ups-support.info
Open in
urlscan Pro
143.92.39.14
Malicious Activity!
Public Scan
Submission: On June 16 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on June 13th 2023. Valid for: 3 months.
This is the only time ups-support.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: USPS (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 143.92.39.14 143.92.39.14 | 64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN) | |
4 | 2606:4700::68... 2606:4700::6811:e04e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 2606:2800:233... 2606:2800:233:df95:1212:762c:504b:cf9d | 15133 (EDGECAST) (EDGECAST) | |
1 | 64.185.227.155 64.185.227.155 | 18450 (WEBNX) (WEBNX) | |
27 | 5 |
ASN64050 (BCPL-SG BGPNET Global ASN, SG)
ups-support.info | |
pay.check-services.info |
ASN18450 (WEBNX, US)
PTR: 64-185-227-155.static.webnx.com
api.ipify.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
usps.com
tools.usps.com — Cisco Umbrella Rank: 13187 www.usps.com Failed |
83 KB |
6 |
ups-support.info
ups-support.info |
321 KB |
4 |
fonts.net
fast.fonts.net — Cisco Umbrella Rank: 3877 |
2 KB |
3 |
check-services.info
pay.check-services.info |
620 B |
1 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2448 |
111 B |
27 | 5 |
Domain | Requested by | |
---|---|---|
10 | tools.usps.com |
ups-support.info
|
6 | ups-support.info |
ups-support.info
|
4 | fast.fonts.net |
ups-support.info
tools.usps.com |
3 | pay.check-services.info |
ups-support.info
|
1 | api.ipify.org |
ups-support.info
|
0 | www.usps.com Failed |
tools.usps.com
|
27 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ups-support.info R3 |
2023-06-13 - 2023-09-11 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-05 - 2024-05-04 |
a year | crt.sh |
*.usps.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-04-21 - 2024-05-21 |
a year | crt.sh |
pay.check-services.info R3 |
2023-06-08 - 2023-09-06 |
3 months | crt.sh |
*.ipify.org Sectigo RSA Domain Validation Secure Server CA |
2023-02-07 - 2024-02-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ups-support.info/
Frame ID: B0951732ABA71C68D3837DF33D75A927
Requests: 28 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ups-support.info/ |
999 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trackingCode.js
fast.fonts.net/t/ |
650 B 916 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.css
fast.fonts.net/t/ |
0 550 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.ca4104fddcee66705af9fcdd150f55e1.css
ups-support.info/static/css/ |
266 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.2ae2e69a05c33dfc65f8.js
ups-support.info/static/js/ |
857 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.9f26af603f2aa22cca50.js
ups-support.info/static/js/ |
315 KB 119 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.8ec2e8187199bef9cd9d.js
ups-support.info/static/js/ |
282 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.css
fast.fonts.net/t/ |
0 152 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracking-progress-bar.css
tools.usps.com/go/css/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
schedule-pickup.css
tools.usps.com/styles/ |
99 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-sb.css
tools.usps.com/global-elements/footer/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.css
tools.usps.com/go/css/redelivery-reskin/ |
31 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
tools.usps.com/go/css/ |
82 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
tools.usps.com/go/css/libs/ |
118 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-styles.css
tools.usps.com/styles/ |
33 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer-sb.css
tools.usps.com/global-elements/footer/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
megamenu-v4.css
tools.usps.com/global-elements/header/css/ |
43 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
schedule-redelivery.css
tools.usps.com/go/css/redelivery-reskin/ |
28 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.css
fast.fonts.net/t/ |
0 128 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
pay.check-services.info/socket.io/ |
97 B 269 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.ipify.org/ |
22 B 111 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
pay.check-services.info/socket.io/ |
2 B 148 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
pay.check-services.info/socket.io/ |
32 B 203 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
pay.check-services.info/socket.io/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
404.a57b6f3.png
ups-support.info/static/img/ |
96 KB 96 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
d5af76d8-a90b-4527-b3a3-182207cc3250.woff
www.usps.com/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
www.usps.com/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- pay.check-services.info
- URL
- https://pay.check-services.info/socket.io/?EIO=4&transport=polling&t=OZ488QU&sid=WA46hvZisRAaNXfmAFms
- Domain
- www.usps.com
- URL
- https://www.usps.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
- Domain
- www.usps.com
- URL
- https://www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: USPS (Transportation)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend undefined| projectId object| mtiTracking function| webpackJsonp object| core object| __core-js_shared__1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fonts.net/ | Name: __cf_bm Value: UhO8hAWWQPLAmHc5rwI0p_Ar4yoOqBtXN9GUloMlxio-1686917643-0-AaeTrQ06tjh9Fs4lnT4bqLTFC+AQdrLKK9/CKbx6BtcDchdXJpzdelk4OPHFKjILjEIpIUEgLElno1VXqVIdIE8= |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.ipify.org
fast.fonts.net
pay.check-services.info
tools.usps.com
ups-support.info
www.usps.com
pay.check-services.info
www.usps.com
143.92.39.14
2606:2800:233:df95:1212:762c:504b:cf9d
2606:4700::6811:e04e
64.185.227.155
0863d2c590d46ad4b990232414eef23349ee4316ac4ccbf6f4618329539fb65a
0d204cff2c9201b4e2aebf0dee15c5a7fd0c06db8b4a072c143813e7c09688cb
18961a60d0e8347696fb7f0b322232eef10638dcb029f9d3961f9db7e0a787cc
238a9426c314ebacb882b93126a690f1dd49d8c87d05cf6e246b35483a2c4881
374e5bd8196cdff2b498b9198f832d73e6d786f3d4bb042caae396434b1b6812
37a3108cd6d157f53861276d6ca769760813a950282015a58e4e857dff503651
538aa4d7334df582e45c6f998b2a98dad44062fa8586a6c602af103a61f1d63e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c3c9df8b8f0a80f863c53dec5cbca7dedbdcc7697c6c6359520950774653960
65e09ec697225883fb227b54f59a2c421b5af7a3b4f557770ab15d8934ff44ce
6b76a2bf1451c4ab4cc44f62e69edfb7b4bbc50c98f446e3fdde66dabfdfe6e5
7a69101becadf6995083745c06c5bf286fc3569d27d70ec5a14ed541fb33f351
8735d932936a4a881f99fcfd61f3f29bfe4d2e58752489297b70e45fafd3f751
98e7ac66d86036e26a821eb4882d8d040e48991f9ae200119cdefaf450a405e8
b6a47ae249195bc70d1f5043176e8b0f234b7862dd7a82be0fa660aef3280c1a
ccaebfd542fba2c3af8d9397e265345e7c7bec22c7c94f190ef7047e38479830
cf941a37a4d63825f17358d1013db6cd85143ab823f80d86eb5c1619e6a7c00d
d414b80e539a45c4c5b318d37543f524d2cfcc69c92256879afb2f1dd980fdd1
d88075fbefb84ea1f3854018954ceba86060b5ef2496d8d822699b4e74b2183d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e502f1c88526626db56a5e3643234b8b7fe3d27cf30817d21ceb0116d82e0a71
e8598e9ee0766c03355152c586bea865a40e77695eb609a85890aa7667a138cf
fd23939c08b8ee7c533226b58dabb8d84c6702f77db14869a2b3968601badebc