10-19 - 2022-10-19 |
a year | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-01 - 2023-01-01 |
a year | crt.sh |
mincex.fun Sectigo RSA Domain Validation Secure Server CA |
2022-04-26 - 2023-04-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://mahatmavidyalaya.org/Home/-/fedex/main/home
Frame ID: 2B0313E350364AB178D353F4441BBC37
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
تتبع الشحنةPage URL History Show full URLs
- https://estate.solidtech.in/-/siados Page URL
-
https://mahatmavidyalaya.org/Home/-/fedex/
HTTP 302
https://mahatmavidyalaya.org/Home/-/fedex/main/home Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://estate.solidtech.in/-/siados Page URL
-
https://mahatmavidyalaya.org/Home/-/fedex/
HTTP 302
https://mahatmavidyalaya.org/Home/-/fedex/main/home Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
siados
estate.solidtech.in/-/ |
403 B 661 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
home
mahatmavidyalaya.org/Home/-/fedex/main/ Redirect Chain
|
13 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
mahatmavidyalaya.org/Home/-/fedex/main/assets/css/ |
188 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
mahatmavidyalaya.org/Home/-/fedex/main/assets/css/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
pro.fontawesome.com/releases/v5.10.0/css/ |
153 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
log.png
mahatmavidyalaya.org/Home/-/fedex/main/assets/imgs/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3p.png
mahatmavidyalaya.org/Home/-/fedex/main/assets/imgs/ |
352 B 459 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cre.png
mahatmavidyalaya.org/Home/-/fedex/main/assets/imgs/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fe.png
mahatmavidyalaya.org/Home/-/fedex/main/assets/imgs/ |
846 B 924 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr.png
mahatmavidyalaya.org/Home/-/fedex/main/assets/imgs/ |
642 B 718 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hl.png
mahatmavidyalaya.org/Home/-/fedex/main/assets/imgs/ |
519 B 595 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cam.png
mahatmavidyalaya.org/Home/-/fedex/main/assets/imgs/ |
784 B 860 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lb.png
mahatmavidyalaya.org/Home/-/fedex/main/assets/imgs/ |
741 B 817 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
media.png
mahatmavidyalaya.org/Home/-/fedex/main/assets/imgs/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
mahatmavidyalaya.org/Home/-/fedex/main/assets/js/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
mahatmavidyalaya.org/Home/-/fedex/main/assets/js/ |
61 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.js
mahatmavidyalaya.org/Home/-/fedex/main/assets/js/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
mahatmavidyalaya.org/Home/-/fedex/main/assets/js/ |
1 KB 547 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-light-300.woff2
pro.fontawesome.com/releases/v5.10.0/webfonts/ |
161 KB 162 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
index
mincex.fun/newsystem/pages/get/055485e43bc0f8eab1a075461571e544/ |
4 KB 4 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Fedex (Transportation)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery number| uidEvent object| bootstrap function| getContent1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
mahatmavidyalaya.org/ | Name: PHPSESSID Value: 5eff6d63dbd7c041fd04089a7b2a3aea |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
estate.solidtech.in
mahatmavidyalaya.org
mincex.fun
pro.fontawesome.com
158.69.1.76
184.168.96.143
2606:4700::6812:1634
68.65.122.196
0c159070e198b7ed2a9162d6c9751f5914ff62803914d8512d60b1f5ffde4334
119398426da3f2a2d98cb88877915055a59deaf2d5037628272224ff5480c351
2909d4fa86cf09191e768576e1a6eab7f2635a2627549c45d29595ffac9c0da9
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
3c10852caab00fba090e88a46ed5118e3bc968300d903d474665c00fbe077ffc
58ad2c4050e80f3ff7c9d7ede4c5bb2e1adf4fd2cb5815fe2bea489ac0cae9f6
5a3bfd0ed60963e3b2ab94927ee76df0af500df236762d6ec79109eeb695b9d4
80358cfadbfb2de86fa12e885d55b585630ec95f80b2f69c8dab8d58c33f6d1e
81df76b98fcdaaf78e000ec83d8fbb5a199681b9ec2b4fd52f6076c982383f22
843c412bd3cc94937a275b46c5b6be2d1c6060a69e0d67d287f5fd18da37e0c6
8e70557097056f79b4ea3a512b1844cac97f5dacc9054b05aa49c295e236c460
9303c515923ed11aba1963dd80bf31db7f71ce3296b8e389cea6106eaa370e18
999b2fed358e420901d57b2af544872ec28a2a5056453994ca3d72b22cf96a5f
99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
aa546e62df5df5daf48725bc4800cff0067570c0008dcdaca391eb4ea6c0310b
e24fb0e66a77906a954f8a07493d055ce96743e35ef0779009208f24b10094ca
eccda055196bd8e74e228c7a2e0520c2df5ef77483066b2c061bb38bb3624864
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d