fmf-usps.shop
Open in
urlscan Pro
38.54.94.53
Malicious Activity!
Public Scan
Submission: On June 17 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on June 15th 2023. Valid for: 3 months.
This is the only time fmf-usps.shop was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: USPS (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 38.54.94.53 38.54.94.53 | 138915 (KAOPU-HK ...) (KAOPU-HK Kaopu Cloud HK Limited) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::2008 | 15169 (GOOGLE) (GOOGLE) | |
11 | 2606:4700:20:... 2606:4700:20::681a:965 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
24 | 6 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
linkcdn.to
fly.linkcdn.to — Cisco Umbrella Rank: 538171 |
118 KB |
9 |
fmf-usps.shop
fmf-usps.shop |
198 KB |
1 |
gstatic.com
fonts.gstatic.com |
13 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 80 |
2 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82 |
81 KB |
0 |
ip-api.com
Failed
pro.ip-api.com Failed |
|
24 | 6 |
Domain | Requested by | |
---|---|---|
11 | fly.linkcdn.to |
fmf-usps.shop
|
9 | fmf-usps.shop |
fmf-usps.shop
|
1 | fonts.gstatic.com |
fly.linkcdn.to
|
1 | fonts.googleapis.com |
fmf-usps.shop
|
1 | www.googletagmanager.com |
fmf-usps.shop
|
0 | pro.ip-api.com Failed |
fmf-usps.shop
|
24 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
mom-usps.shop |
about.usps.com |
www.facebook.com |
twitter.com |
www.pinterest.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
fmf-usps.shop R3 |
2023-06-15 - 2023-09-13 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-01-12 - 2024-01-12 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://fmf-usps.shop/
Frame ID: E3F323901C16E6907C8A4C6B89B56997
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
USPS - LinkflyDetected technologies
Google Tag Manager (Tag Managers) ExpandDetected patterns
- googletagmanager\.com/gtag/js
Polyfill (JavaScript Libraries) Expand
Detected patterns
- /polyfill\.min\.js
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: click update ddkun.shop/JGKD
Search URL Search Domain Scan URL
Title: Privacy Policy about.usps.com/who/legal/privacy-policy/?_gl=1*1tu18lq*_ga*MTEzNDk0MDQ3OS4xNjgyNDMyNjMz*_ga_3NXP3C8S9V*MTY4MjY4OTI4MC40LjAuMTY4MjY4OTI4NS4wLjAuMA..
Search URL Search Domain Scan URL
Title: Terms of Use about.usps.com/who/legal/terms-of-use.htm?_gl=1*1b2i7q6*_ga*MTEzNDk0MDQ3OS4xNjgyNDMyNjMz*_ga_3NXP3C8S9V*MTY4MjY4OTI4MC40LjEuMTY4MjY4OTMwMS4wLjAuMA..
Search URL Search Domain Scan URL
Title: FOIA about.usps.com/who/legal/foia/?_gl=1*5by50f*_ga*MTEzNDk0MDQ3OS4xNjgyNDMyNjMz*_ga_3NXP3C8S9V*MTY4MjY4OTI4MC40LjEuMTY4MjY4OTMyOS4wLjAuMA..
Search URL Search Domain Scan URL
Title: No FEAR Act/EEO Contacts about.usps.com/who/legal/no-fear-act/?_gl=1*18pqgcw*_ga*MTEzNDk0MDQ3OS4xNjgyNDMyNjMz*_ga_3NXP3C8S9V*MTY4MjY4OTI4MC40LjEuMTY4MjY4OTM0My4wLjAuMA..
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
fmf-usps.shop/ |
17 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css1.css
fmf-usps.shop/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
229 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.js
fly.linkcdn.to/v2.5/js/share/ |
139 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.js
fmf-usps.shop/js/ |
221 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.js
fmf-usps.shop/js/ |
139 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js
fmf-usps.shop/js/ |
101 B 314 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
json
pro.ip-api.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
25 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
share-common.css
fly.linkcdn.to/v2.5/theme/ |
47 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.css
fmf-usps.shop/css/ |
106 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
defaultWhite.css
fmf-usps.shop/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.css.v2.3.js
fmf-usps.shop/js/ |
65 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1682689100372.png
fly.linkcdn.to/upload/2023042813/ |
11 KB 11 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
share-tmpl.v2.3.js
fmf-usps.shop/js/ |
88 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.js
fly.linkcdn.to/v2.5/js/share/ |
139 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
verified_sprite.png
fly.linkcdn.to/images/ |
4 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1682429665015.png
fly.linkcdn.to/upload/2023042513/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blank.png
fly.linkcdn.to/images/ |
97 B 586 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.png
fly.linkcdn.to/statics/links/icons-socials/spirit/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.png
fly.linkcdn.to/statics/links/icons-socials/spirit/ |
3 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.png
fly.linkcdn.to/statics/links/icons-socials/spirit/ |
4 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
32.png
fly.linkcdn.to/statics/links/icons-socials/spirit/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7Auup_AqnyWWAxW2Wk3swUz56MS91Eww8Rf21nejpBh8CvRBOA.woff
fonts.gstatic.com/s/mavenpro/v25/ |
12 KB 13 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- pro.ip-api.com
- URL
- https://pro.ip-api.com/json?callback=cbgeo&key=YeRh6DXwBap8eFn
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: USPS (Transportation)33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| gettext function| GetPathString function| closePopup function| waringLeave function| scheduleTime function| clearImage function| amazon_af_region function| _makeup_link function| aff_linkfly function| checkLink function| getImageKey function| isEmpty function| ep function| setImmediate function| clearImmediate function| swal function| sweetAlert object| google_tag_manager object| google_tag_data object| dataLayer object| __theme function| cbgeo object| __ipgeo object| js object| fjs object| __animate object| __path string| mediapath function| eleParents function| onYouTubeIframeAPIReady0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fly.linkcdn.to
fmf-usps.shop
fonts.googleapis.com
fonts.gstatic.com
pro.ip-api.com
www.googletagmanager.com
pro.ip-api.com
2606:4700:20::681a:965
2a00:1450:4001:813::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2003
38.54.94.53
026faa9bd9eb128722e979518ec8fd2db07783a8ade5c81a70221c92dd6f3eae
211336e60c5e9162818fd1fe5add251a9ad4b4ba7e685a15472fad02092fcdc7
35f76503d7bc8dfcf2640a51da04db701acd83d965f12da0f51efa4c9bf64c09
42a26bdfb7bd5db8bdb87ebba3bdb0bfbd0f344c831049760e4f501fb388ae15
50db2192122cd1e4c7840544b7edab345dfdeadb95eec91bfc719778324492ec
537344c7916739820d30274372e9215229ef669c4f6a9f3c057d255de34d48fa
5b44d4a69f9e2baba1c93c445a159cf53be7cf99c62440ea68502a6102484dcf
75ae7a16c355e0129349081998518307ae4f0b23ebf35ec05942305b97b74b66
7c32ea39d35c5243fd9a828a6e73502d8a49b147cbe88827b8d7ee8dceda9ce2
80adce30a8a09e35855197b82ee5d3a8dcb266a04ede71da6d12360df8283213
8bd0704f4fceddfb4c1898471f26300b5a3e7f2a53d8fb13759c1e50ec59cdc7
8e3a579f74e858d73f1c6101032c2d9c6bc7c768ced3cf4cbbeeabf1128eb348
9e448238639792210d43bde27374200528b632a1b2b84ba343b360ec5a35aa8d
a5e17ee3919cc3d0b9cf90e776d60689a3307a7389b262ca285100e5aab250d3
aba3711c617b449463fde7f0d62f039280644ed13af7b67cd88ac39c54a7ca4d
c9df735a39ba200a3a0e22d0ce9e40769ad446f0d1b09f240f4399ec76c77ce4
cc02893fc848f362b771c92f5c3d2d9607f94e31cf159075ba25a3a35d2d3924
d3598713e92514243de1d568bf0ce3f26672ea7c4a3c7f255db7d8e8a6896169
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
e1711c1045ce1e203f873a6985c81d8c45b43a6ae4ba74f4015f182ef9281520
fc9e259669117b3e2c814392798e23871961db27b54ef88731aae886f5c4f58d