ustedapos.xyz
Open in
urlscan Pro
23.95.218.142
Malicious Activity!
Public Scan
Submission: On May 12 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 8th 2023. Valid for: 3 months.
This is the only time ustedapos.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: USPS (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 23.95.218.142 23.95.218.142 | 36352 (AS-COLOCR...) (AS-COLOCROSSING) | |
4 | 2606:4700::68... 2606:4700::6811:e14e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 2606:2800:233... 2606:2800:233:df95:1212:762c:504b:cf9d | 15133 (EDGECAST) (EDGECAST) | |
4 | 107.174.172.124 107.174.172.124 | 36352 (AS-COLOCR...) (AS-COLOCROSSING) | |
1 | 64.185.227.155 64.185.227.155 | 18450 (WEBNX) (WEBNX) | |
27 | 6 |
ASN36352 (AS-COLOCROSSING, US)
PTR: 23-95-218-142-host.colocrossing.com
ustedapos.xyz |
ASN36352 (AS-COLOCROSSING, US)
PTR: 107-174-172-124-host.colocrossing.com
us.otpfish.com |
ASN18450 (WEBNX, US)
PTR: 64-185-227-155.static.webnx.com
api.ipify.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
usps.com
tools.usps.com — Cisco Umbrella Rank: 14671 www.usps.com Failed |
83 KB |
6 |
ustedapos.xyz
ustedapos.xyz |
320 KB |
4 |
otpfish.com
us.otpfish.com |
751 B |
4 |
fonts.net
fast.fonts.net — Cisco Umbrella Rank: 3475 |
2 KB |
1 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2563 |
112 B |
27 | 5 |
Domain | Requested by | |
---|---|---|
10 | tools.usps.com |
ustedapos.xyz
|
6 | ustedapos.xyz |
ustedapos.xyz
|
4 | us.otpfish.com |
ustedapos.xyz
|
4 | fast.fonts.net |
ustedapos.xyz
tools.usps.com |
1 | api.ipify.org |
ustedapos.xyz
|
0 | www.usps.com Failed |
tools.usps.com
|
27 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.usdohsr.xyz R3 |
2023-05-08 - 2023-08-06 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-05 - 2024-05-04 |
a year | crt.sh |
*.usps.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-04-21 - 2024-05-21 |
a year | crt.sh |
us.otpfish.com R3 |
2023-05-08 - 2023-08-06 |
3 months | crt.sh |
*.ipify.org Sectigo RSA Domain Validation Secure Server CA |
2023-02-07 - 2024-02-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ustedapos.xyz/
Frame ID: 7C5D25A92996121683AD581CCB5DBB5D
Requests: 28 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ustedapos.xyz/ |
999 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trackingCode.js
fast.fonts.net/t/ |
650 B 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.css
fast.fonts.net/t/ |
0 437 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.c3081f34b365c2ed9beabc8e43aa24d6.css
ustedapos.xyz/static/css/ |
266 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.2ae2e69a05c33dfc65f8.js
ustedapos.xyz/static/js/ |
857 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.5cc4dfbf82b021f2bedd.js
ustedapos.xyz/static/js/ |
315 KB 119 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.e20e4eab75eebdc3fbdc.js
ustedapos.xyz/static/js/ |
282 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.css
fast.fonts.net/t/ |
0 129 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracking-progress-bar.css
tools.usps.com/go/css/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
schedule-pickup.css
tools.usps.com/styles/ |
99 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-sb.css
tools.usps.com/global-elements/footer/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.css
tools.usps.com/go/css/redelivery-reskin/ |
31 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
tools.usps.com/go/css/ |
82 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
tools.usps.com/go/css/libs/ |
118 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-styles.css
tools.usps.com/styles/ |
33 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer-sb.css
tools.usps.com/global-elements/footer/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
megamenu-v4.css
tools.usps.com/global-elements/header/css/ |
43 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
schedule-redelivery.css
tools.usps.com/go/css/redelivery-reskin/ |
28 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.css
fast.fonts.net/t/ |
0 151 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
us.otpfish.com/socket.io/ |
97 B 256 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.ipify.org/ |
24 B 112 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
404.a57b6f3.png
ustedapos.xyz/static/img/ |
96 KB 96 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
d5af76d8-a90b-4527-b3a3-182207cc3250.woff
www.usps.com/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
us.otpfish.com/socket.io/ |
2 B 147 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
us.otpfish.com/socket.io/ |
32 B 190 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
us.otpfish.com/socket.io/ |
1 B 158 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
www.usps.com/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.usps.com
- URL
- https://www.usps.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
- Domain
- www.usps.com
- URL
- https://www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: USPS (Transportation)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless undefined| projectId object| mtiTracking function| webpackJsonp object| core object| __core-js_shared__1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fonts.net/ | Name: __cf_bm Value: QKS7kHKB9drFRC4llzm1SpgQHb8wnavBK.zIfD3JKsY-1683915469-0-AYpQTlIA1X9YAPwfzJlPvXdU0eXL7Jk4g0UyiBarcRIQqbB88RFcNvVJdLEmX2DeyzNJU1Y94GO5V9F9qAlOi9g= |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.ipify.org
fast.fonts.net
tools.usps.com
us.otpfish.com
ustedapos.xyz
www.usps.com
www.usps.com
107.174.172.124
23.95.218.142
2606:2800:233:df95:1212:762c:504b:cf9d
2606:4700::6811:e14e
64.185.227.155
0060af18684706524d5df2ace780e02aa5a08552f443ffebda55a1dd3c6a8f2b
0863d2c590d46ad4b990232414eef23349ee4316ac4ccbf6f4618329539fb65a
0d204cff2c9201b4e2aebf0dee15c5a7fd0c06db8b4a072c143813e7c09688cb
18961a60d0e8347696fb7f0b322232eef10638dcb029f9d3961f9db7e0a787cc
238a9426c314ebacb882b93126a690f1dd49d8c87d05cf6e246b35483a2c4881
3478543d423c854c1f6c61050665f2a334abc452a697660b189bc9ce97f0c990
5199567dcc679ce8b1d21aff99bdf35bee1b579b670677f5e1153fed4de0ee92
538aa4d7334df582e45c6f998b2a98dad44062fa8586a6c602af103a61f1d63e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c3c9df8b8f0a80f863c53dec5cbca7dedbdcc7697c6c6359520950774653960
9220561bb2427e106ef37975b708d61c7fa7cceafbe7448bb24872c7a3293e0f
98e7ac66d86036e26a821eb4882d8d040e48991f9ae200119cdefaf450a405e8
9e2522b62e4cd3ff6a4d6f0c5c777e75223f3a3475878ea51f0d43e16a098b56
b6a47ae249195bc70d1f5043176e8b0f234b7862dd7a82be0fa660aef3280c1a
b7ab7fca2f512642ac0c3cc7095ac5e01743c638a04202f38a21d5bff5b14d9e
c1287c005cc8997f0d2bcb1c21cdb6c86905b88beb3f839519e951939597d349
ccaebfd542fba2c3af8d9397e265345e7c7bec22c7c94f190ef7047e38479830
cf941a37a4d63825f17358d1013db6cd85143ab823f80d86eb5c1619e6a7c00d
d414b80e539a45c4c5b318d37543f524d2cfcc69c92256879afb2f1dd980fdd1
d88075fbefb84ea1f3854018954ceba86060b5ef2496d8d822699b4e74b2183d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e502f1c88526626db56a5e3643234b8b7fe3d27cf30817d21ceb0116d82e0a71
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
f4d343d93700d991802910b4e6849ab3ca6725f72863b904c447fc8c8ac91eea