avenirindustries.com Open in urlscan Pro
217.21.84.55 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://avenirindustries.com/usps/
Effective URL:
https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709
Submission: On March 30 via manual (March 30th 2022, 10:38:16 am UTC) from IN — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 24 HTTP transactions. The main IP is 217.21.84.55, located in Germany and belongs to AS-HOSTINGER, CY. The main domain is avenirindustries.com.
TLS certificate: Issued by R3 on March 12th 2022. Valid for: 3 months.

This is the only time avenirindustries.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: USPS (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 5	217.21.84.55 217.21.84.55	47583 (AS-HOSTINGER) (AS-HOSTINGER)
14	2606:2800:233... 2606:2800:233:df95:1212:762c:504b:cf9d	15133 (EDGECAST) (EDGECAST)
24	3

5 217.21.84.55 (Germany) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

avenirindustries.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:2800:233:df95:1212:762c:504b:cf9d (United States)

ASN15133 (EDGECAST, US)

reg.usps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	usps.com reg.usps.com — Cisco Umbrella Rank: 46882	85 KB
5	avenirindustries.com 1 redirects avenirindustries.com	88 KB
24	2

	Domain	Requested by
14	reg.usps.com	avenirindustries.com reg.usps.com
5	avenirindustries.com	1 redirects avenirindustries.com
24	2

This site contains no links.

Subject Issuer	Validity	Valid
avenirindustries.com R3	`2022-03-12` - `2022-06-10`	3 months	crt.sh
*.usps.com DigiCert SHA2 Secure Server CA	`2020-05-14` - `2022-05-16`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: 167005F16AA66E48FA6041A19381468C
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

USPS.com® - Find my address

Page URL History Show full URLs

https://avenirindustries.com/usps/ HTTP 302
https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

75 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

173 kB
Transfer

567 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://avenirindustries.com/usps/ HTTP 302
https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request signin Show response
avenirindustries.com/usps/
Redirect Chain

https://avenirindustries.com/usps/
https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

16 KB
4 KB

622ms
622ms

Document
text/html

217.21.84.55
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

217.21.84.55 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.27

Resource Hash

9b767e8842358ce3d67215e8c84e89e7accf2eafdfd950877744d8fda0d678b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 4486
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 30 Mar 2022 10:38:09 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: PHP/7.4.27
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 30 Mar 2022 10:38:09 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709
pragma: no-cache
server: LiteSpeed
x-content-type-options: nosniff
x-powered-by: PHP/7.4.27
x-xss-protection: 1; mode=block

GET
H3 200 jquery.js Show response
avenirindustries.com/usps/lib/js/ 286 KB
79 KB 198ms
198ms Script
application/x-javascript 217.21.84.55
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://avenirindustries.com/usps/lib/js/jquery.js

Requested by

Host: avenirindustries.com
URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

Protocol

Security

QUIC, , AES_128_GCM

Server

217.21.84.55 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

692d421d5c163409a5918e802f507abbaa6bec90baa454c5252977a5b3b7ff0d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 05 Feb 2018 13:55:00 GMT
server: LiteSpeed
etag: "478d0-5a786234-30036e391c8292db;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31557600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 80021
x-xss-protection: 1; mode=block
expires: Thu, 30 Mar 2023 16:38:10 GMT

GET
H3 200 jquery.maskedinput.js Show response
avenirindustries.com/usps/lib/js/ 10 KB
2 KB 195ms
195ms Script
application/x-javascript 217.21.84.55
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://avenirindustries.com/usps/lib/js/jquery.maskedinput.js

Requested by

Host: avenirindustries.com
URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

Protocol

Security

QUIC, , AES_128_GCM

Server

217.21.84.55 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c75ef4ed711014b31fe4cc01e7b96ee7723d2fe8b77c7158f45a885f1a15d4ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 14 Mar 2015 11:25:00 GMT
server: LiteSpeed
etag: "28ba-55041a8c-3a3f66461ac37c27;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31557600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 2467
x-xss-protection: 1; mode=block
expires: Thu, 30 Mar 2023 16:38:10 GMT

GET
H3 200 jquery.payment.js Show response
avenirindustries.com/usps/lib/js/ 11 KB
2 KB 195ms
195ms Script
application/x-javascript 217.21.84.55
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://avenirindustries.com/usps/lib/js/jquery.payment.js

Requested by

Host: avenirindustries.com
URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

Protocol

Security

QUIC, , AES_128_GCM

Server

217.21.84.55 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ccbadff5afdc080f00da54378d4942b0587425a4179fb17ceb7df56f260d1cd7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 30 Dec 2013 09:05:20 GMT
server: LiteSpeed
etag: "2cd2-52c13750-55a9b382d46632d8;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31557600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 2433
x-xss-protection: 1; mode=block
expires: Thu, 30 Mar 2023 16:38:10 GMT

GET
H2 200 usps-fonts.css
reg.usps.com/entreg/assets/css/globals/ 3 KB
1 KB 325ms
137ms Stylesheet
text/css 2606:2800:233:df95:1212:762c:504b:cf9d
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://reg.usps.com/entreg/assets/css/globals/usps-fonts.css

Requested by

Host: avenirindustries.com
URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:df95:1212:762c:504b:cf9d , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcb/7FC7) / Servlet/3.0

Resource Hash

10544816ae4a69b52155ba141224b1d85e1e46db151fda7d1e674c277bfb0c4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://avenirindustries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65230
x-powered-by: Servlet/3.0
x-cache: HIT
vary: Accept-Encoding
content-length: 879
last-modified: Wed, 09 Mar 2022 22:57:26 GMT
server: ECAcc (dcb/7FC7)
x-frame-options: SAMEORIGIN, DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-language: en-US
x-ruleset-version: 2.5
cache-control: no-cache
content-type: text/css
expires: Wed, 30 Mar 2022 10:38:09 GMT

GET
H2 200 bootstrap.min.css
reg.usps.com/entreg/assets/css/vendor/bootstrap/3.5.5/ 120 KB
20 KB 329ms
141ms Stylesheet
text/css 2606:2800:233:df95:1212:762c:504b:cf9d
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://reg.usps.com/entreg/assets/css/vendor/bootstrap/3.5.5/bootstrap.min.css

Requested by

Host: avenirindustries.com
URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:df95:1212:762c:504b:cf9d , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcb/7FE5) / Servlet/3.0

Resource Hash

f4bbc1d72d017bef7a1d71c52e952861b92178cc2dd5378592eb875dfdae9b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://avenirindustries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10795
x-powered-by: Servlet/3.0
x-cache: HIT
vary: Accept-Encoding
content-length: 20163
last-modified: Wed, 09 Mar 2022 22:57:26 GMT
server: ECAcc (dcb/7FE5)
x-frame-options: SAMEORIGIN, DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-language: en-US
x-ruleset-version: 2.5
cache-control: no-cache
content-type: text/css
expires: Wed, 30 Mar 2022 10:38:09 GMT

GET
H2 200 bootstrap-sticky-footer.css
reg.usps.com/entreg/assets/css/vendor/bootstrap/3.5.5/ 234 B
218 B 331ms
143ms Stylesheet
text/css 2606:2800:233:df95:1212:762c:504b:cf9d
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://reg.usps.com/entreg/assets/css/vendor/bootstrap/3.5.5/bootstrap-sticky-footer.css

Requested by

Host: avenirindustries.com
URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:df95:1212:762c:504b:cf9d , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcb/7EDB) / Servlet/3.0

Resource Hash

6b1512cdc4e555e710a1312eb41622763d58d73d3e220b2af12084501f277b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://avenirindustries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3619
x-powered-by: Servlet/3.0
x-cache: HIT
vary: Accept-Encoding
content-length: 157
last-modified: Wed, 09 Mar 2022 22:57:26 GMT
server: ECAcc (dcb/7EDB)
x-frame-options: SAMEORIGIN, DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-language: en-US
x-ruleset-version: 2.5
cache-control: no-cache
content-type: text/css
expires: Wed, 30 Mar 2022 10:38:09 GMT

GET
H2 200 theme.css
reg.usps.com/entreg/assets/css/vendor/bootstrap/3.5.5/ 63 KB
13 KB 334ms
146ms Stylesheet
text/css 2606:2800:233:df95:1212:762c:504b:cf9d
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://reg.usps.com/entreg/assets/css/vendor/bootstrap/3.5.5/theme.css

Requested by

Host: avenirindustries.com
URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:df95:1212:762c:504b:cf9d , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcb/7EE9) / Servlet/3.0

Resource Hash

8dad9dde52c81931668987b33133434fc45072be0f2988d6654e04751c4c7fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://avenirindustries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74136
x-powered-by: Servlet/3.0
x-cache: HIT
vary: Accept-Encoding
content-length: 13352
last-modified: Wed, 09 Mar 2022 22:57:26 GMT
server: ECAcc (dcb/7EE9)
x-frame-options: SAMEORIGIN, DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-language: en-US
x-ruleset-version: 2.5
cache-control: no-cache
content-type: text/css
expires: Wed, 30 Mar 2022 10:38:09 GMT

GET
H2 200 tinyscrollbar.css
reg.usps.com/entreg/assets/css/vendor/tinyscrollbar/ 9 KB
1 KB 630ms
443ms Stylesheet
text/css 2606:2800:233:df95:1212:762c:504b:cf9d
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://reg.usps.com/entreg/assets/css/vendor/tinyscrollbar/tinyscrollbar.css

Requested by

Host: avenirindustries.com
URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:df95:1212:762c:504b:cf9d , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcb/7350) / Servlet/3.0

Resource Hash

cfb569ff4fa58691f534fce6b33a274e95f0fda0aeaaf75944cde559f556725a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://avenirindustries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78206
x-powered-by: Servlet/3.0
x-cache: HIT
vary: Accept-Encoding
content-length: 1140
last-modified: Wed, 09 Mar 2022 22:57:26 GMT
server: ECAcc (dcb/7350)
x-frame-options: SAMEORIGIN, DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-language: en-US
x-ruleset-version: 2.5
cache-control: no-cache
content-type: text/css
expires: Wed, 30 Mar 2022 10:38:09 GMT

GET
H2 200 des_brd_2color_logo_34x50.png
reg.usps.com/entreg/assets/images/ 1 KB
2 KB 138ms
137ms Image
image/png 2606:2800:233:df95:1212:762c:504b:cf9d
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://reg.usps.com/entreg/assets/images/des_brd_2color_logo_34x50.png

Requested by

Host: avenirindustries.com
URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:df95:1212:762c:504b:cf9d , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcb/735B) / Servlet/3.0

Resource Hash

5ffcf42b2df079d5018a41a9ab77bba083a5ba68b0bb973e0054cb6cc16802e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://avenirindustries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
x-content-type-options: nosniff
age: 28935
x-powered-by: Servlet/3.0
x-cache: HIT
content-length: 1476
last-modified: Wed, 09 Mar 2022 22:57:26 GMT
server: ECAcc (dcb/735B)
x-frame-options: SAMEORIGIN, DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-language: en-US
x-ruleset-version: 2.5
cache-control: no-cache
accept-ranges: bytes
content-type: image/png
expires: Wed, 30 Mar 2022 10:38:09 GMT

GET
H2 200 des_brd_2color_logo_260x59.png
reg.usps.com/entreg/assets/images/ 9 KB
9 KB 150ms
148ms Image
image/png 2606:2800:233:df95:1212:762c:504b:cf9d
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://reg.usps.com/entreg/assets/images/des_brd_2color_logo_260x59.png

Requested by

Host: avenirindustries.com
URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:df95:1212:762c:504b:cf9d , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcb/7FE3) / Servlet/3.0

Resource Hash

dd58c5e5e7042748207f49ef8ac8d2247bc14ab632d0bb8f98ac6e6cdb2bca95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://avenirindustries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
x-content-type-options: nosniff
age: 28935
x-powered-by: Servlet/3.0
x-cache: HIT
content-length: 9293
last-modified: Wed, 09 Mar 2022 22:57:26 GMT
server: ECAcc (dcb/7FE3)
x-frame-options: SAMEORIGIN, DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-language: en-US
x-ruleset-version: 2.5
cache-control: no-cache
accept-ranges: bytes
content-type: image/png
expires: Wed, 30 Mar 2022 10:38:09 GMT

GET
H2 200 rmin-step-1.png
reg.usps.com/entreg/assets/images/ 506 B
567 B 447ms
445ms Image
image/png 2606:2800:233:df95:1212:762c:504b:cf9d
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://reg.usps.com/entreg/assets/images/rmin-step-1.png

Requested by

Host: avenirindustries.com
URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:df95:1212:762c:504b:cf9d , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcb/7EC4) / Servlet/3.0

Resource Hash

b3a08dd44a05750d27893ce5557ad47333e42d9be692e494675ea8a6b4a41ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://avenirindustries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
x-content-type-options: nosniff
age: 28955
x-powered-by: Servlet/3.0
x-cache: HIT
content-length: 506
last-modified: Wed, 09 Mar 2022 22:57:28 GMT
server: ECAcc (dcb/7EC4)
x-frame-options: SAMEORIGIN, DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-language: en-US
x-ruleset-version: 2.5
cache-control: no-cache
accept-ranges: bytes
content-type: image/png
expires: Wed, 30 Mar 2022 10:38:09 GMT

GET
H2 200 info.png
reg.usps.com/entreg/assets/images/icons/ 633 B
693 B 149ms
148ms Image
image/png 2606:2800:233:df95:1212:762c:504b:cf9d
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://reg.usps.com/entreg/assets/images/icons/info.png

Requested by

Host: avenirindustries.com
URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:df95:1212:762c:504b:cf9d , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcb/7F94) / Servlet/3.0

Resource Hash

03ca1e2ab37fb3830730e8732c052d69d07d48d5e91f90222584dc85935e612c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://avenirindustries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
x-content-type-options: nosniff
age: 28935
x-powered-by: Servlet/3.0
x-cache: HIT
content-length: 633
last-modified: Wed, 09 Mar 2022 22:57:26 GMT
server: ECAcc (dcb/7F94)
x-frame-options: SAMEORIGIN, DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-language: en-US
x-ruleset-version: 2.5
cache-control: no-cache
accept-ranges: bytes
content-type: image/png
expires: Wed, 30 Mar 2022 10:38:09 GMT

GET
H2 200 logo-mini-sb.png
reg.usps.com/entreg/assets/images/ 23 KB
23 KB 144ms
143ms Image
image/png 2606:2800:233:df95:1212:762c:504b:cf9d
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://reg.usps.com/entreg/assets/images/logo-mini-sb.png

Requested by

Host: avenirindustries.com
URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:df95:1212:762c:504b:cf9d , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcb/733E) / Servlet/3.0

Resource Hash

585262db6911000f59795831f9db7bb41477bcafb135c82b51b0473363134fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://avenirindustries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
x-content-type-options: nosniff
age: 28951
x-powered-by: Servlet/3.0
x-cache: HIT
content-length: 23625
last-modified: Wed, 09 Mar 2022 22:57:28 GMT
server: ECAcc (dcb/733E)
x-frame-options: SAMEORIGIN, DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-language: en-US
x-ruleset-version: 2.5
cache-control: no-cache
accept-ranges: bytes
content-type: image/png
expires: Wed, 30 Mar 2022 10:38:09 GMT

GET
H2 200 facebook54x53.png
reg.usps.com/entreg/assets/images/footer/ 3 KB
3 KB 148ms
146ms Image
image/png 2606:2800:233:df95:1212:762c:504b:cf9d
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://reg.usps.com/entreg/assets/images/footer/facebook54x53.png

Requested by

Host: avenirindustries.com
URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:df95:1212:762c:504b:cf9d , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcb/737D) / Servlet/3.0

Resource Hash

748622d4d088b843e200776ce65e48c3e7e4b3a7c0fc959c691d99def179205e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://avenirindustries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
x-content-type-options: nosniff
age: 28935
x-powered-by: Servlet/3.0
x-cache: HIT
content-length: 2865
last-modified: Wed, 09 Mar 2022 22:57:26 GMT
server: ECAcc (dcb/737D)
x-frame-options: SAMEORIGIN, DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-language: en-US
x-ruleset-version: 2.5
cache-control: no-cache
accept-ranges: bytes
content-type: image/png
expires: Wed, 30 Mar 2022 10:38:09 GMT

GET
H2 200 twitter54x53.png
reg.usps.com/entreg/assets/images/footer/ 3 KB
3 KB 444ms
443ms Image
image/png 2606:2800:233:df95:1212:762c:504b:cf9d
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://reg.usps.com/entreg/assets/images/footer/twitter54x53.png

Requested by

Host: avenirindustries.com
URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:df95:1212:762c:504b:cf9d , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcb/7ED4) / Servlet/3.0

Resource Hash

67a4999a59962445831760592fbdc95e023c6c0884cec51fa7bc7cd22c6e0a8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://avenirindustries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
x-content-type-options: nosniff
age: 28935
x-powered-by: Servlet/3.0
x-cache: HIT
content-length: 2990
last-modified: Wed, 09 Mar 2022 22:57:26 GMT
server: ECAcc (dcb/7ED4)
x-frame-options: SAMEORIGIN, DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-language: en-US
x-ruleset-version: 2.5
cache-control: no-cache
accept-ranges: bytes
content-type: image/png
expires: Wed, 30 Mar 2022 10:38:09 GMT

GET
H2 200 pinterest54x53.png
reg.usps.com/entreg/assets/images/footer/ 5 KB
5 KB 148ms
147ms Image
image/png 2606:2800:233:df95:1212:762c:504b:cf9d
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://reg.usps.com/entreg/assets/images/footer/pinterest54x53.png

Requested by

Host: avenirindustries.com
URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:df95:1212:762c:504b:cf9d , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcb/7F62) / Servlet/3.0

Resource Hash

59f5e4d40c77bc5155713bc956ddb8f4c14e3438d906a920f977073a071fb228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://avenirindustries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
x-content-type-options: nosniff
age: 28935
x-powered-by: Servlet/3.0
x-cache: HIT
content-length: 5504
last-modified: Wed, 09 Mar 2022 22:57:26 GMT
server: ECAcc (dcb/7F62)
x-frame-options: SAMEORIGIN, DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-language: en-US
x-ruleset-version: 2.5
cache-control: no-cache
accept-ranges: bytes
content-type: image/png
expires: Wed, 30 Mar 2022 10:38:09 GMT

GET
H2 200 youtube54x53.png
reg.usps.com/entreg/assets/images/footer/ 3 KB
3 KB 450ms
449ms Image
image/png 2606:2800:233:df95:1212:762c:504b:cf9d
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://reg.usps.com/entreg/assets/images/footer/youtube54x53.png

Requested by

Host: avenirindustries.com
URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:df95:1212:762c:504b:cf9d , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcb/7ECC) / Servlet/3.0

Resource Hash

bcafef03600ff7498457c30861f61146e46c7320c085bc27d540c1e2357bc3dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://avenirindustries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:38:10 GMT
x-content-type-options: nosniff
age: 28935
x-powered-by: Servlet/3.0
x-cache: HIT
content-length: 3320
last-modified: Wed, 09 Mar 2022 22:57:26 GMT
server: ECAcc (dcb/7ECC)
x-frame-options: SAMEORIGIN, DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-language: en-US
x-ruleset-version: 2.5
cache-control: no-cache
accept-ranges: bytes
content-type: image/png
expires: Wed, 30 Mar 2022 10:38:09 GMT

GET d5af76d8-a90b-4527-b3a3-182207cc3250.woff
reg.usps.com/entreg/assets/fonts/usps/ 0
0

GET 4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
reg.usps.com/entreg/assets/fonts/usps/ 0
0

GET 5b4a262e-3342-44e2-8ad7-719998a68134.woff
reg.usps.com/entreg/assets/fonts/usps/ 0
0

GET 4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
reg.usps.com/entreg/assets/fonts/usps/ 0
0

GET 1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
reg.usps.com/entreg/assets/fonts/usps/ 0
0

GET db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
reg.usps.com/entreg/assets/fonts/usps/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: reg.usps.com
URL: https://reg.usps.com/entreg/assets/fonts/usps/d5af76d8-a90b-4527-b3a3-182207cc3250.woff

Domain: reg.usps.com
URL: https://reg.usps.com/entreg/assets/fonts/usps/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff

Domain: reg.usps.com
URL: https://reg.usps.com/entreg/assets/fonts/usps/5b4a262e-3342-44e2-8ad7-719998a68134.woff

Domain: reg.usps.com
URL: https://reg.usps.com/entreg/assets/fonts/usps/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf

Domain: reg.usps.com
URL: https://reg.usps.com/entreg/assets/fonts/usps/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf

Domain: reg.usps.com
URL: https://reg.usps.com/entreg/assets/fonts/usps/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: USPS (Transportation)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			avenirindustries.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8117124afcd9a8eea9271f8a3fa6faa4

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709 Message: Access to font at 'https://reg.usps.com/entreg/assets/fonts/usps/5b4a262e-3342-44e2-8ad7-719998a68134.woff' from origin 'https://avenirindustries.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://reg.usps.com/entreg/assets/fonts/usps/5b4a262e-3342-44e2-8ad7-719998a68134.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709 Message: Access to font at 'https://reg.usps.com/entreg/assets/fonts/usps/d5af76d8-a90b-4527-b3a3-182207cc3250.woff' from origin 'https://avenirindustries.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://reg.usps.com/entreg/assets/fonts/usps/d5af76d8-a90b-4527-b3a3-182207cc3250.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709 Message: Access to font at 'https://reg.usps.com/entreg/assets/fonts/usps/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff' from origin 'https://avenirindustries.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://reg.usps.com/entreg/assets/fonts/usps/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709 Message: Access to font at 'https://reg.usps.com/entreg/assets/fonts/usps/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf' from origin 'https://avenirindustries.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://reg.usps.com/entreg/assets/fonts/usps/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709 Message: Access to font at 'https://reg.usps.com/entreg/assets/fonts/usps/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf' from origin 'https://avenirindustries.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://reg.usps.com/entreg/assets/fonts/usps/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://avenirindustries.com/usps/signin?id=da39a3ee5e6b4b0d3255bfef95601890afd80709 Message: Access to font at 'https://reg.usps.com/entreg/assets/fonts/usps/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf' from origin 'https://avenirindustries.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://reg.usps.com/entreg/assets/fonts/usps/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avenirindustries.com
reg.usps.com
reg.usps.com
217.21.84.55
2606:2800:233:df95:1212:762c:504b:cf9d
03ca1e2ab37fb3830730e8732c052d69d07d48d5e91f90222584dc85935e612c
10544816ae4a69b52155ba141224b1d85e1e46db151fda7d1e674c277bfb0c4b
585262db6911000f59795831f9db7bb41477bcafb135c82b51b0473363134fcf
59f5e4d40c77bc5155713bc956ddb8f4c14e3438d906a920f977073a071fb228
5ffcf42b2df079d5018a41a9ab77bba083a5ba68b0bb973e0054cb6cc16802e0
67a4999a59962445831760592fbdc95e023c6c0884cec51fa7bc7cd22c6e0a8a
692d421d5c163409a5918e802f507abbaa6bec90baa454c5252977a5b3b7ff0d
6b1512cdc4e555e710a1312eb41622763d58d73d3e220b2af12084501f277b39
748622d4d088b843e200776ce65e48c3e7e4b3a7c0fc959c691d99def179205e
8dad9dde52c81931668987b33133434fc45072be0f2988d6654e04751c4c7fed
9b767e8842358ce3d67215e8c84e89e7accf2eafdfd950877744d8fda0d678b5
b3a08dd44a05750d27893ce5557ad47333e42d9be692e494675ea8a6b4a41ec5
bcafef03600ff7498457c30861f61146e46c7320c085bc27d540c1e2357bc3dc
c75ef4ed711014b31fe4cc01e7b96ee7723d2fe8b77c7158f45a885f1a15d4ad
ccbadff5afdc080f00da54378d4942b0587425a4179fb17ceb7df56f260d1cd7
cfb569ff4fa58691f534fce6b33a274e95f0fda0aeaaf75944cde559f556725a
dd58c5e5e7042748207f49ef8ac8d2247bc14ab632d0bb8f98ac6e6cdb2bca95
f4bbc1d72d017bef7a1d71c52e952861b92178cc2dd5378592eb875dfdae9b66

avenirindustries.com Open in urlscan Pro 217.21.84.55 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

75 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

173 kBTransfer

567 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

1 Cookies

12 Console Messages

Security Headers

Indicators

avenirindustries.com Open in urlscan Pro
217.21.84.55 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

75 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

173 kB
Transfer

567 kB
Size

1
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!