tekeronline.com
Open in
urlscan Pro
2606:4700:3035::6815:2efd
Malicious Activity!
Public Scan
Effective URL: https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLf...
Submission: On February 12 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 14th 2021. Valid for: a year.
This is the only time tekeronline.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Canada Post (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 144.202.43.69 144.202.43.69 | 20473 (AS-CHOOPA) (AS-CHOOPA) | |
21 | 2606:4700:303... 2606:4700:3035::6815:2efd | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
21 | 1 |
ASN20473 (AS-CHOOPA, US)
PTR: 144.202.43.69.vultr.com
iboxhome.com.br |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
tekeronline.com
tekeronline.com |
180 KB |
1 |
iboxhome.com.br
1 redirects
iboxhome.com.br |
125 B |
21 | 2 |
Domain | Requested by | |
---|---|---|
21 | tekeronline.com |
tekeronline.com
|
1 | iboxhome.com.br | 1 redirects |
21 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-11-14 - 2022-11-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
Frame ID: 520EE507B862863B1729FEB2F2D130A3
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
Delivery Status | Canada Post - CanadaFacebookTwitterInstagramLinkedinYouTubeFacebookTwitterInstagramLinkedinYouTubeFacebookTwitterInstagramLinkedinYouTubePage URL History Show full URLs
-
https://iboxhome.com.br/canada-post-full-secure-delivery-support-info-canada-post-online-service-can...
HTTP 302
https://tekeronline.com/canadapost/ Page URL
- https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJs... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
ZURB Foundation (Web Frameworks) Expand
Detected patterns
- <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://iboxhome.com.br/canada-post-full-secure-delivery-support-info-canada-post-online-service-canada-post-delivery.php
HTTP 302
https://tekeronline.com/canadapost/ Page URL
- https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://iboxhome.com.br/canada-post-full-secure-delivery-support-info-canada-post-online-service-canada-post-delivery.php HTTP 302
- https://tekeronline.com/canadapost/
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
tekeronline.com/canadapost/ Redirect Chain
|
227 B 860 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
delivery-status.page.php
tekeronline.com/canadapost/ |
27 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
general.css
tekeronline.com/canadapost/content/ |
7 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
basic.css
tekeronline.com/canadapost/content/ |
152 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
org.css
tekeronline.com/canadapost/content/ |
399 KB 53 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bound.css
tekeronline.com/canadapost/content/ |
63 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cpc-main-logo.svg
tekeronline.com/canadapost/content/ |
12 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cpc-logo.svg
tekeronline.com/canadapost/content/ |
938 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
info-glyph.svg
tekeronline.com/canadapost/content/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Alert.svg
tekeronline.com/canadapost/content/ |
1007 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gov-canada-logo.svg
tekeronline.com/canadapost/content/ |
14 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fonts.css
tekeronline.com/canadapost/content/ |
17 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
track-banner-chevron-desktop.svg
tekeronline.com/canadapost/content/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
white.svg
tekeronline.com/canadapost/content/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
track-banner-bg-desktop.svg
tekeronline.com/canadapost/content/ |
641 B 956 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
track-icon-desktop.svg
tekeronline.com/canadapost/content/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
feedback.svg
tekeronline.com/canadapost/content/ |
724 B 973 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOmCnqEu92Fr1Mu4mxK.woff2
tekeronline.com/canadapost/content/ |
15 KB 16 KB |
Font
font/x-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
tekeronline.com/canadapost/content/ |
15 KB 16 KB |
Font
font/x-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
tekeronline.com/canadapost/content/ |
16 KB 16 KB |
Font
font/x-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
tekeronline.com/canadapost/content/ |
15 KB 16 KB |
Font
font/x-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Canada Post (Transportation)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone function| stFuSS function| xfxzvOzrppY function| sxfkftSQHz2 function| WcoHozeBQB3 function| ZQzzluxHP41 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
tekeronline.com/ | Name: PHPSESSID Value: 25o9ac2n179lcdp29dcbe0u3vm |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
iboxhome.com.br
tekeronline.com
144.202.43.69
2606:4700:3035::6815:2efd
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2c3ef75ec5c7389ab19835091856419a5e6c220a8446ed5145561705912ac971
426f0628d73d36a64fb4a26378bc799697e85b56f13e79407695b490bdc3212b
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
5c4664dec23fc339079382bfe35804c9fbfd0fbb653f65103c84e7096d6ee051
6a50626ef34e5da6014662089f0775c6187d23e5c22379da71203848eac50ee3
903917713c4aba31c782ac622b0e86576ae22f38bda1c3b16b3adceeaf10e3e8
9ab89aff3f5665980aca51362bced84d5c7cfe4131075836c313be28308f3479
a062a752f30325705c458934f43b75fc9f125439e1245b55cf82256cf71bd472
a3e212afe384ca0748abd4f2d21b0bd729ac51bb8daf898600a5628fba7c53ea
acf56f4833ccd8789f66864deae46f9a6efb8625f15b9e5996a00e5634f094e1
b3642f838f607a3ac9a59c3729d95265ab7dc471f4ad7d1bb5bd8a22149da23f
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b94438d2f6494a5b1ed3b1de0fe5ce8242fd1bf93358812e5812afd51ba84f72
bfbac6ac6e53ca7e02f40d58191e829212013927ab352c7da568c3d37ba55499
c4ca3281582b1dcf6c63684d8e6f31a9c3875b18d46992d11bbf506e6d6c5eef
c80b851c22c115a694216ffcc58d914d6f47666717dcfc4a0032564d82d1f5a7
d1f9fbf33db045a86af8a16f01659de9e5fbcce3199edb10a3ac4dc76155c4f9
e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87
e62e54914dbabecaaaa6b6ba4b605ec384be240d485555452e7e094a3c5d9b7c