urlscan.io logo urlscan.io
SecurityTrails logo

parcelinfo-online-rm.com Open in urlscan Pro
162.0.215.197  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://parcelinfo-online-rm.com/
Effective URL: https://parcelinfo-online-rm.com/
Submission: On May 10 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 162.0.215.197, located in United States and belongs to NAMECHEAP-NET, US. The main domain is parcelinfo-online-rm.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 2nd 2021. Valid for: a year.
This is the only time parcelinfo-online-rm.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Royal Mail (Government)

Domain & IP information

IP Address AS Autonomous System
1 12 162.0.215.197 22612 (NAMECHEAP...)
11 1
Apex Domain
Subdomains		 Transfer
12 parcelinfo-online-rm.com
parcelinfo-online-rm.com
362 KB
11 1
Domain Requested by
12 parcelinfo-online-rm.com 1 redirects parcelinfo-online-rm.com
11 1

This site contains no links.

Subject Issuer Validity Valid
parcelinfo-online-rm.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-02 -
2022-05-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://parcelinfo-online-rm.com/
Frame ID: 7DC029C0370B692507527C67AFBCA780
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://parcelinfo-online-rm.com/ HTTP 301
    https://parcelinfo-online-rm.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

362 kB
Transfer

630 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://parcelinfo-online-rm.com/ HTTP 301
    https://parcelinfo-online-rm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
parcelinfo-online-rm.com/
Redirect Chain
  • http://parcelinfo-online-rm.com/
  • https://parcelinfo-online-rm.com/
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://parcelinfo-online-rm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.197 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business112-2.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
f1a602276e0394dcdcd6a397ea9d0976b1e60f8c6c5280f899a852cbed98f08f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
parcelinfo-online-rm.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 01:07:23 GMT
server
Apache
x-powered-by
PHP/7.2.34
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=99c46912ee078c85320d5a35a32eb102; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
2602
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade

Redirect headers

date
Mon, 10 May 2021 01:07:23 GMT
server
Apache
location
https://parcelinfo-online-rm.com/
content-length
241
content-type
text/html; charset=iso-8859-1
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
logo.png
parcelinfo-online-rm.com/files/ 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parcelinfo-online-rm.com/files/logo.png
Requested by
Host: parcelinfo-online-rm.com
URL: https://parcelinfo-online-rm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.197 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business112-2.web-hosting.com
Software
Apache /
Resource Hash
68538269af6016925451d151ed53d49b1be1bf587c7eb8e5cbb7fb768e1ec556
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/files/logo.png
pragma
no-cache
cookie
PHPSESSID=99c46912ee078c85320d5a35a32eb102
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
parcelinfo-online-rm.com
referer
https://parcelinfo-online-rm.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://parcelinfo-online-rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 01:07:23 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Jan 2021 13:56:16 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
174600
x-content-type-options
nosniff
restrictions.png
parcelinfo-online-rm.com/files/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parcelinfo-online-rm.com/files/restrictions.png
Requested by
Host: parcelinfo-online-rm.com
URL: https://parcelinfo-online-rm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.197 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business112-2.web-hosting.com
Software
Apache /
Resource Hash
1f4ea2eb0bcfcebd15e6fce1be0eeec9279dbde53598ba8ac25c1df345b2a96b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/files/restrictions.png
pragma
no-cache
cookie
PHPSESSID=99c46912ee078c85320d5a35a32eb102
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
parcelinfo-online-rm.com
referer
https://parcelinfo-online-rm.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://parcelinfo-online-rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 01:07:23 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Jan 2021 13:56:16 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
12691
x-content-type-options
nosniff
payments.png
parcelinfo-online-rm.com/files/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parcelinfo-online-rm.com/files/payments.png
Requested by
Host: parcelinfo-online-rm.com
URL: https://parcelinfo-online-rm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.197 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business112-2.web-hosting.com
Software
Apache /
Resource Hash
a833c3f9454969363b161787b3e531d9696b8730b5527de9ae04569c7eb4a7fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/files/payments.png
pragma
no-cache
cookie
PHPSESSID=99c46912ee078c85320d5a35a32eb102
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
parcelinfo-online-rm.com
referer
https://parcelinfo-online-rm.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://parcelinfo-online-rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 01:07:23 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Jan 2021 13:56:16 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
9671
x-content-type-options
nosniff
jquery.min.js
parcelinfo-online-rm.com/files/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://parcelinfo-online-rm.com/files/jquery.min.js
Requested by
Host: parcelinfo-online-rm.com
URL: https://parcelinfo-online-rm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.197 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business112-2.web-hosting.com
Software
Apache /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/files/jquery.min.js
pragma
no-cache
cookie
PHPSESSID=99c46912ee078c85320d5a35a32eb102
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
parcelinfo-online-rm.com
referer
https://parcelinfo-online-rm.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://parcelinfo-online-rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 01:07:23 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Jan 2021 13:56:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
30677
x-content-type-options
nosniff
jquery.mask.js
parcelinfo-online-rm.com/files/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://parcelinfo-online-rm.com/files/jquery.mask.js
Requested by
Host: parcelinfo-online-rm.com
URL: https://parcelinfo-online-rm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.197 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business112-2.web-hosting.com
Software
Apache /
Resource Hash
c84e4b2e9e47490ff3fa125e0aa933f617633649358da8861b4b430ab6ae9a70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/files/jquery.mask.js
pragma
no-cache
cookie
PHPSESSID=99c46912ee078c85320d5a35a32eb102
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
parcelinfo-online-rm.com
referer
https://parcelinfo-online-rm.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://parcelinfo-online-rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 01:07:23 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Jan 2021 13:56:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
5879
x-content-type-options
nosniff
mask.js
parcelinfo-online-rm.com/files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://parcelinfo-online-rm.com/files/mask.js
Requested by
Host: parcelinfo-online-rm.com
URL: https://parcelinfo-online-rm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.197 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business112-2.web-hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/files/mask.js
pragma
no-cache
cookie
PHPSESSID=99c46912ee078c85320d5a35a32eb102
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
parcelinfo-online-rm.com
referer
https://parcelinfo-online-rm.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://parcelinfo-online-rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 01:07:23 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
315
x-content-type-options
nosniff
PFDinTextStdBold.otf
parcelinfo-online-rm.com/fonts/ 		121 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://parcelinfo-online-rm.com/fonts/PFDinTextStdBold.otf
Requested by
Host: parcelinfo-online-rm.com
URL: https://parcelinfo-online-rm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.197 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business112-2.web-hosting.com
Software
Apache /
Resource Hash
c9926588d0d146b2bea280e6440f1b9326003f943e4bb7493e0d6f82f31e6d1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://parcelinfo-online-rm.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PHPSESSID=99c46912ee078c85320d5a35a32eb102
:path
/fonts/PFDinTextStdBold.otf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
parcelinfo-online-rm.com
referer
https://parcelinfo-online-rm.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://parcelinfo-online-rm.com
Referer
https://parcelinfo-online-rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 01:07:23 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 24 Jan 2021 04:06:48 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/otf
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
x-content-type-options
nosniff
Chevin.otf
parcelinfo-online-rm.com/fonts/ 		100 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://parcelinfo-online-rm.com/fonts/Chevin.otf
Requested by
Host: parcelinfo-online-rm.com
URL: https://parcelinfo-online-rm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.197 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business112-2.web-hosting.com
Software
Apache /
Resource Hash
1d8d748060e093f7d6c8d9f7faff87f48e3e8944c0bd17625e9a269b6b8b72f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://parcelinfo-online-rm.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PHPSESSID=99c46912ee078c85320d5a35a32eb102
:path
/fonts/Chevin.otf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
parcelinfo-online-rm.com
referer
https://parcelinfo-online-rm.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://parcelinfo-online-rm.com
Referer
https://parcelinfo-online-rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 01:07:23 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 24 Jan 2021 03:59:50 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
font/otf
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
38809
x-content-type-options
nosniff
ChevinLight.otf
parcelinfo-online-rm.com/fonts/ 		98 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://parcelinfo-online-rm.com/fonts/ChevinLight.otf
Requested by
Host: parcelinfo-online-rm.com
URL: https://parcelinfo-online-rm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.197 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business112-2.web-hosting.com
Software
Apache /
Resource Hash
cc392af873714be0ac2a50abb3ab005f45bddfeebb5d8b4f3400a3ec098b1adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://parcelinfo-online-rm.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PHPSESSID=99c46912ee078c85320d5a35a32eb102
:path
/fonts/ChevinLight.otf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
parcelinfo-online-rm.com
referer
https://parcelinfo-online-rm.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://parcelinfo-online-rm.com
Referer
https://parcelinfo-online-rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 01:07:23 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 24 Jan 2021 03:56:04 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
font/otf
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
37830
x-content-type-options
nosniff
mask.js
parcelinfo-online-rm.com/files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://parcelinfo-online-rm.com/files/mask.js
Requested by
Host: parcelinfo-online-rm.com
URL: https://parcelinfo-online-rm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.197 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business112-2.web-hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/files/mask.js
pragma
no-cache
cookie
PHPSESSID=99c46912ee078c85320d5a35a32eb102
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
parcelinfo-online-rm.com
referer
https://parcelinfo-online-rm.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://parcelinfo-online-rm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 01:07:24 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
315
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Royal Mail (Government)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
parcelinfo-online-rm.com/ Name: PHPSESSID
Value: 99c46912ee078c85320d5a35a32eb102

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block