paris-to.com Open in urlscan Pro
2606:4700:3033::ac43:cc39 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://usp4b311.co/
Effective URL:
https://paris-to.com/
Submission: On March 12 via manual (March 12th 2024, 2:15:39 pm UTC) from US — Scanned from US

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 9 HTTP transactions. The main IP is 2606:4700:3033::ac43:cc39, located in United States and belongs to CLOUDFLARENET, US. The main domain is paris-to.com.
TLS certificate: Issued by GTS CA 1P5 on February 27th 2024. Valid for: 3 months.

This is the only time paris-to.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: USPS (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::6815:319c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:10:... 2606:4700:10::ac43:8ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3033::6815:5d27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:303... 2606:4700:3033::ac43:cc39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2

1 2606:4700:3037::6815:319c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

usp4b311.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:8ee (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:5d27 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

paris-to.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3033::ac43:cc39 (United States)

ASN13335 (CLOUDFLARENET, US)

paris-to.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	paris-to.com 1 redirects paris-to.com	171 KB
1	cutt.ly 1 redirects cutt.ly — Cisco Umbrella Rank: 60836	386 B
1	usp4b311.co 1 redirects usp4b311.co	648 B
0	iplogger.com Failed iplogger.com Failed
9	4

	Domain	Requested by
9	paris-to.com	1 redirects paris-to.com
1	cutt.ly	1 redirects
1	usp4b311.co	1 redirects
0	iplogger.com Failed	paris-to.com
9	4

This site contains no links.

Subject Issuer	Validity	Valid
paris-to.com GTS CA 1P5	`2024-02-27` - `2024-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://paris-to.com/
Frame ID: BDD59E6B76D6E4A936CF6510909DE2DA
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

U𝑺𝑷𝑺.com® - U𝑺𝑷𝑺 Tracking® Results

Page URL History Show full URLs

http://usp4b311.co/ HTTP 301
https://cutt.ly/Bw1JyXVp HTTP 301
http://paris-to.com/ HTTP 301
https://paris-to.com/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

9
Requests

89 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

170 kB
Transfer

267 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://usp4b311.co/ HTTP 301
https://cutt.ly/Bw1JyXVp HTTP 301
http://paris-to.com/ HTTP 301
https://paris-to.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response paris-to.com/ Redirect Chain http://usp4b311.co/ https://cutt.ly/Bw1JyXVp http://paris-to.com/ https://paris-to.com/	987 B 987 B	248ms 172ms	Document text/html	2606:4700:3033::ac43:cc39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://paris-to.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:cc39 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `24d2c45bff848313aa65bc56a4203ed1c4b7cd85b7b9f6eb9b85d05648581ff4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 863465ac28494954-MIA content-encoding br content-type text/html; charset=UTF-8 date Tue, 12 Mar 2024 14:15:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2B6%2BXLZ%2FJIUEbVUPBGIxIAo3i9hR6JCcHUPQMMLlR0Y5HFgn7eRqtj5IpkD2bf7i%2Fpmp23piQXagcqli7iuHKdve7mwh7Rbc5JTOPq1cKY7oAO7ovtXjpzgIX%2Bod2rmYBkgRvvcEuYl%2FSkI%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers CF-RAY 863465ab6aea258e-MIA Cache-Control max-age=3600 Connection keep-alive Date Tue, 12 Mar 2024 14:15:34 GMT Expires Tue, 12 Mar 2024 15:15:34 GMT Location https://paris-to.com/ NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCF%2B%2BlYoWSAQnqBlFL5n%2B7zYbaDk8in6tReKqgOA6PanurjWdC5GKR0PRaP9RcQ2sip0JqqENd%2FNp1SK8etaVON46J7rrc17DTNX0YNM7KV3Uysklyicz3zr6fzftBbtMUSAdCu8ufxWIUM%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400
GET		1ZmLZ4 iplogger.com/	0 0

GET H2	200	chunk-vendors.ca913239.js Show response paris-to.com/js/	99 KB 38 KB	129ms 128ms	Script application/javascript	2606:4700:3033::ac43:cc39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://paris-to.com/js/chunk-vendors.ca913239.js Requested by Host: paris-to.com URL: https://paris-to.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:cc39 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d548d32f1acad054d35791fb4494b2f14792ea11199a1d7ce8dd7e1b43ccfd11` Request headers accept-language en-US,en;q=0.9 Referer https://paris-to.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1 Response headers date Tue, 12 Mar 2024 14:15:35 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 29 Jan 2024 06:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65b74b10-18c1f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cUVX5teV5hsP9BT2AUt%2BRfUS%2FB9GwNsn3Ml2C3o5TxFxnTDt6KvHVnO8EDnwewC9I2cDaNTsRxRnvaf6G%2F6WUnfMAeZbqy1lwYu6vT0ZTAkCG4e2k2Oy1YbePHdXaDPuT2XQWII3gYu2oU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 863465ad49ee4954-MIA alt-svc h3=":443"; ma=86400 expires Wed, 13 Mar 2024 02:15:35 GMT
GET H3	200	app.e4905b08.js Show response paris-to.com/js/	8 KB 4 KB	119ms 119ms	Script application/javascript	2606:4700:3033::ac43:cc39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://paris-to.com/js/app.e4905b08.js Requested by Host: paris-to.com URL: https://paris-to.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:cc39 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0bb0b33257d0cc3a271566b5e39a81341439a95c8ee4315616b8f1fee52e4ec3` Request headers accept-language en-US,en;q=0.9 Referer https://paris-to.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1 Response headers date Tue, 12 Mar 2024 14:15:35 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 29 Jan 2024 06:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65b74b10-1f84" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSQby2VceXV1623%2Btlti%2BM9r3a9fpAe2fxYelbVzv7xu%2B49F%2FWirJyLa8HP993%2Bux%2BTSB0Y3H7LQyrBj5y6UES2JhHfEC5LJfXKS00OVa48rQhhieo8lNBEwfIjJaIbd7Bv7k1I6BP8U2Yg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 863465ae2c6fdaf1-MIA alt-svc h3=":443"; ma=86400 expires Wed, 13 Mar 2024 02:15:35 GMT
GET H2	200	app.9b8d7b51.css paris-to.com/css/	35 KB 24 KB	122ms 122ms	Stylesheet text/css	2606:4700:3033::ac43:cc39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://paris-to.com/css/app.9b8d7b51.css Requested by Host: paris-to.com URL: https://paris-to.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:cc39 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bee8ee56c3e18aec4ef04b5e5a3dfd6fa6d0de71e9860ad0efeb1c7647092844` Request headers accept-language en-US,en;q=0.9 Referer https://paris-to.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1 Response headers date Tue, 12 Mar 2024 14:15:35 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 29 Jan 2024 06:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65b74b10-8a1e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBEl1rErJHAhihcfuP3JlLx5oMxgkWNnoxWBIhuhxGKy5UeA4Dc5sEzeTSf9AyBqYTjfN3hxmpuWpXa4Fk%2FHalLc6G3X%2BhY%2B9cfmqhOOuiqsyjAi0eAni9yq92ZOR204%2F%2F05z0Sq3C7RPFs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 863465ad49ec4954-MIA alt-svc h3=":443"; ma=86400 expires Wed, 13 Mar 2024 02:15:35 GMT
GET H2	200	loading.jpg paris-to.com/	80 KB 80 KB	43ms 43ms	Image image/jpeg	2606:4700:3033::ac43:cc39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://paris-to.com/loading.jpg Requested by Host: paris-to.com URL: https://paris-to.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:cc39 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `05eb745176d79ec27d52d544582483fc4d0f6378c7ed2060be24dfc4e8990668` Request headers accept-language en-US,en;q=0.9 Referer https://paris-to.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1 Response headers date Tue, 12 Mar 2024 14:15:35 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 319315 alt-svc h3=":443"; ma=86400 content-length 81572 last-modified Mon, 29 Jan 2024 06:52:00 GMT server cloudflare etag "65b74b10-13ea4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFbX8qQMc7Wx%2FsVR6tZ8PP9Ya9l9HABy%2FwrVEHSkfPdIDJrXC2vDLT1it49UNgOIMNuYEaMTAtXRiT%2BWZLN6ue%2BZt56JsSAHRrIOWC1k5IJIq8EqKxt6ups6VBNL7qz%2FyaR%2Fs215O01r4pM%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 863465ad49ed4954-MIA expires Sun, 07 Apr 2024 21:33:40 GMT
GET H3	200	logo_mobile.66d3314d.svg paris-to.com/img/	2 KB 1 KB	119ms 119ms	Image image/svg+xml	2606:4700:3033::ac43:cc39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://paris-to.com/img/logo_mobile.66d3314d.svg Requested by Host: paris-to.com URL: https://paris-to.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:cc39 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9685d6241f41ac71741d0ee9b242779f640cd3b1e64bb9bbcfb8798c5be503b2` Request headers accept-language en-US,en;q=0.9 Referer https://paris-to.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1 Response headers date Tue, 12 Mar 2024 14:15:35 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 29 Jan 2024 06:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65b74b10-80c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ttn5zUCEYUjN2USjZSaCoLrRQCw5bjwoz%2BNtPEu%2Bbu2IqT3UC0eSMc5FTsyQWlZLTFQiqF%2FR8dUs6YYOQ81hHRNFkqSHL0cEX%2FgJqVy3IC2inVAv3EkjgLxGYwi7dZ6CzftbraJB3hnSRVs%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 863465aefde5daf1-MIA alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4d11f37fae309c522c4c45d9f75cb48f0651a09a9d278cddbd19a1a8e31aa9a3` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `fc8abacb97d2e71cafbfdd4705d6f914e189d7825edff03d7a95acaca7f98ef1` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	7 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `aa2a82bbec6afb10324988b2003e61d47a09708b25ac0e2ce3b64950aa2b7a35` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
GET H3	200	6.d26a0f1e.png paris-to.com/img/	9 KB 9 KB	45ms 45ms	Image image/png	2606:4700:3033::ac43:cc39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://paris-to.com/img/6.d26a0f1e.png Requested by Host: paris-to.com URL: https://paris-to.com/css/app.9b8d7b51.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:cc39 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b106acf20bd4b5ff01ddb53be3c6f3173682ea42b893f31a1400e09de0be9e49` Request headers accept-language en-US,en;q=0.9 Referer https://paris-to.com/css/app.9b8d7b51.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1 Response headers date Tue, 12 Mar 2024 14:15:35 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 319314 alt-svc h3=":443"; ma=86400 content-length 8759 last-modified Mon, 29 Jan 2024 06:52:00 GMT server cloudflare etag "65b74b10-2237" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdCu4vT4Fakf9D60HUrFOUNVDur1NVCwVCpmF7uj8N9fIbdjvi7PJhA682j%2BpGN7jr8HKySw7T%2Fvpoa20w4fUBrdlTtSQDRwuV4mvXaGBvaKSCH92%2BG9IyLxzwcy8mrc4K8W50xAGz5ZLtc%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 863465af0deadaf1-MIA expires Sun, 07 Apr 2024 21:33:41 GMT
GET DATA	200 OK	truncated /	7 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e36eaeb05ac9e38a5e6ee0fea36ded8da7707532912f061ef6d445603fb5bfa9` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
GET H3	200	mavenpro.5df981a4.woff paris-to.com/fonts/	12 KB 13 KB	119ms 119ms	Font font/woff	2606:4700:3033::ac43:cc39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://paris-to.com/fonts/mavenpro.5df981a4.woff Requested by Host: paris-to.com URL: https://paris-to.com/css/app.9b8d7b51.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:cc39 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fc9e259669117b3e2c814392798e23871961db27b54ef88731aae886f5c4f58d` Request headers Referer https://paris-to.com/css/app.9b8d7b51.css Origin https://paris-to.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1 Response headers date Tue, 12 Mar 2024 14:15:35 GMT cf-cache-status MISS last-modified Mon, 29 Jan 2024 06:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65b74b10-3124" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qmU1jfx6SOqvYkiycRyZfpB07lTo8ylXQo7DxBffPJHHWqeiwT%2BWSd823s1dq4ubAIKR8L5qHULuGyWFI%2BomJdY%2BthTxvF9pfueKTMXs5%2FyJtGU4xQnWJBsiP6cr1rvk98SRcT%2Bk6SyEAc%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 863465af0decdaf1-MIA alt-svc h3=":443"; ma=86400 content-length 12580

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: iplogger.com
URL: https://iplogger.com/1ZmLZ4

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: USPS (Transportation)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkvue_usps boolean| __VUE__

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cutt.ly/	1969-12-31 23:59:59	Name: PHPSESSID Value: fkq738o4d0qhbvidar9ec6iv10

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://iplogger.com/1ZmLZ4 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cutt.ly
iplogger.com
paris-to.com
usp4b311.co
iplogger.com
2606:4700:10::ac43:8ee
2606:4700:3033::6815:5d27
2606:4700:3033::ac43:cc39
2606:4700:3037::6815:319c
05eb745176d79ec27d52d544582483fc4d0f6378c7ed2060be24dfc4e8990668
0bb0b33257d0cc3a271566b5e39a81341439a95c8ee4315616b8f1fee52e4ec3
24d2c45bff848313aa65bc56a4203ed1c4b7cd85b7b9f6eb9b85d05648581ff4
4d11f37fae309c522c4c45d9f75cb48f0651a09a9d278cddbd19a1a8e31aa9a3
9685d6241f41ac71741d0ee9b242779f640cd3b1e64bb9bbcfb8798c5be503b2
aa2a82bbec6afb10324988b2003e61d47a09708b25ac0e2ce3b64950aa2b7a35
b106acf20bd4b5ff01ddb53be3c6f3173682ea42b893f31a1400e09de0be9e49
bee8ee56c3e18aec4ef04b5e5a3dfd6fa6d0de71e9860ad0efeb1c7647092844
d548d32f1acad054d35791fb4494b2f14792ea11199a1d7ce8dd7e1b43ccfd11
e36eaeb05ac9e38a5e6ee0fea36ded8da7707532912f061ef6d445603fb5bfa9
fc8abacb97d2e71cafbfdd4705d6f914e189d7825edff03d7a95acaca7f98ef1
fc9e259669117b3e2c814392798e23871961db27b54ef88731aae886f5c4f58d

paris-to.com Open in urlscan Pro 2606:4700:3033::ac43:cc39 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

89 %HTTPS

100 %IPv6

4 Domains

4 Subdomains

2 IPs

1 Countries

170 kBTransfer

267 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

paris-to.com Open in urlscan Pro
2606:4700:3033::ac43:cc39 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

170 kB
Transfer

267 kB
Size

1
Cookies

9 HTTP transactions
4 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!