urlscan.io logo urlscan.io
SecurityTrails logo

parceldelivery.app Open in urlscan Pro
2606:4700:3034::6815:765  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://parceldelivery.app/
Effective URL: https://parceldelivery.app/
Submission: On October 03 via api from GB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3034::6815:765, located in United States and belongs to CLOUDFLARENET, US. The main domain is parceldelivery.app.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 30th 2021. Valid for: a year.
This is the only time parceldelivery.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: USPS (Transportation)

Domain & IP information

IP Address AS Autonomous System
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:2800:233... 15133 (EDGECAST)
1 2606:4700:1::... 13335 (CLOUDFLAR...)
11 4
Apex Domain
Subdomains		 Transfer
6 parceldelivery.app
parceldelivery.app
105 KB
3 usps.com
www.usps.com
3 KB
1 gyazo.com
i.gyazo.com
23 KB
1 scampage.cc
scampage.cc
593 B
11 4
Domain Requested by
6 parceldelivery.app parceldelivery.app
3 www.usps.com
1 i.gyazo.com
1 scampage.cc parceldelivery.app
11 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-30 -
2022-09-29		 a year crt.sh
*.usps.com
DigiCert SHA2 Secure Server CA		 2020-05-14 -
2022-05-16		 2 years crt.sh
*.gyazo.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-23 -
2022-04-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://parceldelivery.app/
Frame ID: E2974C95BA9712027BF619278DE30948
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

usps

Page URL History Show full URLs

  1. http://parceldelivery.app/ HTTP 307
    https://parceldelivery.app/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div [^>]*id="__nuxt"
  • /_nuxt/

Page Statistics

11
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

131 kB
Transfer

335 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://parceldelivery.app/ HTTP 307
    https://parceldelivery.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
parceldelivery.app/
Redirect Chain
  • http://parceldelivery.app/
  • https://parceldelivery.app/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://parceldelivery.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:765 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb34cc9e6ec9561b4e2da6c0325b1f7b8065ddc3a600465487a64d17a72135a2

Request headers

:method
GET
:authority
parceldelivery.app
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 03 Oct 2021 08:14:54 GMT
content-type
text/html
last-modified
Wed, 29 Sep 2021 16:46:09 GMT
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQcOFCpeu1%2FxPc63wi4vicT8Wx94x3JHKv3pVNbyk9ak7d9iwlLwxlN%2Bp2tPoquzamuDw3lAnfCg8J0tffAWFOEIT8K1u6sj5wJ%2BtpEJrjyGUMNpqBgMgXqBE8AOk3F6GLFM%2BEwy4uj4%2FDj5q6iJHEU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6984b8364bc93747-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location
https://parceldelivery.app/
Non-Authoritative-Reason
HSTS
5ac4b0c.js
parceldelivery.app/_nuxt/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://parceldelivery.app/_nuxt/5ac4b0c.js
Requested by
Host: parceldelivery.app
URL: https://parceldelivery.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:765 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80601618a55e1eaf00eedc8fbef3e5b71b575c3d731ce78c1af9ff153c146a43

Request headers

:path
/_nuxt/5ac4b0c.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
parceldelivery.app
referer
https://parceldelivery.app/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://parceldelivery.app/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 03 Oct 2021 08:14:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Sep 2021 16:46:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sep9qNdKLszQUQbknGTCbUptN5ia8uG%2B5OJcFPQ236vBwCWCRBSi1Mmmk0kY5%2FMD8iBSdFBp%2BFfT00jChuk7F9x6rhVLzcIsK9Jpn9CdBvfEmraG28Yt3AJzB%2BoHtQWsdEmN5TcCpVHsRj0bVoQQKQU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
6984b8389ef03747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 10 Oct 2021 08:14:55 GMT
340edff.js
parceldelivery.app/_nuxt/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://parceldelivery.app/_nuxt/340edff.js
Requested by
Host: parceldelivery.app
URL: https://parceldelivery.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:765 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4347c160950bebcafb9acd7ffda30dddeffc95b9cb134a0f7b5147d731f9ec53

Request headers

:path
/_nuxt/340edff.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
parceldelivery.app
referer
https://parceldelivery.app/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://parceldelivery.app/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 03 Oct 2021 08:14:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Sep 2021 16:46:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8llpTeMb8ih2lc%2FP2jMXnYed14IY8tTCyAK7GfmgxhcqGhrUMpKyVc2WVYs6lj9hn7GwMZ12fyIAve6qi4YtOrp2%2BgGh3bdOMshL%2Fio8oGbEa%2BwkB9vQ2tRF%2F%2Bj91c8pIRcv4Ij3zDuS40W085hf6SE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
6984b8389ef23747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 10 Oct 2021 08:14:55 GMT
bddd75b.js
parceldelivery.app/_nuxt/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://parceldelivery.app/_nuxt/bddd75b.js
Requested by
Host: parceldelivery.app
URL: https://parceldelivery.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:765 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0703c226883950f47a15504a80f6fc65a0a58c438a4031e19c924bd36ef67638

Request headers

:path
/_nuxt/bddd75b.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
parceldelivery.app
referer
https://parceldelivery.app/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://parceldelivery.app/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 03 Oct 2021 08:14:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Sep 2021 16:46:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKnaI8p3U8gH5AeboCIuw7ytpP3Re7pQZ7l5PYBf2QGgPb27cLSnpbKp3NZoyCuEHt169adF%2Byio3f%2BGdPSeK60Qtlh%2FNZQggwj8PoomayvhZkmmLhTzBK2rPq2wWJpUKu9NZzS7%2B2A78SI%2FKJdffeU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
6984b8389ef43747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 10 Oct 2021 08:14:55 GMT
11ce98c.js
parceldelivery.app/_nuxt/ 		119 B
471 B 		Script
General
Check archive.org
Download Go to
Full URL
https://parceldelivery.app/_nuxt/11ce98c.js
Requested by
Host: parceldelivery.app
URL: https://parceldelivery.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:765 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e1e1cfa5f486954c3ca40fdd6e81978f557a1ba5a73d3c99dcead55591481fc

Request headers

:path
/_nuxt/11ce98c.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
parceldelivery.app
referer
https://parceldelivery.app/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://parceldelivery.app/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 03 Oct 2021 08:14:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Sep 2021 16:46:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JuymEjQkF9ikzRDyfUYi%2FkwTM1s47029TjS9s%2BPITWHfHnSmvBNe6sfQ%2BVyde20ANSkSgtI%2BKU9r8rt4Hvhbg5iK26HIJ84arNuEhgxoUcZwthzU9r30k14AFZFGnF%2Fx40jRZm%2FqZujZ9bmb%2F7z9ms%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
6984b8389ef53747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 10 Oct 2021 08:14:55 GMT
9c83f61.js
parceldelivery.app/_nuxt/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://parceldelivery.app/_nuxt/9c83f61.js
Requested by
Host: parceldelivery.app
URL: https://parceldelivery.app/_nuxt/5ac4b0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:765 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3472856406b1d3f880cb6839ceadb563d4ca44ca04352334aa8eb58bc512c77e

Request headers

:path
/_nuxt/9c83f61.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
parceldelivery.app
referer
https://parceldelivery.app/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://parceldelivery.app/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 03 Oct 2021 08:14:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Sep 2021 16:46:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SK%2BlVm87uHZxcvXEYecMXXM8pGb3wJhOXM904hrr8rEUOM4puFeDL0%2FaxtfNeti1%2B3mn%2BO1NwO8JYxCii9tgqFQk19Dz6Xkb1s4HX2vldhZBQgWXYE7TIXA9ECzR07jJCsVfbB5fx60lxbbQEgjABkg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
6984b83e0f5e3747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 10 Oct 2021 08:14:55 GMT
check
scampage.cc/ 		1 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scampage.cc/check
Requested by
Host: parceldelivery.app
URL: https://parceldelivery.app/_nuxt/340edff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5ded , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept
application/json, text/plain, */*
Referer
https://parceldelivery.app/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 03 Oct 2021 08:14:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKLqo401fCsCgttBTmnGoFLSFbr16yu2uyxIiT0Eqc5ywQZN6sgIBGnogIN6ji2W%2BstXKCNOsxeRMcr3eMW5zBk8YWDGvMzSZF5SYRZM0wd4PghB%2B5okbf5b2PqlYI78KEYxjdzYMv9HEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cf-ray
6984b840cb00d600-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
hamburger.svg
www.usps.com/assets/images/home/ 		546 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usps.com/assets/images/home/hamburger.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:df95:1212:762c:504b:cf9d , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcb/7F4A) /
Resource Hash
b95f434286744e3dbaf5bc56f41d4ce2640da3038461502f7ac243a5931e9435
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://parceldelivery.app/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

content-security-policy
default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-encoding
gzip
x-content-type-options
nosniff
age
13628
x-cache
HIT
vary
Accept-Encoding
content-length
293
etag
"222-5494e7ed94c00+gzip"
access-control-allow-origin
https://www.usps.com
x-ec-custom-error
1
last-modified
Fri, 24 Feb 2017 22:46:08 GMT
server
ECAcc (dcb/7F4A)
x-frame-options
SAMEORIGIN
date
Sun, 03 Oct 2021 08:14:56 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/svg+xml
x-ruleset-version
2.2
logo_mobile.svg
www.usps.com/assets/images/home/ 		2 KB
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usps.com/assets/images/home/logo_mobile.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:df95:1212:762c:504b:cf9d , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcb/7F65) /
Resource Hash
9685d6241f41ac71741d0ee9b242779f640cd3b1e64bb9bbcfb8798c5be503b2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://parceldelivery.app/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

content-security-policy
default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-encoding
gzip
x-content-type-options
nosniff
age
15244
x-cache
HIT
vary
Accept-Encoding
content-length
908
etag
"80c-547ddea221540+gzip"
access-control-allow-origin
https://www.usps.com
x-ec-custom-error
1
last-modified
Mon, 06 Feb 2017 15:02:05 GMT
server
ECAcc (dcb/7F65)
x-frame-options
SAMEORIGIN
date
Sun, 03 Oct 2021 08:14:56 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/svg+xml
x-ruleset-version
2.2
search.svg
www.usps.com/assets/images/home/ 		1 KB
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usps.com/assets/images/home/search.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:df95:1212:762c:504b:cf9d , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcb/7F4B) /
Resource Hash
c8b13b10e28b6b420151db578831a416b7c1805d7672eeb57e69dc697fda1e27
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://parceldelivery.app/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

content-security-policy
default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-encoding
gzip
x-content-type-options
nosniff
age
15284
x-cache
HIT
vary
Accept-Encoding
content-length
795
etag
"5b9-5494e7f535e00+gzip"
access-control-allow-origin
https://www.usps.com
x-ec-custom-error
1
last-modified
Fri, 24 Feb 2017 22:46:16 GMT
server
ECAcc (dcb/7F4B)
x-frame-options
SAMEORIGIN
date
Sun, 03 Oct 2021 08:14:56 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/svg+xml
x-ruleset-version
2.2
290b715a39c9f2b9c966442d0849dbe9.png
i.gyazo.com/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.gyazo.com/290b715a39c9f2b9c966442d0849dbe9.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:8e6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
472898f1b4c4574f3d39f21c8ca1ba4b8a80a18b83943c34788f11fb4b259a42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://parceldelivery.app/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 03 Oct 2021 08:14:56 GMT
via
1.1 google
cf-cache-status
MISS
content-length
22769
server
cloudflare
etag
"290b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://gyazo.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
content-dpr
2.0
x-cache-level
ZS
accept-ranges
bytes
cf-ray
6984b84269eb375c-MXP
expires
Mon, 03 Oct 2022 08:14:56 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: USPS (Transportation)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| __NUXT__ object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| $nuxt

1 Cookies

Domain/Path Name / Value
i.gyazo.com/ Name: Gyazo_cfwoker
Value: i