iupsglobal.com
Open in
urlscan Pro
198.251.88.29
Malicious Activity!
Public Scan
Submission: On June 24 via manual from HU — Scanned from FR
Summary
TLS certificate: Issued by E6 on June 21st 2024. Valid for: 3 months.
This is the only time iupsglobal.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UPS (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 198.251.88.29 198.251.88.29 | 53667 (PONYNET) (PONYNET) | |
3 | 2a02:26f0:480... 2a02:26f0:480:5a5::353a | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
18 | 3 |
ASN53667 (PONYNET, US)
PTR: s10-29.my-control-panel.com
iupsglobal.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
iupsglobal.com
iupsglobal.com |
268 KB |
3 |
ups.com
www.ups.com — Cisco Umbrella Rank: 8735 |
4 KB |
18 | 2 |
Domain | Requested by | |
---|---|---|
15 | iupsglobal.com |
iupsglobal.com
|
3 | www.ups.com |
iupsglobal.com
|
18 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
play.google.com |
twitter.com |
www.instagram.com |
www.linkedin.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
iupsglobal.com E6 |
2024-06-21 - 2024-09-19 |
3 months | crt.sh |
www.ups.com COMODO ECC Organization Validation Secure Server CA |
2024-03-14 - 2025-03-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://iupsglobal.com/
Frame ID: 4EC1C47BB2E9081CD68E25038CE6F2DC
Requests: 20 HTTP requests in this frame
5 Outgoing links
These are links going to different origins than the main page.
Title: Download for AndroidOpen the link in a new window
Search URL Search Domain Scan URL
Title: XOpen the link in a new window
Search URL Search Domain Scan URL
Title: InstagramOpen the link in a new window
Search URL Search Domain Scan URL
Title: LinkedInOpen the link in a new window
Search URL Search Domain Scan URL
Title: YouTubeOpen the link in a new window
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
iupsglobal.com/ |
46 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ups.vendor.161a0d161a0d.css
iupsglobal.com/css/ |
108 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ups.styles.b97eec3869e0.css
iupsglobal.com/css/ |
308 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UPS_Smart_Banner.1.2.1.js
iupsglobal.com/js/ |
514 B 330 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
onelink_002.css
iupsglobal.com/css/ |
1 KB 553 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
onelink.css
iupsglobal.com/css/ |
211 B 162 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
onelink.js
iupsglobal.com/js/ |
1 KB 580 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
onelink_clientsort.js
iupsglobal.com/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ups-logo.svg
iupsglobal.com/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Post-Peak_V3_JTBD-US-G-1401321960-Q423.webp
iupsglobal.com/img/ |
34 KB 34 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icp.gif
iupsglobal.com/img/ |
43 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
locationups.png
www.ups.com/assets/resources/webcontent/icons/ |
290 B 669 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ups-icon-alert-warning.svg
www.ups.com/assets/resources/webcontent/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
476 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
social-icons-2022.png
iupsglobal.com/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 4 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Holiday-Shipping-G-1357947512-Q124-flipped.webp
iupsglobal.com/img/ |
46 KB 46 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Saturday-Delivery-UPS-Driver-Q124.webp
iupsglobal.com/img/ |
71 KB 71 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Canada-About-Us-Chapter-One-Q224.webp
iupsglobal.com/img/ |
41 KB 41 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
www.ups.com/ |
2 KB 3 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UPS (Transportation)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| getMobileOperatingSystem function| encodeReturnURLs function| openNav function| closeNav0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
iupsglobal.com
www.ups.com
198.251.88.29
2a02:26f0:480:5a5::353a
027d74a942f3639c57c98d115b7311e515300fa610e2b7143d7a51dba2ab6a28
092a5dacdcc89935ecbe371e7c113aa95a9523a3c45a5333815c2988d80fb955
18f66b7ccbef28fbffe4a0726a2336bd80e8e4ed6daf08784f77761d9b35bf1c
1d9ead4b68f3db2d455a553eea560075c54ad40870c64675b92b8bfb12ad53b6
26484bab34a04880604bd2358d5af40e3d4ece2eb3aae22c523d40a3eb12a65b
39f09d3ceddf263198a36779091a10bb35c9669e9322e9b9f7add0e67f486c51
498ca541f7c0adcaadd0d5e274a8891e5ceec8bb191228f675533ae4e94aff50
4bee6952e3c65ca306993ac329e88cd15ae16205a3562085177910f666820232
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
6176c586ffe11d816ea886059c9dedbbb34a4f7d6324239addcf90555f4e1429
843684ac43f8ad8e30187146aaa283842534c69de24775e0612c3c313fe844c2
9ca2236bb4ec1714e173cecb6bcc95c82e12df204c7d4c87fe4b9f01135efce8
9f5ae3f644595dc6c5aa69ae618a108102bb62e1a38a50b89fd7af1b8ffe5eae
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a549adbd193f091a69c8995eb7b34c5ec73ef15f098af300cb297f78254e1013
aa46059acb86b732f7ed3585dbc301fe4259f1e3bd72d2e7e69c2fa685c9cbdf
da2bcc266e2630d6833a948d3896a713bb1a4dd8258db774e542507669de003f
e870640e7db0d0676d7850c8b188a4862b1c833d2982a7f6bc4b59791ff796c7
fb128c1213f37a2449e15cab4bb3931ea34e9597aec60bfe2b632620e2a6227e