usps.trckpackage.com
Open in
urlscan Pro
43.153.1.223
Malicious Activity!
Public Scan
Submission: On September 26 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 17th 2023. Valid for: 3 months.
This is the only time usps.trckpackage.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: USPS (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
22 | 43.153.1.223 43.153.1.223 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
7 | 2606:4700:303... 2606:4700:3037::6815:4462 | () () | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::2003 | () () | |
31 | 4 |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
usps.trckpackage.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
trckpackage.com
usps.trckpackage.com |
179 KB |
7 |
linkcdn.to
fly.linkcdn.to |
85 KB |
1 |
gstatic.com
fonts.gstatic.com |
13 KB |
31 | 3 |
Domain | Requested by | |
---|---|---|
22 | usps.trckpackage.com |
usps.trckpackage.com
|
7 | fly.linkcdn.to |
usps.trckpackage.com
|
1 | fonts.gstatic.com |
usps.trckpackage.com
|
31 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
usps.trckmybusi.com R3 |
2023-09-17 - 2023-12-16 |
3 months | crt.sh |
linkcdn.to E1 |
2023-09-09 - 2023-12-08 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://usps.trckpackage.com/
Frame ID: 086F6162BC4088EBC8580EEACCAE760C
Requests: 31 HTTP requests in this frame
Screenshot
Detected technologies
Polyfill (JavaScript Libraries) ExpandDetected patterns
- /polyfill\.min\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- jquery-ui.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
usps.trckpackage.com/ |
78 B 230 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us.js
usps.trckpackage.com/static/js/ |
1 KB 599 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
urlConfig.json
usps.trckpackage.com/ResourceConfig/ |
1 KB 1 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.js
usps.trckpackage.com/static/js/ |
42 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.js
usps.trckpackage.com/static/js/ |
1 KB 833 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ResourceRedConfig.js
usps.trckpackage.com/static/js/ |
31 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading-icon-transparent-background-12.jpg
usps.trckpackage.com/static/images/ |
80 KB 80 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.js.%E4%B8%8B%E8%BD%BD
usps.trckpackage.com/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
usps.trckpackage.com/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.js(1).%E4%B8%8B%E8%BD%BD
usps.trckpackage.com/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.js.%E4%B8%8B%E8%BD%BD
usps.trckpackage.com/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.js(2).%E4%B8%8B%E8%BD%BD
usps.trckpackage.com/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js.%E4%B8%8B%E8%BD%BD
usps.trckpackage.com/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
usps.trckpackage.com/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
usps.trckpackage.com/index_files/ |
25 KB 25 KB |
Stylesheet
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
share-common.css
usps.trckpackage.com/index_files/ |
47 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.css
usps.trckpackage.com/index_files/ |
72 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
defaultWhite.css
usps.trckpackage.com/index_files/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.css.v2.3.js.%E4%B8%8B%E8%BD%BD
usps.trckpackage.com/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1682689100372.png
usps.trckpackage.com/index_files/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
share-tmpl.v2.3.js.%E4%B8%8B%E8%BD%BD
usps.trckpackage.com/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
urlConfig.json
usps.trckpackage.com/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.js
fly.linkcdn.to/v2.5/js/share/ |
139 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
verified_sprite.png
fly.linkcdn.to/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1682429665015.png
fly.linkcdn.to/upload/2023042513/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blank.png
fly.linkcdn.to/images/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.png
fly.linkcdn.to/statics/links/icons-socials/spirit/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.png
fly.linkcdn.to/statics/links/icons-socials/spirit/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.png
fly.linkcdn.to/statics/links/icons-socials/spirit/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
32.png
fly.linkcdn.to/statics/links/icons-socials/spirit/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7Auup_AqnyWWAxW2Wk3swUz56MS91Eww8Rf21nejpBh8CvRBOA.woff
fonts.gstatic.com/s/mavenpro/v25/ |
12 KB 13 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fly.linkcdn.to
- URL
- https://fly.linkcdn.to/upload/2023042513/1682429665015.png
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: USPS (Transportation)23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| url function| axios string| version_ function| _0xd73bc1 function| _0x3588 function| _0x226e object| _0x264235 undefined| _0x10be3a number| _0x178cd5 number| _0x193b44 string| _0x22a41d function| _0x2e4ccf function| _0x3769c6 function| _0x4ee4e5 function| _0x5c800d function| _0x1dbca4 function| _0x869f44 undefined| _0x2362cb undefined| _0x837d5b object| __theme function| cbgeo object| __ipgeo0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fly.linkcdn.to
fonts.gstatic.com
usps.trckpackage.com
fly.linkcdn.to
2606:4700:3037::6815:4462
2a00:1450:4001:80f::2003
43.153.1.223
05eb745176d79ec27d52d544582483fc4d0f6378c7ed2060be24dfc4e8990668
087f602507c9fcadc519196919f1a5b223cf9f2c0b7e3316906301fe6766e7d0
1d354faf02dbb69ae38266b9e5cbd4c45a6f3c215c6f3002a44083480e7fcb03
1f40abcbcb4dedbc58e0bf815935a87e2d10ef2c2ec65cd347a64ae96402a4b9
286ecd6d5206833967198cb8ef2850639dd6ba9b1bf1437dba44e8d3fdc183c4
2e0585fbeb0d2d4d9f0677c1c6d37c7d5313430495e993ddb3f0d98fe1bc20f2
35f76503d7bc8dfcf2640a51da04db701acd83d965f12da0f51efa4c9bf64c09
4d11f37fae309c522c4c45d9f75cb48f0651a09a9d278cddbd19a1a8e31aa9a3
50db2192122cd1e4c7840544b7edab345dfdeadb95eec91bfc719778324492ec
7c0909a41432f8efb596fd4d5351da28976d73afb16c7e651f7c827ef478882e
95ab69441b0c43b4c1560aa5eb0a2b25f62b96dd4ddedd3aeb23bbe57ec616f3
96b65382c74cd6255d4628044c5394f2ef3f0662d7d72b10f1bceb50b6ee5455
9e448238639792210d43bde27374200528b632a1b2b84ba343b360ec5a35aa8d
aa2a82bbec6afb10324988b2003e61d47a09708b25ac0e2ce3b64950aa2b7a35
b106acf20bd4b5ff01ddb53be3c6f3173682ea42b893f31a1400e09de0be9e49
c6a2ea6fe1b753d04b83612477fee217e6fbdc1bdc6c784837d5e1edb7747891
e36eaeb05ac9e38a5e6ee0fea36ded8da7707532912f061ef6d445603fb5bfa9
fc8abacb97d2e71cafbfdd4705d6f914e189d7825edff03d7a95acaca7f98ef1
fc9e259669117b3e2c814392798e23871961db27b54ef88731aae886f5c4f58d