25140.top
Open in
urlscan Pro
107.173.70.90
Malicious Activity!
Public Scan
Effective URL: https://25140.top/
Submission: On September 20 via api from TW — Scanned from US
Summary
TLS certificate: Issued by R10 on September 9th 2024. Valid for: 3 months.
This is the only time 25140.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: USPS (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 107.173.70.90 107.173.70.90 | 36352 (AS-COLOCR...) (AS-COLOCROSSING) | |
6 | 2606:2800:21f... 2606:2800:21f:3e9e:5a:9b8f:bddb:fb7c | 15133 (EDGECAST) (EDGECAST) | |
11 | 3 |
ASN36352 (AS-COLOCROSSING, US)
PTR: 107-173-70-90-host.colocrossing.com
25140.top |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
usps.com
www.usps.com — Cisco Umbrella Rank: 16006 |
12 KB |
5 |
25140.top
25140.top |
176 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
6 | www.usps.com | |
5 | 25140.top |
25140.top
|
11 | 2 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
56851.top R10 |
2024-09-09 - 2024-12-08 |
3 months | crt.sh |
*.usps.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-05-17 - 2025-06-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://25140.top/
Frame ID: B3E2ECEE98DDBC17D8C07A7445B22B9C
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Welcome | USPSPage URL History Show full URLs
-
http://25140.top/
HTTP 307
https://25140.top/ Page URL
Page Statistics
29 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Site Index
Search URL Search Domain Scan URL
Title: FAQs
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: About USPS Home
Search URL Search Domain Scan URL
Title: Newsroom
Search URL Search Domain Scan URL
Title: USPS Service Updates
Search URL Search Domain Scan URL
Title: Forms & Publications
Search URL Search Domain Scan URL
Title: Government Services
Search URL Search Domain Scan URL
Title: Business Customer Gateway
Search URL Search Domain Scan URL
Title: Postal Inspectors
Search URL Search Domain Scan URL
Title: Inspector General
Search URL Search Domain Scan URL
Title: Postal Explorer
Search URL Search Domain Scan URL
Title: National Postal Museum
Search URL Search Domain Scan URL
Title: Resources for Developers
Search URL Search Domain Scan URL
Title: PostalPro
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: FOIA
Search URL Search Domain Scan URL
Title: No FEAR Act/EEO Contacts
Search URL Search Domain Scan URL
Title: Fair Chance Act
Search URL Search Domain Scan URL
Title: Accessibility Statement
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://25140.top/
HTTP 307
https://25140.top/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
25140.top/ Redirect Chain
|
461 B 437 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-4WaVs2y5.js
25140.top/assets/ |
355 KB 137 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-Dk07Lq_S.css
25140.top/assets/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
498 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer-logo-DIVBlA9z.png
25140.top/assets/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook_logo.png
www.usps.com/global-elements/footer/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instagram_logo.png
www.usps.com/global-elements/footer/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pinterest_logo.png
www.usps.com/global-elements/footer/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
threads_logo.png
www.usps.com/global-elements/footer/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
x_logo.png
www.usps.com/global-elements/footer/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtube_logo.png
www.usps.com/global-elements/footer/images/ |
881 B 958 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vite.ico
25140.top/ |
31 KB 31 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: USPS (Transportation)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| __reactRouterVersion0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
25140.top
www.usps.com
107.173.70.90
2606:2800:21f:3e9e:5a:9b8f:bddb:fb7c
1cc43a97be92fddf0fe4244858f5337c80a8d350cd0afcd0c4d2004d3fded0ab
34ca4b653eac19324221e6987afaa76c010f107bfa49d984f7814aa458cb8d92
4a1611565144a33e882c453cef9720b098f334587ab5629ffb257974a93d251d
51cf5c07c22fc839c460a34c42a4f75086af35461ea3f57482eab5187a86bc96
54245c69ffab1338212e51418eb11d06cc09d0f2af751dcf08ca6705f55108ef
62220b343c89081bd3c91d370347df26fdc9cbcdf0705e3e403cef145393f589
67fbe8ef9020e5c776aadf6801a1fef8dc563e2e4dc9ddc740af8010c0c38943
693c92fcd998d1c8993c4accb7484f0e2763b1bc36375f4c7bdeae0ba7111122
71fce266bd169d1fa0adb5288815cc08b3870f458aade9d73260e5a6b985f791
a0644683ad365aafbbe2f13aef41c1f36f42f5c64e36cdbbf6a3e1a7a2eb803c
ad33ae91b030f7e84a22120a2469fa993f13f7c6005ffdf96ad29cda7aff6350
b4603df7345ad49b672851021402a09590f236a780aa3a4231c83cc67e038c2a
c9d73bc5a038e0c018279d6dc59bdbf842c424bdfb822c1cd7e44130fc0d4608
df8e44e393db8b45deb19accf47e385123cae1371ce20e842d28a31dffb0e335