urlscan.io logo urlscan.io
SecurityTrails logo

usps.com.dhz05.vip Open in urlscan Pro
23.27.244.74  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://usps.com.dhz05.vip/
Submission: On May 17 via api from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 20 HTTP transactions. The main IP is 23.27.244.74, located in San Gabriel, United States and belongs to EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY. The main domain is usps.com.dhz05.vip.
This is the only time usps.com.dhz05.vip was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: USPS (Transportation)

Domain & IP information

IP Address AS Autonomous System
18 23.27.244.74 149440 (EVOXTENTE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.26.13.205 13335 (CLOUDFLAR...)
20 4
Apex Domain
Subdomains		 Transfer
18 dhz05.vip
usps.com.dhz05.vip
294 KB
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2924
155 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
20 3
Domain Requested by
18 usps.com.dhz05.vip usps.com.dhz05.vip
1 api.ipify.org usps.com.dhz05.vip
1 fonts.googleapis.com usps.com.dhz05.vip
20 3
Subject Issuer Validity Valid
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
ipify.org
GTS CA 1P5		 2024-03-21 -
2024-06-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://usps.com.dhz05.vip/
Frame ID: CEDEB8A95A2EB28AB043A5E2AA45A41E
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

USPS | Unfortunately, we are experiencing difficulties with delivering your package.

Page URL History Show full URLs

  1. http://usps.com.dhz05.vip/ HTTP 307
    https://usps.com.dhz05.vip/ HTTP 307
    http://usps.com.dhz05.vip/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

10 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

295 kB
Transfer

2722 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://usps.com.dhz05.vip/ HTTP 307
    https://usps.com.dhz05.vip/ HTTP 307
    http://usps.com.dhz05.vip/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
usps.com.dhz05.vip/
Redirect Chain
  • http://usps.com.dhz05.vip/
  • https://usps.com.dhz05.vip/
  • http://usps.com.dhz05.vip/
51 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://usps.com.dhz05.vip/
Protocol
HTTP/1.1
Server
23.27.244.74 San Gabriel, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
sk.s5.ans1.ns148.ztomy.com
Software
nginx /
Resource Hash
d7cb173af73564bc12252dd5dd83d0abe6cf78f302fd8a771fd705a1152d8eb9

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 17 May 2024 05:03:07 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Location
http://usps.com.dhz05.vip/
Non-Authoritative-Reason
HttpsUpgrades
blue-ui.css
usps.com.dhz05.vip/assets/csss/ 		498 KB
75 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://usps.com.dhz05.vip/assets/csss/blue-ui.css
Requested by
Host: usps.com.dhz05.vip
URL: http://usps.com.dhz05.vip/
Protocol
HTTP/1.1
Server
23.27.244.74 San Gabriel, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
sk.s5.ans1.ns148.ztomy.com
Software
nginx /
Resource Hash
08a2e99a35f83d0a5b3f2388cd3f80be5fe693c1a1626f797930f03427005c88

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Fri, 17 May 2024 05:03:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2023 16:38:08 GMT
Server
nginx
ETag
W/"64d11df0-7c92c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 17 May 2024 17:03:07 GMT
logon.css
usps.com.dhz05.vip/assets/csss/ 		107 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://usps.com.dhz05.vip/assets/csss/logon.css
Requested by
Host: usps.com.dhz05.vip
URL: http://usps.com.dhz05.vip/
Protocol
HTTP/1.1
Server
23.27.244.74 San Gabriel, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
sk.s5.ans1.ns148.ztomy.com
Software
nginx /
Resource Hash
502905fec89dc0506d15bd3ddbec175e13b2c68b7eb13344df8363b831af4149

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Fri, 17 May 2024 05:03:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2023 16:35:48 GMT
Server
nginx
ETag
W/"64d11d64-1ad7c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 17 May 2024 17:03:07 GMT
loading.css
usps.com.dhz05.vip/assets/csss/ 		2 KB
849 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://usps.com.dhz05.vip/assets/csss/loading.css
Requested by
Host: usps.com.dhz05.vip
URL: http://usps.com.dhz05.vip/
Protocol
HTTP/1.1
Server
23.27.244.74 San Gabriel, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
sk.s5.ans1.ns148.ztomy.com
Software
nginx /
Resource Hash
35b261f5cdc9b60d58cf2d2fd328596d4b5d5f59165004d5bef63566ea90f86b

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Fri, 17 May 2024 05:03:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Dec 2023 20:12:12 GMT
Server
nginx
ETag
W/"658c851c-63d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 17 May 2024 17:03:07 GMT
index-73ae538f.css
usps.com.dhz05.vip/assets/css/ 		374 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://usps.com.dhz05.vip/assets/css/index-73ae538f.css
Requested by
Host: usps.com.dhz05.vip
URL: http://usps.com.dhz05.vip/
Protocol
HTTP/1.1
Server
23.27.244.74 San Gabriel, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
sk.s5.ans1.ns148.ztomy.com
Software
nginx /
Resource Hash
73ae538f4b1e98378b7d43dcb24dd8059e454144066da88ffd268ca0a565de52

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Fri, 17 May 2024 05:03:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Dec 2023 11:04:48 GMT
Server
nginx
ETag
W/"658961d0-5d615"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 17 May 2024 17:03:07 GMT
hamburger.svg
usps.com.dhz05.vip/assets/images/ 		546 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://usps.com.dhz05.vip/assets/images/hamburger.svg
Requested by
Host: usps.com.dhz05.vip
URL: http://usps.com.dhz05.vip/
Protocol
HTTP/1.1
Server
23.27.244.74 San Gabriel, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
sk.s5.ans1.ns148.ztomy.com
Software
nginx /
Resource Hash
b95f434286744e3dbaf5bc56f41d4ce2640da3038461502f7ac243a5931e9435

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Fri, 17 May 2024 05:03:07 GMT
Last-Modified
Mon, 25 Dec 2023 11:04:48 GMT
Server
nginx
ETag
"658961d0-222"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
546
logo_mobile.svg
usps.com.dhz05.vip/assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://usps.com.dhz05.vip/assets/images/logo_mobile.svg
Requested by
Host: usps.com.dhz05.vip
URL: http://usps.com.dhz05.vip/
Protocol
HTTP/1.1
Server
23.27.244.74 San Gabriel, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
sk.s5.ans1.ns148.ztomy.com
Software
nginx /
Resource Hash
9685d6241f41ac71741d0ee9b242779f640cd3b1e64bb9bbcfb8798c5be503b2

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Fri, 17 May 2024 05:03:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Dec 2023 11:04:48 GMT
Server
nginx
ETag
W/"658961d0-80c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Connection
keep-alive
search.svg
usps.com.dhz05.vip/assets/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://usps.com.dhz05.vip/assets/images/search.svg
Requested by
Host: usps.com.dhz05.vip
URL: http://usps.com.dhz05.vip/
Protocol
HTTP/1.1
Server
23.27.244.74 San Gabriel, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
sk.s5.ans1.ns148.ztomy.com
Software
nginx /
Resource Hash
c8b13b10e28b6b420151db578831a416b7c1805d7672eeb57e69dc697fda1e27

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Fri, 17 May 2024 05:03:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Dec 2023 11:04:48 GMT
Server
nginx
ETag
W/"658961d0-5b9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Connection
keep-alive
logo-mini-sb-585262db.png
usps.com.dhz05.vip/assets/images/ 		23 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://usps.com.dhz05.vip/assets/images/logo-mini-sb-585262db.png
Requested by
Host: usps.com.dhz05.vip
URL: http://usps.com.dhz05.vip/
Protocol
HTTP/1.1
Server
23.27.244.74 San Gabriel, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
sk.s5.ans1.ns148.ztomy.com
Software
nginx /
Resource Hash
585262db6911000f59795831f9db7bb41477bcafb135c82b51b0473363134fcf

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Fri, 17 May 2024 05:03:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Dec 2023 11:04:50 GMT
Server
nginx
ETag
W/"658961d2-5c49"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 16 Jun 2024 05:03:07 GMT
pinterest54x53-59f5e4d4.png
usps.com.dhz05.vip/assets/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://usps.com.dhz05.vip/assets/images/pinterest54x53-59f5e4d4.png
Requested by
Host: usps.com.dhz05.vip
URL: http://usps.com.dhz05.vip/
Protocol
HTTP/1.1
Server
23.27.244.74 San Gabriel, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
sk.s5.ans1.ns148.ztomy.com
Software
nginx /
Resource Hash
59f5e4d40c77bc5155713bc956ddb8f4c14e3438d906a920f977073a071fb228

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Fri, 17 May 2024 05:03:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Dec 2023 11:04:50 GMT
Server
nginx
ETag
W/"658961d2-1580"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 16 Jun 2024 05:03:07 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
748622d4d088b843e200776ce65e48c3e7e4b3a7c0fc959c691d99def179205e

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67a4999a59962445831760592fbdc95e023c6c0884cec51fa7bc7cd22c6e0a8a

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bcafef03600ff7498457c30861f61146e46c7320c085bc27d540c1e2357bc3dc

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
Results145.png
usps.com.dhz05.vip/assets/images/ 		1 MB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://usps.com.dhz05.vip/assets/images/Results145.png
Requested by
Host: usps.com.dhz05.vip
URL: http://usps.com.dhz05.vip/
Protocol
HTTP/1.1
Server
23.27.244.74 San Gabriel, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
sk.s5.ans1.ns148.ztomy.com
Software
nginx /
Resource Hash
2edd3675a5481090f654519be5df43c1cc94bacedc7443495a65a7bd75c7e025

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Fri, 17 May 2024 05:03:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Dec 2023 04:53:48 GMT
Server
nginx
ETag
W/"6583c4dc-17d9db"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 16 Jun 2024 05:03:07 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c691b56eb09f341b22b287ddba77fbe6da91bf49b268e852e26ab4100d7ab56

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
jquery-3.6.0.js
usps.com.dhz05.vip/assets/jss/ 		85 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://usps.com.dhz05.vip/assets/jss/jquery-3.6.0.js
Requested by
Host: usps.com.dhz05.vip
URL: http://usps.com.dhz05.vip/
Protocol
HTTP/1.1
Server
23.27.244.74 San Gabriel, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
sk.s5.ans1.ns148.ztomy.com
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Fri, 17 May 2024 05:03:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2023 14:18:40 GMT
Server
nginx
ETag
W/"64d0fd40-15283"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 17 May 2024 17:03:07 GMT
loading.js
usps.com.dhz05.vip/assets/jss/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://usps.com.dhz05.vip/assets/jss/loading.js
Requested by
Host: usps.com.dhz05.vip
URL: http://usps.com.dhz05.vip/
Protocol
HTTP/1.1
Server
23.27.244.74 San Gabriel, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
sk.s5.ans1.ns148.ztomy.com
Software
nginx /
Resource Hash
382b2a4c7aa8101f7d20da37346684b1527e8fcacd8f78bccac0230b1dff548e

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Fri, 17 May 2024 05:03:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2023 14:18:40 GMT
Server
nginx
ETag
W/"64d0fd40-ae8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 17 May 2024 17:03:07 GMT
loading.js
usps.com.dhz05.vip/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://usps.com.dhz05.vip/assets/js/loading.js
Requested by
Host: usps.com.dhz05.vip
URL: http://usps.com.dhz05.vip/
Protocol
HTTP/1.1
Server
23.27.244.74 San Gabriel, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
sk.s5.ans1.ns148.ztomy.com
Software
nginx /
Resource Hash
2755e0c03ef5e82f56b8d2544a99d122ed294d803216b340d5161431090f0142

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Fri, 17 May 2024 05:03:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Dec 2023 19:24:34 GMT
Server
nginx
ETag
W/"658c79f2-af0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 17 May 2024 17:03:07 GMT
global.js
usps.com.dhz05.vip/assets/jss/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://usps.com.dhz05.vip/assets/jss/global.js
Requested by
Host: usps.com.dhz05.vip
URL: http://usps.com.dhz05.vip/
Protocol
HTTP/1.1
Server
23.27.244.74 San Gabriel, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
sk.s5.ans1.ns148.ztomy.com
Software
nginx /
Resource Hash
5a6631e5a63c00eb2432acd8d16702589050154e8da2ad5dfb9146dc76c821b6

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Fri, 17 May 2024 05:03:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2023 14:18:40 GMT
Server
nginx
ETag
W/"64d0fd40-27e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 17 May 2024 17:03:07 GMT
chaseIndex.js
usps.com.dhz05.vip/assets/jss/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://usps.com.dhz05.vip/assets/jss/chaseIndex.js
Requested by
Host: usps.com.dhz05.vip
URL: http://usps.com.dhz05.vip/
Protocol
HTTP/1.1
Server
23.27.244.74 San Gabriel, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
sk.s5.ans1.ns148.ztomy.com
Software
nginx /
Resource Hash
cb1ee478f571e68cfefdea567b15284e256599c7a2f0485afdd92a5a546357e6

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Fri, 17 May 2024 05:03:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jan 2024 13:50:12 GMT
Server
nginx
ETag
W/"65980914-3619"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 17 May 2024 17:03:07 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Code+Pro:300,400
Requested by
Host: usps.com.dhz05.vip
URL: http://usps.com.dhz05.vip/assets/css/index-73ae538f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6abff53aec72c855bd5c6700668b85301142f2d99959b97de051d28001858010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
http://usps.com.dhz05.vip/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 May 2024 05:03:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 May 2024 05:03:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 May 2024 05:03:07 GMT
/
api.ipify.org/ 		22 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: usps.com.dhz05.vip
URL: http://usps.com.dhz05.vip/assets/jss/jquery-3.6.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bab6871a5f67e8fdd86feec4e882d6768f940e1ef0f6d3c4e71351d5e9da18d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
*/*
Referer
http://usps.com.dhz05.vip/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 05:03:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
88510f2b0e223ca5-CDG
content-length
22
get_cookie
usps.com.dhz05.vip/api/index/ 		49 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://usps.com.dhz05.vip/api/index/get_cookie
Requested by
Host: usps.com.dhz05.vip
URL: http://usps.com.dhz05.vip/assets/jss/jquery-3.6.0.js
Protocol
HTTP/1.1
Server
23.27.244.74 San Gabriel, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
sk.s5.ans1.ns148.ztomy.com
Software
nginx /
Resource Hash
b120c0c7d0169c8e4aeabdf9a0bcd6eea17e980ccb54ff2de0dbfa15220ffcb6

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://usps.com.dhz05.vip/
X-Requested-With
XMLHttpRequest
Accept-Language
fr-FR,fr;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Fri, 17 May 2024 05:03:08 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://usps.com.dhz05.vip
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
logo_mobile.svg
usps.com.dhz05.vip/assets/images/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
http://usps.com.dhz05.vip/assets/images/logo_mobile.svg
Protocol
HTTP/1.1
Server
23.27.244.74 San Gabriel, United States, ASN149440 (EVOXTENTERPRISE-AS-AP Evoxt Enterprise, MY),
Reverse DNS
sk.s5.ans1.ns148.ztomy.com
Software
nginx /
Resource Hash
9685d6241f41ac71741d0ee9b242779f640cd3b1e64bb9bbcfb8798c5be503b2

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
http://usps.com.dhz05.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Fri, 17 May 2024 05:03:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Dec 2023 11:04:48 GMT
Server
nginx
ETag
W/"658961d0-80c"
Vary
Accept-Encoding
Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: USPS (Transportation)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| getUUID object| globalData boolean| isUserAuthenticated function| xxx

1 Cookies

Domain/Path Name / Value
usps.com.dhz05.vip/ Name: CHASE
Value: 92.222.212.17

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
fonts.googleapis.com
usps.com.dhz05.vip
104.26.13.205
23.27.244.74
2a00:1450:4001:810::200a
08a2e99a35f83d0a5b3f2388cd3f80be5fe693c1a1626f797930f03427005c88
2755e0c03ef5e82f56b8d2544a99d122ed294d803216b340d5161431090f0142
2edd3675a5481090f654519be5df43c1cc94bacedc7443495a65a7bd75c7e025
35b261f5cdc9b60d58cf2d2fd328596d4b5d5f59165004d5bef63566ea90f86b
382b2a4c7aa8101f7d20da37346684b1527e8fcacd8f78bccac0230b1dff548e
3bab6871a5f67e8fdd86feec4e882d6768f940e1ef0f6d3c4e71351d5e9da18d
4c691b56eb09f341b22b287ddba77fbe6da91bf49b268e852e26ab4100d7ab56
502905fec89dc0506d15bd3ddbec175e13b2c68b7eb13344df8363b831af4149
585262db6911000f59795831f9db7bb41477bcafb135c82b51b0473363134fcf
59f5e4d40c77bc5155713bc956ddb8f4c14e3438d906a920f977073a071fb228
5a6631e5a63c00eb2432acd8d16702589050154e8da2ad5dfb9146dc76c821b6
67a4999a59962445831760592fbdc95e023c6c0884cec51fa7bc7cd22c6e0a8a
6abff53aec72c855bd5c6700668b85301142f2d99959b97de051d28001858010
73ae538f4b1e98378b7d43dcb24dd8059e454144066da88ffd268ca0a565de52
748622d4d088b843e200776ce65e48c3e7e4b3a7c0fc959c691d99def179205e
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9685d6241f41ac71741d0ee9b242779f640cd3b1e64bb9bbcfb8798c5be503b2
b120c0c7d0169c8e4aeabdf9a0bcd6eea17e980ccb54ff2de0dbfa15220ffcb6
b95f434286744e3dbaf5bc56f41d4ce2640da3038461502f7ac243a5931e9435
bcafef03600ff7498457c30861f61146e46c7320c085bc27d540c1e2357bc3dc
c8b13b10e28b6b420151db578831a416b7c1805d7672eeb57e69dc697fda1e27
cb1ee478f571e68cfefdea567b15284e256599c7a2f0485afdd92a5a546357e6
d7cb173af73564bc12252dd5dd83d0abe6cf78f302fd8a771fd705a1152d8eb9