usps.tempurl.host Open in urlscan Pro
2604:a880:cad:d0::dd8:6001 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php
Submission: On November 12 via automatic, source openphish (November 12th 2022, 1:10:46 am UTC) — Scanned from CA

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 2604:a880:cad:d0::dd8:6001, located in Toronto, Canada and belongs to DIGITALOCEAN-ASN, US. The main domain is usps.tempurl.host.
TLS certificate: Issued by RapidSSL ECC CA 2018 on July 20th 2022. Valid for: a year.

This is the only time usps.tempurl.host was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
10	2604:a880:cad... 2604:a880:cad:d0::dd8:6001		14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
10	1

10 2604:a880:cad:d0::dd8:6001 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)

usps.tempurl.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	tempurl.host usps.tempurl.host	46 KB
10	1

	Domain	Requested by
10	usps.tempurl.host	usps.tempurl.host
10	1

This site contains no links.

Subject Issuer	Validity	Valid
*.tempurl.host RapidSSL ECC CA 2018	`2022-07-20` - `2023-08-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php
Frame ID: 071A32945556EF65B17749C9AC9DAABE
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

3D Payment

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

46 kB
Transfer

50 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request sms2.php Show response usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/	6 KB 2 KB	74ms 21ms	Document text/html	2604:a880:cad:d0::dd8:6001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:a880:cad:d0::dd8:6001 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash `65b3148986bbc8a1d7f4bea29996a835946567219447cadac40f8d09e4126272` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 12 Nov 2022 01:10:41 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx vary Accept-Encoding x-cache HIT x-robots-tag noindex, nofollow, nosnippet, noarchive
GET H2	404	none.css usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/style/	0 0	19ms 17ms	Stylesheet text/html	2604:a880:cad:d0::dd8:6001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/style/none.css Requested by Host: usps.tempurl.host URL: https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:a880:cad:d0::dd8:6001 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 01:10:41 GMT content-encoding gzip server nginx etag W/"6368ea5b-68a" vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	404	none2.css usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/style/	0 0	20ms 18ms	Stylesheet text/html	2604:a880:cad:d0::dd8:6001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/style/none2.css Requested by Host: usps.tempurl.host URL: https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:a880:cad:d0::dd8:6001 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 01:10:41 GMT content-encoding gzip server nginx etag W/"6368ea5b-68a" vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	404	modernizr.min.js usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/js/	0 0	21ms 19ms	Script text/html	2604:a880:cad:d0::dd8:6001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/js/modernizr.min.js Requested by Host: usps.tempurl.host URL: https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:a880:cad:d0::dd8:6001 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 01:10:41 GMT content-encoding gzip server nginx etag W/"6368ea5b-68a" vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	404	jquery.js usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/js/	0 0	21ms 19ms	Script text/html	2604:a880:cad:d0::dd8:6001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/js/jquery.js Requested by Host: usps.tempurl.host URL: https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:a880:cad:d0::dd8:6001 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 01:10:41 GMT content-encoding gzip server nginx etag W/"6368ea5b-68a" vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	404	jquery.ccvalid.js usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/js/	0 0	21ms 20ms	Script text/html	2604:a880:cad:d0::dd8:6001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/js/jquery.ccvalid.js Requested by Host: usps.tempurl.host URL: https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:a880:cad:d0::dd8:6001 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 01:10:41 GMT content-encoding gzip server nginx etag W/"6368ea5b-68a" vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	404	jquery.mask.js usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/js/	0 0	22ms 21ms	Script text/html	2604:a880:cad:d0::dd8:6001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/js/jquery.mask.js Requested by Host: usps.tempurl.host URL: https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:a880:cad:d0::dd8:6001 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 01:10:41 GMT content-encoding gzip server nginx etag W/"6368ea5b-68a" vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	vbvmcs.png usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/	13 KB 13 KB	19ms 18ms	Image image/png	2604:a880:cad:d0::dd8:6001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/vbvmcs.png Requested by Host: usps.tempurl.host URL: https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:a880:cad:d0::dd8:6001 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash `022920b873a68b6421753a0004b8e7ebc8127391be76d1a73a93d7d061fb873b` Request headers accept-language en-CA,en;q=0.9 Referer https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 01:10:41 GMT last-modified Fri, 11 Nov 2022 17:35:08 GMT server nginx etag "636e87cc-3414" content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 13332 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	post-office.png usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/	29 KB 29 KB	36ms 35ms	Image image/png	2604:a880:cad:d0::dd8:6001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/post-office.png Requested by Host: usps.tempurl.host URL: https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:a880:cad:d0::dd8:6001 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash `9f5e847ab53432a39446a024aa814527eb769fb7edcbd41e94313f0d5aaaf125` Request headers accept-language en-CA,en;q=0.9 Referer https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 01:10:41 GMT last-modified Fri, 11 Nov 2022 17:35:08 GMT server nginx etag "636e87cc-7502" content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 29954 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	404	lod2.gif usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/img/	2 KB 2 KB	52ms 52ms	Image text/html	2604:a880:cad:d0::dd8:6001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/img/lod2.gif Requested by Host: usps.tempurl.host URL: https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:a880:cad:d0::dd8:6001 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash `4a9e2d5225b40af835215586529b6ac2ae265ecb10d9d0e14c8f43806f4cabfd` Request headers accept-language en-CA,en;q=0.9 Referer https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/sms2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 01:10:41 GMT content-encoding gzip server nginx etag W/"6368ea5b-68a" vary Accept-Encoding content-type text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| seconds function| secondPassed number| countdownTimer

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			usps.tempurl.host/	1969-12-31 23:59:59	Name: PHPSESSID Value: 08fa560d064c3672c8445041629fdffc

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/style/none.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/style/none2.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/js/modernizr.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/js/jquery.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/js/jquery.ccvalid.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/js/jquery.mask.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://usps.tempurl.host/ups/b714bc8bb70a6df40d27878b6580e2b9/files/img/lod2.gif Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

usps.tempurl.host
2604:a880:cad:d0::dd8:6001
022920b873a68b6421753a0004b8e7ebc8127391be76d1a73a93d7d061fb873b
4a9e2d5225b40af835215586529b6ac2ae265ecb10d9d0e14c8f43806f4cabfd
65b3148986bbc8a1d7f4bea29996a835946567219447cadac40f8d09e4126272
9f5e847ab53432a39446a024aa814527eb769fb7edcbd41e94313f0d5aaaf125

usps.tempurl.host Open in urlscan Pro 2604:a880:cad:d0::dd8:6001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

46 kBTransfer

50 kBSize

1 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

7 Console Messages

Indicators

usps.tempurl.host Open in urlscan Pro
2604:a880:cad:d0::dd8:6001 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

46 kB
Transfer

50 kB
Size

1
Cookies

10 HTTP transactions
0 data transactions