fgsenterprises.com Open in urlscan Pro
194.34.232.250 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://fgsenterprises.com/jidsfnibuysioskjvnisufbvsibsinskjvnsvk/secure/summary/signin/?country.x=san+francisco&locale.x=n...
Submission Tags: phishing malicious Search All
Submission: On May 08 via api (May 8th 2022, 4:20:11 pm UTC) from US — Scanned from DE

Summary HTTP 4 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 194.34.232.250, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is fgsenterprises.com.

This is the only time fgsenterprises.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3	194.34.232.250 194.34.232.250		51167 (CONTABO) (CONTABO)
4	2

3 194.34.232.250 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi817106.contaboserver.net

fgsenterprises.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	fgsenterprises.com fgsenterprises.com	12 KB
0	ugandaelevator.com Failed ugandaelevator.com Failed
4	2

	Domain	Requested by
3	fgsenterprises.com	fgsenterprises.com
0	ugandaelevator.com Failed	fgsenterprises.com
4	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://fgsenterprises.com/jidsfnibuysioskjvnisufbvsibsinskjvnsvk/secure/summary/signin/?country.x=san+francisco&locale.x=nl-nl,nl&q=0.7
Frame ID: F5FCC8327F28F14AD7F4A477915B8AC5
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in to your PayPal account

Page Statistics

4
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

12 kB
Transfer

59 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response fgsenterprises.com/jidsfnibuysioskjvnisufbvsibsinskjvnsvk/secure/summary/signin/	2 KB 1 KB	102ms 91ms	Document text/html	194.34.232.250 CONTABO
General Check archive.org Show headers Download Go to Full URL http://fgsenterprises.com/jidsfnibuysioskjvnisufbvsibsinskjvnsvk/secure/summary/signin/?country.x=san+francisco&locale.x=nl-nl,nl&q=0.7 Protocol HTTP/1.1 Server 194.34.232.250 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS vmi817106.contaboserver.net Software Apache / Resource Hash `e9941277d17d21ae8f8d129b907d7eadff630f8e1c2127709eea5d70cae23a9f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 925 Content-Type text/html; charset=UTF-8 Date Sun, 08 May 2022 16:20:06 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache Vary Accept-Encoding
GET		cart,jpg ugandaelevator.com/img/	0 0

GET H/1.1	200 OK	contextualLogin.css fgsenterprises.com/jidsfnibuysioskjvnisufbvsibsinskjvnsvk/secure/summary/style/css/	57 KB 11 KB	14ms 13ms	Stylesheet text/css	194.34.232.250 CONTABO
General Check archive.org Show headers Download Go to Full URL http://fgsenterprises.com/jidsfnibuysioskjvnisufbvsibsinskjvnsvk/secure/summary/style/css/contextualLogin.css Requested by Host: fgsenterprises.com URL: http://fgsenterprises.com/jidsfnibuysioskjvnisufbvsibsinskjvnsvk/secure/summary/signin/?country.x=san+francisco&locale.x=nl-nl,nl&q=0.7 Protocol HTTP/1.1 Server 194.34.232.250 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS vmi817106.contaboserver.net Software Apache / Resource Hash `abd38d1dbf1bbbbab3835be0b92bcff1d7fea77f23ccc9bb332be23538d69906` Request headers accept-language de-DE,de;q=0.9 Referer http://fgsenterprises.com/jidsfnibuysioskjvnisufbvsibsinskjvnsvk/secure/summary/signin/?country.x=san+francisco&locale.x=nl-nl,nl&q=0.7 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Sun, 08 May 2022 16:20:07 GMT Content-Encoding gzip Last-Modified Sun, 12 May 2019 01:29:08 GMT Server Apache Vary Accept-Encoding Content-Type text/css; charset=utf-8 Cache-Control max-age=31536000, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 10693 Expires Mon, 08 May 2023 16:20:07 GMT
GET H/1.1	404 Not Found	paypal-logo-129x32.svg fgsenterprises.com/jidsfnibuysioskjvnisufbvsibsinskjvnsvk/secure/summary/style/img/	16 B 16 B	12ms 12ms	Image text/html	194.34.232.250 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL http://fgsenterprises.com/jidsfnibuysioskjvnisufbvsibsinskjvnsvk/secure/summary/style/img/paypal-logo-129x32.svg Requested by Host: fgsenterprises.com URL: http://fgsenterprises.com/jidsfnibuysioskjvnisufbvsibsinskjvnsvk/secure/summary/style/css/contextualLogin.css Protocol HTTP/1.1 Server 194.34.232.250 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS vmi817106.contaboserver.net Software Apache / Resource Hash `8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41` Request headers accept-language de-DE,de;q=0.9 Referer http://fgsenterprises.com/jidsfnibuysioskjvnisufbvsibsinskjvnsvk/secure/summary/style/css/contextualLogin.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Sun, 08 May 2022 16:20:07 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 36

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ugandaelevator.com
URL: https://ugandaelevator.com/img/cart,jpg

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			fgsenterprises.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 13b7e1eeec6d4f5e4b08d0c023a4058f

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ugandaelevator.com/img/cart,jpg Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: http://fgsenterprises.com/jidsfnibuysioskjvnisufbvsibsinskjvnsvk/secure/summary/style/img/paypal-logo-129x32.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fgsenterprises.com
ugandaelevator.com
ugandaelevator.com
194.34.232.250
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
abd38d1dbf1bbbbab3835be0b92bcff1d7fea77f23ccc9bb332be23538d69906
e9941277d17d21ae8f8d129b907d7eadff630f8e1c2127709eea5d70cae23a9f

fgsenterprises.com Open in urlscan Pro 194.34.232.250 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

4 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

12 kBTransfer

59 kBSize

1 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

fgsenterprises.com Open in urlscan Pro
194.34.232.250 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

12 kB
Transfer

59 kB
Size

1
Cookies

4 HTTP transactions
0 data transactions