c19interac-terms.com Open in urlscan Pro
111.90.156.83  Malicious Activity! Public Scan

URL: http://c19interac-terms.com/Cra/confirming.php
Submission: On April 17 via api from KW

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 111.90.156.83, located in Malaysia and belongs to VERDINA, BZ. The main domain is c19interac-terms.com.
This is the only time c19interac-terms.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Canadian Government (Government)

Domain & IP information

IP Address AS Autonomous System
11 111.90.156.83 201133 (VERDINA)
11 1
Apex Domain
Subdomains
Transfer
11 c19interac-terms.com
c19interac-terms.com
76 KB
11 1
Domain Requested by
11 c19interac-terms.com c19interac-terms.com
11 1

This site contains no links.

Subject Issuer Validity Valid

This page contains 3 frames:

Primary Page: http://c19interac-terms.com/Cra/confirming.php
Frame ID: 57F872A97A016B99FDD56729572D123D
Requests: 9 HTTP requests in this frame

Frame: http://c19interac-terms.com/Cra/details_files/wmms.svg
Frame ID: E82E3EFC9923D2A49BF53A27C9166043
Requests: 1 HTTP requests in this frame

Frame: http://c19interac-terms.com/Cra/details_files/sig-en.svg
Frame ID: 2F737273904B5D594B1FE27661B46087
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

11
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

76 kB
Transfer

290 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request confirming.php
c19interac-terms.com/Cra/
9 KB
4 KB
Document
General
Full URL
http://c19interac-terms.com/Cra/confirming.php
Protocol
HTTP/1.1
Server
111.90.156.83 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
Software
LiteSpeed / PHP/7.3.16
Resource Hash
2e8359ceb6fe779ed076e1c489b3ab69f22843ea6280034afd897a9f73a3319a

Request headers

Host
c19interac-terms.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
Keep-Alive
X-Powered-By
PHP/7.3.16
Content-Type
text/html; charset=UTF-8
Content-Length
3355
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Fri, 17 Apr 2020 17:49:23 GMT
Server
LiteSpeed
theme.min.css
c19interac-terms.com/Cra/details_files/
199 KB
35 KB
Stylesheet
General
Full URL
http://c19interac-terms.com/Cra/details_files/theme.min.css
Requested by
Host: c19interac-terms.com
URL: http://c19interac-terms.com/Cra/confirming.php
Protocol
HTTP/1.1
Server
111.90.156.83 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e3536ef9cb8bcff43b17377a72b2657db0d020529137688b1fdf4b2ec7a2c105

Request headers

Referer
http://c19interac-terms.com/Cra/confirming.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 17:49:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Mar 2020 14:47:32 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
35068
apps.css
c19interac-terms.com/Cra/details_files/
3 KB
1 KB
Stylesheet
General
Full URL
http://c19interac-terms.com/Cra/details_files/apps.css
Requested by
Host: c19interac-terms.com
URL: http://c19interac-terms.com/Cra/confirming.php
Protocol
HTTP/1.1
Server
111.90.156.83 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f46bf9d80c6a531e5d88c3443ca7ada68ecec8a4f28dc70b864677ee9538a620

Request headers

Referer
http://c19interac-terms.com/Cra/confirming.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 17:49:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Mar 2020 14:49:56 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1194
common.css
c19interac-terms.com/Cra/details_files/
3 KB
1 KB
Stylesheet
General
Full URL
http://c19interac-terms.com/Cra/details_files/common.css
Requested by
Host: c19interac-terms.com
URL: http://c19interac-terms.com/Cra/confirming.php
Protocol
HTTP/1.1
Server
111.90.156.83 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
Software
LiteSpeed /
Resource Hash
37053f77ef8e58d33f414e464d7451871d81e888f4791cc10f31957ab423fbba

Request headers

Referer
http://c19interac-terms.com/Cra/confirming.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 17:49:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Mar 2020 14:49:50 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1056
timeout.css
c19interac-terms.com/Cra/details_files/
428 B
538 B
Stylesheet
General
Full URL
http://c19interac-terms.com/Cra/details_files/timeout.css
Requested by
Host: c19interac-terms.com
URL: http://c19interac-terms.com/Cra/confirming.php
Protocol
HTTP/1.1
Server
111.90.156.83 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
Software
LiteSpeed /
Resource Hash
447a4a6c6d785d6fc009367d1fd835b3245114e3162a5dafe288ea54ffd7e0c7

Request headers

Referer
http://c19interac-terms.com/Cra/confirming.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 17:49:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Mar 2020 14:47:12 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
240
font-awesome.css
c19interac-terms.com/Cra/details_files/
39 KB
8 KB
Stylesheet
General
Full URL
http://c19interac-terms.com/Cra/details_files/font-awesome.css
Requested by
Host: c19interac-terms.com
URL: http://c19interac-terms.com/Cra/confirming.php
Protocol
HTTP/1.1
Server
111.90.156.83 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6081e5ab192226d10d4ccbb32070bd11f65a079467886afb905ee3b9440952e7

Request headers

Referer
http://c19interac-terms.com/Cra/confirming.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 17:49:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Mar 2020 14:49:12 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7432
header-leaf.jpg
c19interac-terms.com/Cra/details_files/
7 KB
7 KB
Image
General
Full URL
http://c19interac-terms.com/Cra/details_files/header-leaf.jpg
Requested by
Host: c19interac-terms.com
URL: http://c19interac-terms.com/Cra/confirming.php
Protocol
HTTP/1.1
Server
111.90.156.83 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
Software
LiteSpeed /
Resource Hash
585defecffe2aae3c3daf15f7ce9c8b6482dab389bcbeb030d399f24232e6f64

Request headers

Referer
http://c19interac-terms.com/Cra/details_files/theme.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 17:49:23 GMT
Last-Modified
Thu, 12 Mar 2020 14:48:28 GMT
Server
LiteSpeed
Content-Type
image/jpeg
Cache-Control
max-age=2419200, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6962
header-bg.jpg
c19interac-terms.com/Cra/details_files/
15 KB
15 KB
Image
General
Full URL
http://c19interac-terms.com/Cra/details_files/header-bg.jpg
Requested by
Host: c19interac-terms.com
URL: http://c19interac-terms.com/Cra/confirming.php
Protocol
HTTP/1.1
Server
111.90.156.83 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
Software
LiteSpeed /
Resource Hash
52e75f289c865f1608d23ef199d4ddcf6c35a9b1c6596d0b515df7b2ffd5dcb4

Request headers

Referer
http://c19interac-terms.com/Cra/details_files/theme.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 17:49:23 GMT
Last-Modified
Thu, 12 Mar 2020 14:48:36 GMT
Server
LiteSpeed
Content-Type
image/jpeg
Cache-Control
max-age=2419200, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
15436
sft-deco.gif
c19interac-terms.com/Cra/details_files/
80 B
332 B
Image
General
Full URL
http://c19interac-terms.com/Cra/details_files/sft-deco.gif
Requested by
Host: c19interac-terms.com
URL: http://c19interac-terms.com/Cra/confirming.php
Protocol
HTTP/1.1
Server
111.90.156.83 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
Software
LiteSpeed /
Resource Hash
372dbc2821a06ee701e74972f6783b83951fe88459a28913ba425613ff15b909

Request headers

Referer
http://c19interac-terms.com/Cra/details_files/theme.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 17:49:23 GMT
Last-Modified
Thu, 12 Mar 2020 14:48:04 GMT
Server
LiteSpeed
Content-Type
image/gif
Cache-Control
max-age=2419200, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
80
wmms.svg
c19interac-terms.com/Cra/details_files/ Frame E82E
5 KB
2 KB
Document
General
Full URL
http://c19interac-terms.com/Cra/details_files/wmms.svg
Requested by
Host: c19interac-terms.com
URL: http://c19interac-terms.com/Cra/confirming.php
Protocol
HTTP/1.1
Server
111.90.156.83 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4dd1b275548819246b29ff689c8f617314c6e7b5a18c30341c001321519f9913

Request headers

Host
c19interac-terms.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://c19interac-terms.com/Cra/confirming.php
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://c19interac-terms.com/Cra/confirming.php

Response headers

Connection
Keep-Alive
Cache-Control
public, max-age=604800
Expires
Fri, 24 Apr 2020 17:49:23 GMT
Content-Type
image/svg+xml
Last-Modified
Thu, 12 Mar 2020 14:38:36 GMT
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Length
1804
Date
Fri, 17 Apr 2020 17:49:23 GMT
Server
LiteSpeed
sig-en.svg
c19interac-terms.com/Cra/details_files/ Frame 2F73
11 KB
3 KB
Document
General
Full URL
http://c19interac-terms.com/Cra/details_files/sig-en.svg
Requested by
Host: c19interac-terms.com
URL: http://c19interac-terms.com/Cra/confirming.php
Protocol
HTTP/1.1
Server
111.90.156.83 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ddc04f3de34dce28968926fb8d174ad39a07b875392fa406b07fc4c729a47438

Request headers

Host
c19interac-terms.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://c19interac-terms.com/Cra/confirming.php
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://c19interac-terms.com/Cra/confirming.php

Response headers

Connection
Keep-Alive
Cache-Control
public, max-age=604800
Expires
Fri, 24 Apr 2020 17:49:23 GMT
Content-Type
image/svg+xml
Last-Modified
Thu, 12 Mar 2020 14:38:36 GMT
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Length
2254
Date
Fri, 17 Apr 2020 17:49:23 GMT
Server
LiteSpeed

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Canadian Government (Government)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| objToday object| weekday string| dayOfWeek string| domEnder string| dayOfMonth object| months string| curMonth number| curYear number| curHour number| curMinute number| curSeconds string| curMeridiem string| today number| am number| dec

0 Cookies