order.upsdeliverpost.com Open in urlscan Pro
2606:4700:3036::6815:1574 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://order.upsdeliverpost.com/files/vbv.html
Submission: On February 12 via api (February 12th 2024, 2:36:05 am UTC) from US — Scanned from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3036::6815:1574, located in United States and belongs to CLOUDFLARENET, US. The main domain is order.upsdeliverpost.com.

This is the only time order.upsdeliverpost.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UPS (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:303... 2606:4700:3036::6815:1574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.26.12.205 104.26.12.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2

16 2606:4700:3036::6815:1574 (United States)

ASN13335 (CLOUDFLARENET, US)

order.upsdeliverpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.12.205 (None, )

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	upsdeliverpost.com order.upsdeliverpost.com	332 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2829	166 B
17	2

	Domain	Requested by
16	order.upsdeliverpost.com	order.upsdeliverpost.com
1	api.ipify.org	order.upsdeliverpost.com
17	2

This site contains no links.

Subject Issuer	Validity	Valid
ipify.org GTS CA 1P5	`2024-01-22` - `2024-04-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://order.upsdeliverpost.com/files/vbv.html
Frame ID: EC01AB23C2CFB3F6B84653E6197FAE14
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

6 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

332 kB
Transfer

1551 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request vbv.html Show response order.upsdeliverpost.com/files/	14 KB 4 KB	336ms 289ms	Document text/html	2606:4700:3036::6815:1574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://order.upsdeliverpost.com/files/vbv.html Protocol HTTP/1.1 Server 2606:4700:3036::6815:1574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e9d7aa184e6a11dc863414005abb656f9ce7ef25cf68342c4e8765b885204a26` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language en-US,en;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 854171028f9e4bd5-BUF Cache-Control max-age=315360000 Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Mon, 12 Feb 2024 02:36:00 GMT Expires Thu, 31 Dec 2037 23:55:55 GMT Last-Modified Wed, 23 Mar 2022 17:43:30 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2Fq00w5daQh%2BHqSjMW%2BMY9UK%2BXsoO7P9DT6L3fV0Se09HvKLFviSX2cIBRcPS8eiNWdM3tUApUcA6KPQeaCkIKICPtPwNNtWZ5xPCHrXzn8mCwKpugIYBAHGEC02wMO5vZcNJ4Y5hJ08BM2vOcJQpwTvXBBv0Lw%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	ups.css order.upsdeliverpost.com/files/	13 KB 4 KB	251ms 250ms	Stylesheet text/css	2606:4700:3036::6815:1574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://order.upsdeliverpost.com/files/ups.css Requested by Host: order.upsdeliverpost.com URL: http://order.upsdeliverpost.com/files/vbv.html Protocol HTTP/1.1 Server 2606:4700:3036::6815:1574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5f2a84f496ac33697e26b3125ead04ab7ef1cfdafe7eec03df355f33929bc304` Request headers accept-language en-US,en;q=0.9 Referer http://order.upsdeliverpost.com/files/vbv.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Mon, 12 Feb 2024 02:36:00 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Wed, 23 Mar 2022 17:43:30 GMT Server cloudflare ETag W/"623b5c42-3237" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcGLDt9GHbgrhdOSWduDj%2B4weGqxYF8awDl1aIBLz%2FKPnpyWbZGWdTNncGTfISiQp5munEZX8HdY4valL%2F8DplFjZ2u%2B%2BerG7s1qEtynmKPnMmhMS8bbWx4QTl2mGENea4baG74QsZxzQ%2FXV74%2F5CHO%2FdMmQuzE%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=315360000 CF-RAY 8541710458864bd5-BUF Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	vendor.css order.upsdeliverpost.com/files/	146 KB 24 KB	398ms 369ms	Stylesheet text/css	2606:4700:3036::6815:1574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://order.upsdeliverpost.com/files/vendor.css Requested by Host: order.upsdeliverpost.com URL: http://order.upsdeliverpost.com/files/vbv.html Protocol HTTP/1.1 Server 2606:4700:3036::6815:1574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3b638ba058e418f41ec8bd77c6fbe6fe9608b59bf71db9d686b4de1819482de3` Request headers accept-language en-US,en;q=0.9 Referer http://order.upsdeliverpost.com/files/vbv.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Mon, 12 Feb 2024 02:36:00 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Wed, 23 Mar 2022 17:43:30 GMT Server cloudflare ETag W/"623b5c42-249d5" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1BI7OIdzWilkqFCxX%2FYgiFlUIfQUayjj7GhmKrbUhtEGMx2XnUjvSzfXnatMCnkz8qV%2F2GpeSG03to%2BAFqtr3NPTbuECHsZay67cIBDhmpMW2rcNN1VQJhf5JxWTxBSDRG7968c0HciB1t%2BbpuukkE7HijkVBw%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=315360000 CF-RAY 8541710488174bbd-BUF Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	styles.css order.upsdeliverpost.com/files/	240 KB 100 KB	391ms 363ms	Stylesheet text/css	2606:4700:3036::6815:1574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://order.upsdeliverpost.com/files/styles.css Requested by Host: order.upsdeliverpost.com URL: http://order.upsdeliverpost.com/files/vbv.html Protocol HTTP/1.1 Server 2606:4700:3036::6815:1574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `979dcb1d23c83522d6b0e17861d712ba90ca3bb376cccc1d266659c622ba222b` Request headers accept-language en-US,en;q=0.9 Referer http://order.upsdeliverpost.com/files/vbv.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Mon, 12 Feb 2024 02:36:00 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Wed, 23 Mar 2022 17:43:30 GMT Server cloudflare ETag W/"623b5c42-3c03a" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmAUSzP0DuoEbWYDfMFzgXB6b2jqGP3ubL5qawSvR3EV74NR3FnksoL1J%2BIRt3jnAaDjzTssKvtBwmQeSwgQk9wGTpKfnUiar2jg6%2FSIUpkxbFVcIDZ0qyHHgQxh7Wkd77e2JVP4PLXE4qZ8j44BubaQz2Lsjf8%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=315360000 CF-RAY 854171048b274bc3-BUF Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	modules.css order.upsdeliverpost.com/files/	794 KB 90 KB	512ms 484ms	Stylesheet text/css	2606:4700:3036::6815:1574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://order.upsdeliverpost.com/files/modules.css Requested by Host: order.upsdeliverpost.com URL: http://order.upsdeliverpost.com/files/vbv.html Protocol HTTP/1.1 Server 2606:4700:3036::6815:1574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a2f9e438fd8dee30f86a1e8cf0e9123d943a27b0e10433d455c299442508237a` Request headers accept-language en-US,en;q=0.9 Referer http://order.upsdeliverpost.com/files/vbv.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Mon, 12 Feb 2024 02:36:00 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Wed, 23 Mar 2022 17:43:30 GMT Server cloudflare ETag W/"623b5c42-c6846" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6wRg0QdOBa8iDOpXJFJysbklVDepgfDoE9NdHHd%2B%2F298McEHcLeceNi6WP4kC5hOEqNxTst4iwX3F0IJRoX9JEbx6s9omXa5YlUdXrBFJKAAcSOH5JwQb1%2FA1p8wSRZ5Ybsf38Onn1XuxpSHkeHlPatYNd4p3g%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=315360000 CF-RAY 8541710489884bcc-BUF Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	widgets.css order.upsdeliverpost.com/files/	77 KB 10 KB	293ms 265ms	Stylesheet text/css	2606:4700:3036::6815:1574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://order.upsdeliverpost.com/files/widgets.css Requested by Host: order.upsdeliverpost.com URL: http://order.upsdeliverpost.com/files/vbv.html Protocol HTTP/1.1 Server 2606:4700:3036::6815:1574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cd3eb1b3e12351ded3b1267c006af9f5a7aafb5c1b398e4054c7fd0dcabc97a6` Request headers accept-language en-US,en;q=0.9 Referer http://order.upsdeliverpost.com/files/vbv.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Mon, 12 Feb 2024 02:36:00 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Wed, 23 Mar 2022 17:43:30 GMT Server cloudflare ETag W/"623b5c42-13417" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFKfxGPouJEJ7SKgxQsy0gWGcutmfQA8gQjaVHicD6ax03PhkkDeOJ10sgFoWh0LsvbnKF1xuHReqL%2BDdz1RH%2FAxdMseYzqvR0ewtsBy69EghnQm5ppn00Sf7w0824U4lRduArPOxPzvaMtDJUnJCwFhU8Zn%2BCE%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=315360000 CF-RAY 85417104880c4bc6-BUF Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	apps-nbs.css order.upsdeliverpost.com/files/	124 KB 19 KB	393ms 366ms	Stylesheet text/css	2606:4700:3036::6815:1574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://order.upsdeliverpost.com/files/apps-nbs.css Requested by Host: order.upsdeliverpost.com URL: http://order.upsdeliverpost.com/files/vbv.html Protocol HTTP/1.1 Server 2606:4700:3036::6815:1574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f328aebd8b9511d745f74f82db1558b9fb255e2f67fd86ea4bede50e4bb92665` Request headers accept-language en-US,en;q=0.9 Referer http://order.upsdeliverpost.com/files/vbv.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Mon, 12 Feb 2024 02:36:00 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Wed, 23 Mar 2022 17:43:30 GMT Server cloudflare ETag W/"623b5c42-1f128" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPw0XFZB0ZHA9qxKO4S3nU20DJQFj%2F91naNh3Fp0tftjI57%2FwPU1l1TlZteOX0%2B6FuPIxYYY3b2Kn8ipXPXZ9orGmfw1OlXCS0%2F%2F%2FW0YKxIRyJHOGrCLjN1TpESh7pqiGJw0HPcakYwPd5CLV6HNvjZnN2UKVMI%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=315360000 CF-RAY 854171048bf74bc0-BUF Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	ajax-loader-transparent.gif order.upsdeliverpost.com/files/	16 KB 16 KB	355ms 355ms	Image image/gif	2606:4700:3036::6815:1574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://order.upsdeliverpost.com/files/ajax-loader-transparent.gif Requested by Host: order.upsdeliverpost.com URL: http://order.upsdeliverpost.com/files/vbv.html Protocol HTTP/1.1 Server 2606:4700:3036::6815:1574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `57caab7f7bde8031786ec6f0427be22d746c7f145a65a6648349fade0c319ad9` Request headers accept-language en-US,en;q=0.9 Referer http://order.upsdeliverpost.com/files/vbv.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Mon, 12 Feb 2024 02:36:00 GMT CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 15964 Last-Modified Wed, 23 Mar 2022 17:43:30 GMT Server cloudflare ETag "623b5c42-3e5c" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahI%2BsFRSO3n2pbHg%2FQqgBsmyBZ0o82YL7yxa%2BNHW%2F%2B2Gb%2BMHc%2B3RbeUil9%2FsZ4XaewVVMheX%2BN6f9sA9nGcv9IIcbYwSAMMRQ2NwkGUgWHiH%2BO%2BVSBEF7pDc49ixDuYo0nvHG1QlL1uwKTS6KmCEYcrRJlySFjw%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/gif Cache-Control max-age=315360000 Accept-Ranges bytes CF-RAY 8541710638f04bc6-BUF Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	UPS_logo.svg order.upsdeliverpost.com/files/	2 KB 2 KB	242ms 242ms	Image image/svg+xml	2606:4700:3036::6815:1574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://order.upsdeliverpost.com/files/UPS_logo.svg Requested by Host: order.upsdeliverpost.com URL: http://order.upsdeliverpost.com/files/vbv.html Protocol HTTP/1.1 Server 2606:4700:3036::6815:1574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a416370f6f98339e7edf9fe2c70a45bf9cfba93c0520921db47d15c27934ba88` Request headers accept-language en-US,en;q=0.9 Referer http://order.upsdeliverpost.com/files/vbv.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Mon, 12 Feb 2024 02:36:00 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Wed, 23 Mar 2022 17:43:30 GMT Server cloudflare ETag W/"623b5c42-872" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3eItev15wKhkQOh%2FBvLgwhQAxZlGzUisFWSayccAmKCRkHIZ4oOgt8kwB9GWjOZn5PGor2FspA10sLV%2BY09MLOCpB1U0ZmmReYXkrox%2FP2ihs5vvGodd%2BVPSlh7JYIFyNW97qfeVP3YR2xZUb15IhglRZS%2F4pw%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Cache-Control max-age=315360000 CF-RAY 854171077d464bc0-BUF Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	vs.png order.upsdeliverpost.com/files/	29 KB 29 KB	357ms 356ms	Image image/png	2606:4700:3036::6815:1574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://order.upsdeliverpost.com/files/vs.png Requested by Host: order.upsdeliverpost.com URL: http://order.upsdeliverpost.com/files/vbv.html Protocol HTTP/1.1 Server 2606:4700:3036::6815:1574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b425793090e593a9cc910812a1e8a3022b45f6ef47baa4e718da54b5cbb03722` Request headers accept-language en-US,en;q=0.9 Referer http://order.upsdeliverpost.com/files/vbv.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Mon, 12 Feb 2024 02:36:00 GMT CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 29332 Last-Modified Wed, 23 Mar 2022 17:43:30 GMT Server cloudflare ETag "623b5c42-7294" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BoZzcsahR9M85mhfxRO1MqHutEuKVSxxo%2FlQjfahbHrITvVHntr5vcXGKQ%2Fv7dal%2B8TNEP5n4Aa1csog5Vc4%2Fn3rR89YUNnDG7Ox4WRxb8jb%2FbkWNVX%2FcjUML42wBmHYovSw0YmGveRtf9hGU%2FtMlM1gW3Ocf8%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=315360000 Accept-Ranges bytes CF-RAY 85417107999a4bbd-BUF Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	jquery-3.6.0.min.js Show response order.upsdeliverpost.com/files/	87 KB 31 KB	596ms 362ms	Script application/javascript	2606:4700:3036::6815:1574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://order.upsdeliverpost.com/files/jquery-3.6.0.min.js Requested by Host: order.upsdeliverpost.com URL: http://order.upsdeliverpost.com/files/vbv.html Protocol HTTP/1.1 Server 2606:4700:3036::6815:1574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f7f8cadd5617e031bab4251526f44db2fd1b3e444ec2cfae4381d2ff2ea0e216` Request headers accept-language en-US,en;q=0.9 Referer http://order.upsdeliverpost.com/files/vbv.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Mon, 12 Feb 2024 02:36:00 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Wed, 23 Mar 2022 17:43:30 GMT Server cloudflare ETag W/"623b5c42-15d9f" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzKvL8RrAemB%2BHqoAWA%2B8C8K1KJmVV5GdfsEWwsMJlLx2t6MSoQwmJAcBMvTLLYQ5l18Ch3oWrT%2FxR%2FkXNMtvQYqAcnp29k4bF5%2B%2Bze9UBP%2FYYDtRPPzyOHllPIACn4wreJXiztcV%2F2gvoaS16bYgLWXBPfra9w%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript; charset=utf-8 Cache-Control max-age=315360000 CF-RAY 85417105e9ad4bd5-BUF Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	scripts.js Show response order.upsdeliverpost.com/files/	9 KB 3 KB	143ms 143ms	Script application/javascript	2606:4700:3036::6815:1574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://order.upsdeliverpost.com/files/scripts.js Requested by Host: order.upsdeliverpost.com URL: http://order.upsdeliverpost.com/files/vbv.html Protocol HTTP/1.1 Server 2606:4700:3036::6815:1574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7604f1d7cf2638264d3858c1fc82c68cb90142b2fd61f2db0779ae1d741ccd8b` Request headers accept-language en-US,en;q=0.9 Referer http://order.upsdeliverpost.com/files/vbv.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Mon, 12 Feb 2024 02:36:00 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Fri, 05 Jan 2024 10:49:56 GMT Server cloudflare ETag W/"6597ded4-25fb" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxmbnD5Lf7RMM%2BFYbBxliTLBzee0SWr4oOFuTt52IDoGoqC6hxrHfUYzGNDdU3TsTuBHv2FLs8LbGVx1HkBxIIh7hIYQuigFyawIudKHdskp0rytL5VqEmJBWDI1lbyX7KEf%2Bo3TPVxg2h5PeP4ymJiVPFHZovY%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript; charset=utf-8 Cache-Control max-age=315360000 CF-RAY 85417107cb124bcc-BUF Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	404 Not Found	Roboto-Medium.woff order.upsdeliverpost.com/files/fonts/	0 0	143ms 143ms	Font text/html	2606:4700:3036::6815:1574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://order.upsdeliverpost.com/files/fonts/Roboto-Medium.woff Requested by Host: order.upsdeliverpost.com URL: http://order.upsdeliverpost.com/files/styles.css Protocol HTTP/1.1 Server 2606:4700:3036::6815:1574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://order.upsdeliverpost.com/files/styles.css Origin http://order.upsdeliverpost.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Mon, 12 Feb 2024 02:36:00 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Fri, 05 Jan 2024 10:34:08 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=utf-8 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTLIFnOPLx1QoQbUtBO5L7QEnq7Ka4uRCRUgL0FVZMIXQ0ZlUzhwtBOZ2dHuCCL7IZvg%2FjtvGsA2Mo68GkFS1YM8N%2F6QpbVyyXU3AfLaH7F9k7KUG3NDMXqrG%2FMoXKCXL8z7gEazNtxwAoAzoa3oIfTUVifmObE%3D"}],"group":"cf-nel","max_age":604800} Cache-Control max-age=14400 Connection keep-alive CF-RAY 854171083ad64bd5-BUF alt-svc h3=":443"; ma=86400
GET H/1.1	404 Not Found	Roboto-Regular.woff order.upsdeliverpost.com/files/fonts/	0 0	251ms 251ms	Font text/html	2606:4700:3036::6815:1574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://order.upsdeliverpost.com/files/fonts/Roboto-Regular.woff Requested by Host: order.upsdeliverpost.com URL: http://order.upsdeliverpost.com/files/styles.css Protocol HTTP/1.1 Server 2606:4700:3036::6815:1574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://order.upsdeliverpost.com/files/styles.css Origin http://order.upsdeliverpost.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Mon, 12 Feb 2024 02:36:00 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Fri, 05 Jan 2024 10:34:08 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=utf-8 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnh0qULaajjx0C7NqNSGLaRfz9Fpr50BiYzkjr9VDkVo0MG%2B9Gbz09eFI0suSTYsnRUDrkrKZo2oYfKzivaMyYWfU684QVieFR5ASoyQyrErU%2BYgdK8mwCanVIWnuoe09bG0DU4Nyb%2BevibfZqa5wDHFuWAVxR0%3D"}],"group":"cf-nel","max_age":604800} Cache-Control max-age=14400 Connection keep-alive CF-RAY 854171083cde4bc3-BUF alt-svc h3=":443"; ma=86400
GET H2	200	/ Show response api.ipify.org/	28 B 166 B	129ms 73ms	Script application/javascript	104.26.12.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=jsonp&callback=getIP Requested by Host: order.upsdeliverpost.com URL: http://order.upsdeliverpost.com/files/scripts.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `db93091e2e8e00b487094095b137e2faac6e00c1a5c9d0a4d67307da88a73b06` Request headers Referer http://order.upsdeliverpost.com/ Origin http://order.upsdeliverpost.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 02:36:00 GMT cf-cache-status DYNAMIC server cloudflare vary Origin content-type application/javascript access-control-allow-origin * cf-ray 854171090ac73773-YYZ content-length 28
GET H/1.1	404 Not Found	Roboto-Medium.woff2 order.upsdeliverpost.com/files/fonts/	0 0	143ms 142ms	Font text/html	2606:4700:3036::6815:1574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://order.upsdeliverpost.com/files/fonts/Roboto-Medium.woff2 Requested by Host: order.upsdeliverpost.com URL: http://order.upsdeliverpost.com/files/styles.css Protocol HTTP/1.1 Server 2606:4700:3036::6815:1574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://order.upsdeliverpost.com/files/styles.css Origin http://order.upsdeliverpost.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Mon, 12 Feb 2024 02:36:00 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Fri, 05 Jan 2024 10:34:08 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=utf-8 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SSRxRXZ%2FgUXW0W39hLWv9YW2OLor5sQbbK99ASy0xZZVcUka2No53HeaooHZZMs8MLj2Kd5cH8hrNsYtIcO3nmHbmy9s09sqNUfzvfPdZ9YqzECFnZziZORtry%2FRSlJRsl%2BT8JJnFsW%2FSEt9qK8qvi63sm6JTw%3D"}],"group":"cf-nel","max_age":604800} Cache-Control max-age=14400 Connection keep-alive CF-RAY 854171092b494bd5-BUF alt-svc h3=":443"; ma=86400
GET H/1.1	404 Not Found	Roboto-Regular.woff2 order.upsdeliverpost.com/files/fonts/	0 0	144ms 144ms	Font text/html	2606:4700:3036::6815:1574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://order.upsdeliverpost.com/files/fonts/Roboto-Regular.woff2 Requested by Host: order.upsdeliverpost.com URL: http://order.upsdeliverpost.com/files/styles.css Protocol HTTP/1.1 Server 2606:4700:3036::6815:1574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://order.upsdeliverpost.com/files/styles.css Origin http://order.upsdeliverpost.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Mon, 12 Feb 2024 02:36:01 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Fri, 05 Jan 2024 10:34:08 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=utf-8 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HUma5wFAMHSsenYo2RaYeY527m7XAi8M13DzT4kT1x9OUECBQT23h5Ba4jE9AGWwvgn1hffHXGaaVFKJwkXDFJP5N9rLs4hvC6nRg7txj1Iz69JkAzwbJALnTiubkLu6mMrTZjz80XWjtW4hwDUEY%2FVP87Fyfs%3D"}],"group":"cf-nel","max_age":604800} Cache-Control max-age=14400 Connection keep-alive CF-RAY 85417109cd8b4bc3-BUF alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UPS (Transportation)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://order.upsdeliverpost.com/files/fonts/Roboto-Medium.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://order.upsdeliverpost.com/files/fonts/Roboto-Regular.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://order.upsdeliverpost.com/files/fonts/Roboto-Medium.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://order.upsdeliverpost.com/files/fonts/Roboto-Regular.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
order.upsdeliverpost.com
104.26.12.205
2606:4700:3036::6815:1574
3b638ba058e418f41ec8bd77c6fbe6fe9608b59bf71db9d686b4de1819482de3
57caab7f7bde8031786ec6f0427be22d746c7f145a65a6648349fade0c319ad9
5f2a84f496ac33697e26b3125ead04ab7ef1cfdafe7eec03df355f33929bc304
7604f1d7cf2638264d3858c1fc82c68cb90142b2fd61f2db0779ae1d741ccd8b
979dcb1d23c83522d6b0e17861d712ba90ca3bb376cccc1d266659c622ba222b
a2f9e438fd8dee30f86a1e8cf0e9123d943a27b0e10433d455c299442508237a
a416370f6f98339e7edf9fe2c70a45bf9cfba93c0520921db47d15c27934ba88
b425793090e593a9cc910812a1e8a3022b45f6ef47baa4e718da54b5cbb03722
cd3eb1b3e12351ded3b1267c006af9f5a7aafb5c1b398e4054c7fd0dcabc97a6
db93091e2e8e00b487094095b137e2faac6e00c1a5c9d0a4d67307da88a73b06
e9d7aa184e6a11dc863414005abb656f9ce7ef25cf68342c4e8765b885204a26
f328aebd8b9511d745f74f82db1558b9fb255e2f67fd86ea4bede50e4bb92665
f7f8cadd5617e031bab4251526f44db2fd1b3e444ec2cfae4381d2ff2ea0e216

order.upsdeliverpost.com Open in urlscan Pro 2606:4700:3036::6815:1574 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

17 Requests

6 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

332 kBTransfer

1551 kBSize

0 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

17 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

order.upsdeliverpost.com Open in urlscan Pro
2606:4700:3036::6815:1574 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

6 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

332 kB
Transfer

1551 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!