uspqya.shop Open in urlscan Pro
24.144.85.222 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://us452715115.20u0tus7p.co/
Effective URL:
https://uspqya.shop/
Submission: On November 23 via api (November 23rd 2023, 11:29:07 pm UTC) from US — Scanned from US

Summary HTTP 19 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 6 domains to perform 19 HTTP transactions. The main IP is 24.144.85.222, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is uspqya.shop.
TLS certificate: Issued by R3 on November 23rd 2023. Valid for: 3 months.

This is the only time uspqya.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: USPS (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::6815:2004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::ac43:df37	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:10:... 2606:4700:10::6816:1e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	24.144.85.222 24.144.85.222	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	2606:4700:303... 2606:4700:3037::ac43:c1e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
19	4

1 2606:4700:3030::6815:2004 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

us452715115.20u0tus7p.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:df37 (United States)

ASN13335 (CLOUDFLARENET, US)

us10010.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1e8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 24.144.85.222 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

uspqya.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3037::ac43:c1e2 (United States)

ASN13335 (CLOUDFLARENET, US)

fly.linkcdn.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	uspqya.shop uspqya.shop	252 KB
6	linkcdn.to fly.linkcdn.to — Cisco Umbrella Rank: 922183	41 KB
1	gstatic.com fonts.gstatic.com	13 KB
1	cutt.ly 1 redirects cutt.ly — Cisco Umbrella Rank: 78789	388 B
1	us10010.us us10010.us	563 B
1	20u0tus7p.co 1 redirects us452715115.20u0tus7p.co	440 B
19	6

	Domain	Requested by
11	uspqya.shop	us10010.us uspqya.shop
6	fly.linkcdn.to	uspqya.shop
1	fonts.gstatic.com	fly.linkcdn.to
1	cutt.ly	1 redirects
1	us10010.us
1	us452715115.20u0tus7p.co	1 redirects
19	6

This site contains links to these domains. Also see Links.

Domain
about.usps.com
www.facebook.com
twitter.com
www.pinterest.com
www.youtube.com

Subject Issuer	Validity	Valid
us10010.us E1	`2023-11-09` - `2024-02-07`	3 months	crt.sh
trypackage.shop R3	`2023-11-23` - `2024-02-21`	3 months	crt.sh
linkcdn.to E1	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://uspqya.shop/
Frame ID: 75B6E5DE4920FA44F16729A92657783C
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

USPS - Linkfly

Page URL History Show full URLs

https://us452715115.20u0tus7p.co/ HTTP 301
https://us10010.us/0020.html Page URL
https://cutt.ly/dwIiweNo HTTP 301
https://uspqya.shop/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

42 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

4
IPs

1
Countries

306 kB
Transfer

528 kB
Size

2
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://about.usps.com/who/legal/privacy-policy/?_gl=1*1tu18lq*_ga*MTEzNDk0MDQ3OS4xNjgyNDMyNjMz*_ga_3NXP3C8S9V*MTY4MjY4OTI4MC40LjAuMTY4MjY4OTI4NS4wLjAuMA..
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://about.usps.com/who/legal/terms-of-use.htm?_gl=1*1b2i7q6*_ga*MTEzNDk0MDQ3OS4xNjgyNDMyNjMz*_ga_3NXP3C8S9V*MTY4MjY4OTI4MC40LjEuMTY4MjY4OTMwMS4wLjAuMA..
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://about.usps.com/who/legal/foia/?_gl=1*5by50f*_ga*MTEzNDk0MDQ3OS4xNjgyNDMyNjMz*_ga_3NXP3C8S9V*MTY4MjY4OTI4MC40LjEuMTY4MjY4OTMyOS4wLjAuMA..
Title: FOIA

Search URL Search Domain Scan URL

URL: https://about.usps.com/who/legal/no-fear-act/?_gl=1*18pqgcw*_ga*MTEzNDk0MDQ3OS4xNjgyNDMyNjMz*_ga_3NXP3C8S9V*MTY4MjY4OTI4MC40LjEuMTY4MjY4OTM0My4wLjAuMA..
Title: No FEAR Act/EEO Contacts

Search URL Search Domain Scan URL

URL: https://www.facebook.com/USPS?rf=108501355848630

Search URL Search Domain Scan URL

URL: https://twitter.com/usps

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/uspsstamps/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/uspstv/custom

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://us452715115.20u0tus7p.co/ HTTP 301
https://us10010.us/0020.html Page URL
https://cutt.ly/dwIiweNo HTTP 301
https://uspqya.shop/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://us452715115.20u0tus7p.co/ HTTP 301
https://us10010.us/0020.html

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

0020.html
us10010.us/
Redirect Chain

https://us452715115.20u0tus7p.co/
https://us10010.us/0020.html

196 B
563 B

190ms
104ms

Document
text/html

2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us10010.us/0020.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82ad3085ebb84bcd-BUF
content-encoding: br
content-type: text/html
date: Thu, 23 Nov 2023 23:28:36 GMT
last-modified: Thu, 23 Nov 2023 07:48:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iH2teHq8FlTgWJO3vXPi9nBaDaYyUzgT41Sf0u8kl1A5GPpKoQFqDZoO0n2oP0MDG5gUZ4G5YINPKwZfHH13PPE65HUHZD8mVm5X4BPQcU5VCW86MpTMo0%2FfLgyalbFZzUXwiX%2FzoW0d"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

cache-control: max-age=3600
cf-ray: 82ad30852e6f4bbb-BUF
date: Thu, 23 Nov 2023 23:28:36 GMT
expires: Fri, 24 Nov 2023 00:28:36 GMT
location: https://us10010.us/0020.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2B%2B0LCZ4YPUabSDhcVV3HEuZHM4fyzRAP0yaImdBdDYRnA2IabkP1gYxkXvK5uWELwKjIYUChjtnVjNbIxnqY6UyWwup5RmbREflAemhZ2IEQMwA7u1zF3hfuHasIGzzw7E1ARdMJzHZCaiH5FwvFOHGv8Z1wKc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

Primary Request / Show response
uspqya.shop/
Redirect Chain

https://cutt.ly/dwIiweNo
https://uspqya.shop/

75 B
345 B

469ms
87ms

Document
text/html

24.144.85.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://uspqya.shop/

Requested by

Host: us10010.us
URL: https://us10010.us/0020.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

24.144.85.222 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6d36a8485a798e7b6f36cb4896bd4c77aeeedd4d479881e8716d3b42cef35156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://us10010.us/0020.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 23:28:37 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82ad3087fa234bc1-BUF
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 23:28:37 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://uspqya.shop
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 us.js Show response
uspqya.shop/js/ 1 KB
594 B 87ms
87ms Script
application/javascript 24.144.85.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://uspqya.shop/js/us.js

Requested by

Host: uspqya.shop
URL: https://uspqya.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

24.144.85.222 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

59b608ac2b80f770a484542a199a3c98225624c3ae9fcbb1b0496d7f2dabbf43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uspqya.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:28:37 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 02 Nov 2023 19:52:40 GMT
server: nginx
etag: W/"6543fe08-40f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 24 Nov 2023 11:28:37 GMT

GET
H2 200 config.js Show response
uspqya.shop/ 140 B
354 B 88ms
87ms Script
application/javascript 24.144.85.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://uspqya.shop/config.js

Requested by

Host: uspqya.shop
URL: https://uspqya.shop/js/us.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

24.144.85.222 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

16b171553126e7f6556bc3591949de32218bf51b229e88b42909577734374f9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uspqya.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:28:38 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 Nov 2023 10:59:32 GMT
server: nginx
etag: "655f3094-8c"
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 140
expires: Fri, 24 Nov 2023 11:28:38 GMT

GET
H2 200 jquery.js Show response
uspqya.shop/js/ 85 KB
34 KB 180ms
179ms Script
application/javascript 24.144.85.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://uspqya.shop/js/jquery.js

Requested by

Host: uspqya.shop
URL: https://uspqya.shop/js/us.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

24.144.85.222 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3e7501d15c3630e791c8b20392eb9dee31a9f65ce3efdde76cef5c710141ab24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uspqya.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:28:38 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 28 Oct 2023 21:30:02 GMT
server: nginx
etag: W/"653d7d5a-155ec"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 24 Nov 2023 11:28:38 GMT

GET
H2 200 index.js Show response
uspqya.shop/js/ 7 KB
4 KB 266ms
265ms Script
application/javascript 24.144.85.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://uspqya.shop/js/index.js

Requested by

Host: uspqya.shop
URL: https://uspqya.shop/js/us.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

24.144.85.222 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

b63900a1f927c111c80ccc602643c4c2e2c581439b1d9027b8a099e61ffbc749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uspqya.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:28:38 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 02 Nov 2023 19:52:58 GMT
server: nginx
etag: W/"6543fe1a-1b45"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 24 Nov 2023 11:28:38 GMT

GET
H2 200 loading.jpg
uspqya.shop/ 80 KB
80 KB 267ms
266ms Image
image/jpeg 24.144.85.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uspqya.shop/loading.jpg

Requested by

Host: uspqya.shop
URL: https://uspqya.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

24.144.85.222 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

05eb745176d79ec27d52d544582483fc4d0f6378c7ed2060be24dfc4e8990668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uspqya.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:28:38 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Sep 2022 07:47:06 GMT
server: nginx
etag: "632ac17a-13ea4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 81572
expires: Sat, 23 Dec 2023 23:28:38 GMT

GET
H2 200 share-common.css
fly.linkcdn.to/v2.5/theme/ 47 KB
7 KB 195ms
116ms Stylesheet
text/css 2606:4700:3037::ac43:c1e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fly.linkcdn.to/v2.5/theme/share-common.css

Requested by

Host: uspqya.shop
URL: https://uspqya.shop/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:c1e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e448238639792210d43bde27374200528b632a1b2b84ba343b360ec5a35aa8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uspqya.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:28:38 GMT
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
via: 1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
strict-transport-security: max-age= 63072000; includeSubdomains; preload
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
x-amz-cf-pop: EWR53-P1
cf-polished: origSize=55416
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 10:26:43 GMT
server: cloudflare
etag: W/"4180f589edeef825d162fffbc61008d9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7MT5C6s8ZEk3kzT1M%2F9aud6WFaDCCzg74pn1sP4d%2Bg%2FheJZiCCJzAfQgVJSchOBnUvGMzNIUJEjNKQIOK7ryHRGzCzzNaopPJXib2xuh5pfD8ncesVEJOv97WM6jJVskmrfsjAOrTGLTZS7eXw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=16070400
cf-ray: 82ad30912b034bc0-BUF
x-amz-cf-id: 0e1QXKsDpzRs-oas2K2vBCzeYDvMlY2R1xjrff_Sdi_EcxAEcD9aFw==

GET
H2 200 default.css
uspqya.shop/css/ 93 KB
16 KB 89ms
88ms Stylesheet
text/css 24.144.85.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://uspqya.shop/css/default.css

Requested by

Host: uspqya.shop
URL: https://uspqya.shop/js/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

24.144.85.222 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5fe6b42ae13a161663373634245e6e2119bccf7f1da46bddc378098447db5226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uspqya.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:28:38 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 28 Oct 2023 21:24:40 GMT
server: nginx
etag: W/"653d7c18-175bc"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 24 Nov 2023 11:28:38 GMT

GET
H2 200 defaultWhite.css
uspqya.shop/css/ 4 KB
1 KB 89ms
89ms Stylesheet
text/css 24.144.85.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://uspqya.shop/css/defaultWhite.css

Requested by

Host: uspqya.shop
URL: https://uspqya.shop/js/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

24.144.85.222 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

44845579f305286f8684821c30a52f815f10a351d00baad5c92c8502426474fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uspqya.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:28:38 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 28 Oct 2023 21:24:40 GMT
server: nginx
etag: W/"653d7c18-f34"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 24 Nov 2023 11:28:38 GMT

GET
H2 200 jquery.js Show response
uspqya.shop/js/ 85 KB
34 KB 91ms
90ms Script
application/javascript 24.144.85.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://uspqya.shop/js/jquery.js

Requested by

Host: uspqya.shop
URL: https://uspqya.shop/js/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

24.144.85.222 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3e7501d15c3630e791c8b20392eb9dee31a9f65ce3efdde76cef5c710141ab24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uspqya.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:28:38 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 28 Oct 2023 21:30:02 GMT
server: nginx
etag: W/"653d7d5a-155ec"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 24 Nov 2023 11:28:38 GMT

GET
H2 200 loading.jpg
uspqya.shop/ 80 KB
80 KB 91ms
90ms Image
image/jpeg 24.144.85.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uspqya.shop/loading.jpg

Requested by

Host: uspqya.shop
URL: https://uspqya.shop/js/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

24.144.85.222 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

05eb745176d79ec27d52d544582483fc4d0f6378c7ed2060be24dfc4e8990668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uspqya.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:28:38 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Sep 2022 07:47:06 GMT
server: nginx
etag: "632ac17a-13ea4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 81572
expires: Sat, 23 Dec 2023 23:28:38 GMT

GET
H2 200 logo_mobile.svg
uspqya.shop/ 2 KB
2 KB 174ms
174ms Image
image/svg+xml 24.144.85.222
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uspqya.shop/logo_mobile.svg

Requested by

Host: uspqya.shop
URL: https://uspqya.shop/js/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

24.144.85.222 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9685d6241f41ac71741d0ee9b242779f640cd3b1e64bb9bbcfb8798c5be503b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uspqya.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:28:38 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Sep 2023 13:10:46 GMT
server: nginx
etag: "651429d6-80c"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2060

GET
H2 200 verified_sprite.png
fly.linkcdn.to/images/ 3 KB
4 KB 37ms
37ms Image
image/png 2606:4700:3037::ac43:c1e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fly.linkcdn.to/images/verified_sprite.png

Requested by

Host: uspqya.shop
URL: https://uspqya.shop/css/default.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:c1e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d11f37fae309c522c4c45d9f75cb48f0651a09a9d278cddbd19a1a8e31aa9a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uspqya.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:28:38 GMT
strict-transport-security: max-age= 63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
via: 1.1 fa19153a28b66c7bbfaddbf2e4a92f90.cloudfront.net (CloudFront)
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
x-amz-cf-pop: YTO50-P2
age: 3244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3460
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 19 Sep 2023 08:47:05 GMT
server: cloudflare
etag: "8302f6a83bd1aec82c83d2830f210470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaMKN4a5pDun613pezf9STWZBQ0lCLEXb89X7S4s9sBiS%2BryLyPQshdvchGTmAiXHdngwicMVdm%2BgCNfEhvBocGIpn1i8MN6tclhNNhYemK6B%2BuFD3s1FwDOhyvPDXRt%2BJMkKncVPRP7I0KRbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 82ad30913b044bc0-BUF
x-amz-cf-id: LduR4KG_3PWo1SXNIe78sVnO8lBxL8dhXtdrIpf5JiBl_cBx3ULXMA==

GET
H2 200 1.png
fly.linkcdn.to/statics/links/icons-socials/spirit/ 5 KB
5 KB 38ms
37ms Image
image/png 2606:4700:3037::ac43:c1e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fly.linkcdn.to/statics/links/icons-socials/spirit/1.png

Requested by

Host: uspqya.shop
URL: https://uspqya.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:c1e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc8abacb97d2e71cafbfdd4705d6f914e189d7825edff03d7a95acaca7f98ef1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uspqya.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:28:38 GMT
strict-transport-security: max-age= 63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
via: 1.1 35c803afef083002d824403342d4c62e.cloudfront.net (CloudFront)
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
x-amz-cf-pop: EWR53-P1
age: 3244
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4949
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 10 Sep 2020 13:28:40 GMT
server: cloudflare
etag: "8139cee41cfe4201b9021936e39de717"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XLuP0GJK3d8No6vXHUEDv8OCOMdx%2FbZ3I2%2BGv0s%2Fyn2Ox8xo2%2FZ7o0GdO%2BYyRJwYF7J4CR9dJv9e0sKRVyvbVu5a5z%2FmOEJfMLmkvpEegEj%2FgTdqUbpDs9UVVM0HM57Mjuq%2FUGzih%2BHBpGxcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 82ad30914b054bc0-BUF
x-amz-cf-id: S2_2Pm4DQNpCRB1hvBo6DT4ZAgsC0dBWPMC9cd667SUqY5zMhKfjuw==

GET
H2 200 3.png
fly.linkcdn.to/statics/links/icons-socials/spirit/ 7 KB
8 KB 40ms
39ms Image
image/png 2606:4700:3037::ac43:c1e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fly.linkcdn.to/statics/links/icons-socials/spirit/3.png

Requested by

Host: uspqya.shop
URL: https://uspqya.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:c1e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa2a82bbec6afb10324988b2003e61d47a09708b25ac0e2ce3b64950aa2b7a35

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uspqya.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:28:38 GMT
strict-transport-security: max-age= 63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
via: 1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
x-amz-cf-pop: EWR53-P1
age: 3244
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7538
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 10 Sep 2020 13:28:40 GMT
server: cloudflare
etag: "229b5dca08997b920118bf7231011cf2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBpEzmCbDVqdRNCcUNS2Opm%2B%2BzUNtuuV8yu%2BZU3vJquylHlnT7sQpUfAfvxQAgrQ2s1Cb6igHUi41UywLpQ%2FNubWChJCgUocx481XyZkSxlGVfd9f5Ozn0iGHqjFr8JcFkxgw7d1ezsDnWz3iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 82ad30914b064bc0-BUF
x-amz-cf-id: SGdn79KvCt-lvLYfvf511xVhRE2WQfbilnNWC3rpEs_O9JscMiLk5w==

GET
H2 200 6.png
fly.linkcdn.to/statics/links/icons-socials/spirit/ 9 KB
9 KB 40ms
40ms Image
image/png 2606:4700:3037::ac43:c1e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fly.linkcdn.to/statics/links/icons-socials/spirit/6.png

Requested by

Host: uspqya.shop
URL: https://uspqya.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:c1e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b106acf20bd4b5ff01ddb53be3c6f3173682ea42b893f31a1400e09de0be9e49

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uspqya.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:28:38 GMT
strict-transport-security: max-age= 63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
via: 1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
x-amz-cf-pop: EWR53-P1
age: 3244
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 8759
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 10 Sep 2020 13:28:42 GMT
server: cloudflare
etag: "cd115f6d3642f90c79b0af1ae9a93c2f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQlbXRhNm0ymziUIo5v0EdcuKFxzt9jv7m3lIxPgmuDdI7P8l8uXb%2BnD10y97W2MoVYhL7DwWVdEQLsRiPgNipiY%2B64dDZW4H6tPc2q05JW8w1w0EDp%2B1RsyqqFOqvBGRBkVwf4%2BaVzS9mrvkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 82ad30914b074bc0-BUF
x-amz-cf-id: _Z47FMuYp7_8PzuI3TYjV1h2wgENQe1Sd0e6Wd4QAQV0L0nwSwYTEQ==

GET
H2 200 32.png
fly.linkcdn.to/statics/links/icons-socials/spirit/ 7 KB
7 KB 38ms
38ms Image
image/png 2606:4700:3037::ac43:c1e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fly.linkcdn.to/statics/links/icons-socials/spirit/32.png

Requested by

Host: uspqya.shop
URL: https://uspqya.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:c1e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e36eaeb05ac9e38a5e6ee0fea36ded8da7707532912f061ef6d445603fb5bfa9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uspqya.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:28:38 GMT
strict-transport-security: max-age= 63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
via: 1.1 6589108eb8812ce79de8a8eef3f72bee.cloudfront.net (CloudFront)
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
x-amz-cf-pop: YTO50-P2
age: 3244
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6743
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 10 Sep 2020 13:28:55 GMT
server: cloudflare
etag: "78fd36b0d6c14772a8b46b88817087b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcguBXDQ2%2FUOJ7gf6pnSqM6An3TQo9i3zxnMo7lAwWOcLsDsSLBw0InXuhuhr8hR7ToR0zvXcZ%2BR8QRyetnHr7EAlQSL0aJX%2BfzPqm4MqFhropJp5wC2DdRJlYoQO6WzoO6xQou9JhX%2Bx9daeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 82ad30914b084bc0-BUF
x-amz-cf-id: lFntXhZC0CXBJxFUvfGNnbazzUTZHcsJxeOqUPxCn5Ou2wQ7Yzs2lg==

GET
H2 200 7Auup_AqnyWWAxW2Wk3swUz56MS91Eww8Rf21nejpBh8CvRBOA.woff
fonts.gstatic.com/s/mavenpro/v25/ 12 KB
13 KB 99ms
32ms Font
font/woff 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mavenpro/v25/7Auup_AqnyWWAxW2Wk3swUz56MS91Eww8Rf21nejpBh8CvRBOA.woff

Requested by

Host: fly.linkcdn.to
URL: https://fly.linkcdn.to/v2.5/theme/share-common.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9e259669117b3e2c814392798e23871961db27b54ef88731aae886f5c4f58d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://uspqya.shop
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:22:29 GMT
x-content-type-options: nosniff
age: 72369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12580
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 03:22:29 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: USPS (Transportation)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cutt.ly/	1969-12-31 23:59:59	Name: PHPSESSID Value: i73ighr35jcqv2nkfg6q9gqeq5
			uspqya.shop/	1969-12-31 23:59:59	Name: PHPSESSID Value: envme1nih56q2nb37lua4tmjr7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cutt.ly
fly.linkcdn.to
fonts.gstatic.com
us10010.us
us452715115.20u0tus7p.co
uspqya.shop
24.144.85.222
2606:4700:10::6816:1e8
2606:4700:3030::6815:2004
2606:4700:3032::ac43:df37
2606:4700:3037::ac43:c1e2
2607:f8b0:4004:c09::5e
05eb745176d79ec27d52d544582483fc4d0f6378c7ed2060be24dfc4e8990668
16b171553126e7f6556bc3591949de32218bf51b229e88b42909577734374f9a
3e7501d15c3630e791c8b20392eb9dee31a9f65ce3efdde76cef5c710141ab24
44845579f305286f8684821c30a52f815f10a351d00baad5c92c8502426474fa
4d11f37fae309c522c4c45d9f75cb48f0651a09a9d278cddbd19a1a8e31aa9a3
59b608ac2b80f770a484542a199a3c98225624c3ae9fcbb1b0496d7f2dabbf43
5fe6b42ae13a161663373634245e6e2119bccf7f1da46bddc378098447db5226
6d36a8485a798e7b6f36cb4896bd4c77aeeedd4d479881e8716d3b42cef35156
9685d6241f41ac71741d0ee9b242779f640cd3b1e64bb9bbcfb8798c5be503b2
9e448238639792210d43bde27374200528b632a1b2b84ba343b360ec5a35aa8d
aa2a82bbec6afb10324988b2003e61d47a09708b25ac0e2ce3b64950aa2b7a35
b106acf20bd4b5ff01ddb53be3c6f3173682ea42b893f31a1400e09de0be9e49
b63900a1f927c111c80ccc602643c4c2e2c581439b1d9027b8a099e61ffbc749
e36eaeb05ac9e38a5e6ee0fea36ded8da7707532912f061ef6d445603fb5bfa9
fc8abacb97d2e71cafbfdd4705d6f914e189d7825edff03d7a95acaca7f98ef1
fc9e259669117b3e2c814392798e23871961db27b54ef88731aae886f5c4f58d

uspqya.shop Open in urlscan Pro 24.144.85.222 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

42 %HTTPS

83 %IPv6

6 Domains

6 Subdomains

4 IPs

1 Countries

306 kBTransfer

528 kBSize

2 Cookies

8 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

2 Cookies

Indicators

uspqya.shop Open in urlscan Pro
24.144.85.222 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

42 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

4
IPs

1
Countries

306 kB
Transfer

528 kB
Size

2
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!