www.delivery-packages.info Open in urlscan Pro
45.128.232.114 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.delivery-packages.info/
Effective URL:
https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3
Submission: On October 03 via automatic, source certstream-suspicious (October 3rd 2023, 11:21:20 pm UTC) — Scanned from NL

Summary HTTP 25 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 25 HTTP transactions. The main IP is 45.128.232.114, located in Eygelshoven, Netherlands and belongs to AS-PFCLOUD, GB. The main domain is www.delivery-packages.info.
TLS certificate: Issued by R3 on October 3rd 2023. Valid for: 3 months.

This is the only time www.delivery-packages.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Singapore Post (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
1 26	45.128.232.114 45.128.232.114		202685 (AS-PFCLOUD) (AS-PFCLOUD)
25	1

26 45.128.232.114 (Eygelshoven, Netherlands) 1 redirects

ASN202685 (AS-PFCLOUD, GB)

www.delivery-packages.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	delivery-packages.info 1 redirects www.delivery-packages.info	168 KB
25	1

	Domain	Requested by
26	www.delivery-packages.info	1 redirects www.delivery-packages.info
25	1

This site contains links to these domains. Also see Links.

Domain
shop.singpost.com
vpost.com
www.facebook.com
www.linkedin.com
www.instagram.com

Subject Issuer	Validity	Valid
delivery-packages.info R3	`2023-10-03` - `2024-01-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3
Frame ID: 6B718013BDAA91FB0E7680BF36B3AC57
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Singapore Post

Page URL History Show full URLs

https://www.delivery-packages.info/ HTTP 302
https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd583... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

168 kB
Transfer

1090 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://shop.singpost.com/
Title: Stamps and Gifts

Search URL Search Domain Scan URL

URL: https://vpost.com/
Title: vPost

Search URL Search Domain Scan URL

URL: https://www.facebook.com/singpost

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/singapore-post-ltd/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mysingpost/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.delivery-packages.info/ HTTP 302
https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.php Show response www.delivery-packages.info/app/ Redirect Chain https://www.delivery-packages.info/ https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3	98 KB 12 KB	170ms 170ms	Document text/html	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Full URL https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / PHP/8.2.11 PleskLin Resource Hash `d7b60f240143038930642f2c5da56eb92b104c304cc03bbd6bce39ebebf980a0` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 12353 content-type text/html; charset=UTF-8 date Tue, 03 Oct 2023 23:21:15 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx vary Accept-Encoding x-powered-by PHP/8.2.11 PleskLin Redirect headers cache-control no-store, no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Tue, 03 Oct 2023 23:21:15 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 pragma no-cache server nginx x-powered-by PHP/8.2.11 PleskLin
GET H2	200	node-173.css www.delivery-packages.info/app/assets/	672 B 467 B	51ms 51ms	Stylesheet text/css	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Full URL https://www.delivery-packages.info/app/assets/node-173.css Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / PleskLin Resource Hash `e016969a760bd61008aa874ce0dcb7c8dd99bfae70148cbc5c523b327a293511` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT content-encoding gzip last-modified Tue, 03 Oct 2023 23:20:48 GMT server nginx x-accel-version 0.01 etag "2a0-606d824127a10-gzip" x-powered-by PleskLin vary Accept-Encoding content-type text/css accept-ranges bytes content-length 261
GET H2	200	css_3QDfkTNT0dsddYy-5d0vhECy7kMBt-AhU8vNU7IDiTc.css www.delivery-packages.info/app/assets/	135 KB 16 KB	50ms 49ms	Stylesheet text/css	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Full URL https://www.delivery-packages.info/app/assets/css_3QDfkTNT0dsddYy-5d0vhECy7kMBt-AhU8vNU7IDiTc.css Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / PleskLin Resource Hash `350b3f55858f352a1340b3022928af6893801a278f260c4231bd2bdc18a36ed3` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT content-encoding br last-modified Tue, 03 Oct 2023 23:20:35 GMT server nginx etag W/"651ca1c3-21d2d" x-powered-by PleskLin content-type text/css
GET H2	200	css_faXBNvOaPg-6vuniX_MRxd3JKfQbPWyR8g8AYSfnwVg.css www.delivery-packages.info/app/assets/	818 KB 98 KB	75ms 74ms	Stylesheet text/css	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Full URL https://www.delivery-packages.info/app/assets/css_faXBNvOaPg-6vuniX_MRxd3JKfQbPWyR8g8AYSfnwVg.css Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / PleskLin Resource Hash `fec8bec1f9bfff5f2e5a9db0d1b1ef7fd2f2905cd13770aada26acce066efa2c` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT content-encoding br last-modified Tue, 03 Oct 2023 23:20:36 GMT server nginx etag W/"651ca1c4-cc60f" x-powered-by PleskLin content-type text/css
GET H2	200	logo.png www.delivery-packages.info/app/assets/	12 KB 12 KB	97ms 97ms	Image image/png	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://www.delivery-packages.info/app/assets/logo.png Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / PleskLin Resource Hash `b06b90167daeb43177f96c19d95aa96f42429486fddb57fe040ef06705ea12fa` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT last-modified Tue, 03 Oct 2023 23:20:47 GMT server nginx etag "651ca1cf-2ea7" x-powered-by PleskLin content-type image/png accept-ranges bytes content-length 11943
GET H2	200	close-white-icon.svg www.delivery-packages.info/app/assets/	433 B 606 B	96ms 94ms	Image image/svg+xml	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://www.delivery-packages.info/app/assets/close-white-icon.svg Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / PleskLin Resource Hash `b509c9f6899bca6ce1f523808fdf18e710f0f42b6fe67a7f0ed312441afff4af` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT last-modified Tue, 03 Oct 2023 23:20:35 GMT server nginx x-accel-version 0.01 etag "1b1-606d8234e4e17" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 433
GET H2	200	singpost-logo-white.png www.delivery-packages.info/app/assets/	8 KB 8 KB	97ms 94ms	Image image/png	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://www.delivery-packages.info/app/assets/singpost-logo-white.png Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / PleskLin Resource Hash `035a979c7fb9c2a8d01835e9ada00253991cadaf4b1433ffd4b0e4f48b57c913` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT last-modified Tue, 03 Oct 2023 23:20:49 GMT server nginx etag "651ca1d1-1f60" x-powered-by PleskLin content-type image/png accept-ranges bytes content-length 8032
GET H2	200	header-quick-tool-track-items.svg www.delivery-packages.info/app/assets/	2 KB 2 KB	97ms 94ms	Image image/svg+xml	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://www.delivery-packages.info/app/assets/header-quick-tool-track-items.svg Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / PleskLin Resource Hash `7438605ad02fa4e6419f5a7b387862820084a38c856788ea7b589f8be3228385` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT last-modified Tue, 03 Oct 2023 23:20:41 GMT server nginx etag "651ca1c9-6fc" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 1788
GET H2	200	header-quick-tool-calculate-postage.svg www.delivery-packages.info/app/assets/	2 KB 2 KB	97ms 95ms	Image image/svg+xml	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://www.delivery-packages.info/app/assets/header-quick-tool-calculate-postage.svg Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / PleskLin Resource Hash `2405030e9b4c2b9fda14fe8bb2ee924b401cb89e3792285d2bb2f48d09964557` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT last-modified Tue, 03 Oct 2023 23:20:39 GMT server nginx etag "651ca1c7-667" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 1639
GET H2	200	header-quick-tool-find-costal-code.svg www.delivery-packages.info/app/assets/	1 KB 2 KB	97ms 95ms	Image image/svg+xml	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://www.delivery-packages.info/app/assets/header-quick-tool-find-costal-code.svg Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / PleskLin Resource Hash `c56f8212b5d14de262449b3e389b0917d7137e26b2aa9bc8886464c3c5aa609e` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT last-modified Tue, 03 Oct 2023 23:20:40 GMT server nginx etag "651ca1c8-58c" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 1420
GET H2	200	header-quick-tool-locate-us.svg www.delivery-packages.info/app/assets/	1022 B 1 KB	97ms 95ms	Image image/svg+xml	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://www.delivery-packages.info/app/assets/header-quick-tool-locate-us.svg Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / PleskLin Resource Hash `fa40b590287a6ce8e6c0dbf2eb50cc5fcd387f40df1c00cf9e996b8251e9e590` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT last-modified Tue, 03 Oct 2023 23:20:41 GMT server nginx x-accel-version 0.01 etag "3fe-606d823aa880a" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 1022
GET H2	200	header-quick-tool-item-enquiry.svg www.delivery-packages.info/app/assets/	1 KB 1 KB	97ms 96ms	Image image/svg+xml	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://www.delivery-packages.info/app/assets/header-quick-tool-item-enquiry.svg Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / PleskLin Resource Hash `ea00ec06cd452a38314815329c268b8248c76ef98675593ce9c741d1b199d920` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT last-modified Tue, 03 Oct 2023 23:20:40 GMT server nginx etag "651ca1c8-46c" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 1132
GET H2	200	header-quck-tool-search.svg www.delivery-packages.info/app/assets/	927 B 1 KB	98ms 96ms	Image image/svg+xml	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://www.delivery-packages.info/app/assets/header-quck-tool-search.svg Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / PleskLin Resource Hash `f33e84d9248a0df23b0938c66c334e58ff828ff56a5e2b7506cca015d8097c6a` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT last-modified Tue, 03 Oct 2023 23:20:39 GMT server nginx x-accel-version 0.01 etag "39f-606d823881b53" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 927
GET H2	200	info-icon.svg www.delivery-packages.info/app/assets/	509 B 682 B	98ms 96ms	Image image/svg+xml	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://www.delivery-packages.info/app/assets/info-icon.svg Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / PleskLin Resource Hash `1f19aba066ecfcb865de655059bcb623a0a0cf10609f19682ce097c05262728e` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT last-modified Tue, 03 Oct 2023 23:20:44 GMT server nginx x-accel-version 0.01 etag "1fd-606d823e18682" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 509
GET H2	200	sgp-logo-white.svg www.delivery-packages.info/app/assets/	7 KB 7 KB	98ms 97ms	Image image/svg+xml	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://www.delivery-packages.info/app/assets/sgp-logo-white.svg Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / PleskLin Resource Hash `1049f12d0910416389877c280b016b2837c059dcdb1c4d0e5f625270fbff6457` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT last-modified Tue, 03 Oct 2023 23:20:49 GMT server nginx etag "651ca1d1-1c68" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 7272
GET H2	200	fb-icon.svg www.delivery-packages.info/app/assets/	339 B 512 B	98ms 97ms	Image image/svg+xml	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://www.delivery-packages.info/app/assets/fb-icon.svg Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / PleskLin Resource Hash `21552043a6a3d344a24720061173881cb296c7e961f3051453fe2d5a86fa3864` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT last-modified Tue, 03 Oct 2023 23:20:36 GMT server nginx x-accel-version 0.01 etag "153-606d82367e120" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 339
GET H2	200	linkedin-icon.svg www.delivery-packages.info/app/assets/	781 B 954 B	98ms 97ms	Image image/svg+xml	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://www.delivery-packages.info/app/assets/linkedin-icon.svg Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / PleskLin Resource Hash `45d6531c625ebf772224efafbdae1df17a4ba830646ac005e9c44a348ba1c068` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT last-modified Tue, 03 Oct 2023 23:20:47 GMT server nginx x-accel-version 0.01 etag "30d-606d8240143b4" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 781
GET H2	200	ig-icon.svg www.delivery-packages.info/app/assets/	1 KB 1 KB	109ms 108ms	Image image/svg+xml	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://www.delivery-packages.info/app/assets/ig-icon.svg Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / PleskLin Resource Hash `771c9facb27fc03cec36ae9c51c2bcb2fae7f10a8e063ac1110aacfdc9eb5218` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT last-modified Tue, 03 Oct 2023 23:20:42 GMT server nginx etag "651ca1ca-4c9" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 1225
GET H2	404	footer.jpg www.delivery-packages.info/themes/singpostd9/assets/images/	808 B 808 B	48ms 47ms	Image text/html	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://www.delivery-packages.info/themes/singpostd9/assets/images/footer.jpg Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / Resource Hash `b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.delivery-packages.info/app/index.php?&userid=a01c37f82415280c6eeb3afc2468fa82&ue=fd6d505a82216dd58344e5f771d382a3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT content-encoding br last-modified Tue, 03 Oct 2023 18:06:43 GMT server nginx etag W/"328-606d3c0d71335" content-type text/html
GET H2	404	Univers65Bold.woff2 www.delivery-packages.info/themes/singpostd9/assets/fonts/	0 0	48ms 47ms	Font text/html	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Full URL https://www.delivery-packages.info/themes/singpostd9/assets/fonts/Univers65Bold.woff2 Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/assets/css_faXBNvOaPg-6vuniX_MRxd3JKfQbPWyR8g8AYSfnwVg.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / Resource Hash Request headers Referer https://www.delivery-packages.info/app/assets/css_faXBNvOaPg-6vuniX_MRxd3JKfQbPWyR8g8AYSfnwVg.css Origin https://www.delivery-packages.info accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT content-encoding br last-modified Tue, 03 Oct 2023 18:06:43 GMT server nginx etag W/"328-606d3c0d71335" content-type text/html
GET H2	404	Univers.woff2 www.delivery-packages.info/themes/singpostd9/assets/fonts/	0 0	48ms 48ms	Font text/html	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Full URL https://www.delivery-packages.info/themes/singpostd9/assets/fonts/Univers.woff2 Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/assets/css_faXBNvOaPg-6vuniX_MRxd3JKfQbPWyR8g8AYSfnwVg.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / Resource Hash Request headers Referer https://www.delivery-packages.info/app/assets/css_faXBNvOaPg-6vuniX_MRxd3JKfQbPWyR8g8AYSfnwVg.css Origin https://www.delivery-packages.info accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT content-encoding br last-modified Tue, 03 Oct 2023 18:06:43 GMT server nginx etag W/"328-606d3c0d71335" content-type text/html
GET H2	404	Univers65Bold.woff www.delivery-packages.info/themes/singpostd9/assets/fonts/	0 0	47ms 47ms	Font text/html	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Full URL https://www.delivery-packages.info/themes/singpostd9/assets/fonts/Univers65Bold.woff Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/assets/css_faXBNvOaPg-6vuniX_MRxd3JKfQbPWyR8g8AYSfnwVg.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / Resource Hash Request headers Referer https://www.delivery-packages.info/app/assets/css_faXBNvOaPg-6vuniX_MRxd3JKfQbPWyR8g8AYSfnwVg.css Origin https://www.delivery-packages.info accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT content-encoding br last-modified Tue, 03 Oct 2023 18:06:43 GMT server nginx etag W/"328-606d3c0d71335" content-type text/html
GET H2	404	Univers.woff www.delivery-packages.info/themes/singpostd9/assets/fonts/	0 0	48ms 48ms	Font text/html	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Full URL https://www.delivery-packages.info/themes/singpostd9/assets/fonts/Univers.woff Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/assets/css_faXBNvOaPg-6vuniX_MRxd3JKfQbPWyR8g8AYSfnwVg.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / Resource Hash Request headers Referer https://www.delivery-packages.info/app/assets/css_faXBNvOaPg-6vuniX_MRxd3JKfQbPWyR8g8AYSfnwVg.css Origin https://www.delivery-packages.info accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT content-encoding br last-modified Tue, 03 Oct 2023 18:06:43 GMT server nginx etag W/"328-606d3c0d71335" content-type text/html
GET H2	404	Univers65Bold.ttf www.delivery-packages.info/themes/singpostd9/assets/fonts/	0 0	48ms 47ms	Font text/html	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Full URL https://www.delivery-packages.info/themes/singpostd9/assets/fonts/Univers65Bold.ttf Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/assets/css_faXBNvOaPg-6vuniX_MRxd3JKfQbPWyR8g8AYSfnwVg.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / Resource Hash Request headers Referer https://www.delivery-packages.info/app/assets/css_faXBNvOaPg-6vuniX_MRxd3JKfQbPWyR8g8AYSfnwVg.css Origin https://www.delivery-packages.info accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT content-encoding br last-modified Tue, 03 Oct 2023 18:06:43 GMT server nginx etag W/"328-606d3c0d71335" content-type text/html
GET H2	404	Univers.ttf www.delivery-packages.info/themes/singpostd9/assets/fonts/	0 0	48ms 48ms	Font text/html	45.128.232.114 AS-PFCLOUD
General Check archive.org Show headers Download Go to Full URL https://www.delivery-packages.info/themes/singpostd9/assets/fonts/Univers.ttf Requested by Host: www.delivery-packages.info URL: https://www.delivery-packages.info/app/assets/css_faXBNvOaPg-6vuniX_MRxd3JKfQbPWyR8g8AYSfnwVg.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.128.232.114 Eygelshoven, Netherlands, ASN202685 (AS-PFCLOUD, GB), Reverse DNS Software nginx / Resource Hash Request headers Referer https://www.delivery-packages.info/app/assets/css_faXBNvOaPg-6vuniX_MRxd3JKfQbPWyR8g8AYSfnwVg.css Origin https://www.delivery-packages.info accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 23:21:15 GMT content-encoding br last-modified Tue, 03 Oct 2023 18:06:43 GMT server nginx etag W/"328-606d3c0d71335" content-type text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Singapore Post (Transportation)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.delivery-packages.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5dvo7gm631ln2l3bu119nrtjd4

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.delivery-packages.info/themes/singpostd9/assets/images/footer.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.delivery-packages.info/themes/singpostd9/assets/fonts/Univers65Bold.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.delivery-packages.info/themes/singpostd9/assets/fonts/Univers.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.delivery-packages.info/themes/singpostd9/assets/fonts/Univers65Bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.delivery-packages.info/themes/singpostd9/assets/fonts/Univers.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.delivery-packages.info/themes/singpostd9/assets/fonts/Univers65Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.delivery-packages.info/themes/singpostd9/assets/fonts/Univers.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.delivery-packages.info
45.128.232.114
035a979c7fb9c2a8d01835e9ada00253991cadaf4b1433ffd4b0e4f48b57c913
1049f12d0910416389877c280b016b2837c059dcdb1c4d0e5f625270fbff6457
1f19aba066ecfcb865de655059bcb623a0a0cf10609f19682ce097c05262728e
21552043a6a3d344a24720061173881cb296c7e961f3051453fe2d5a86fa3864
2405030e9b4c2b9fda14fe8bb2ee924b401cb89e3792285d2bb2f48d09964557
350b3f55858f352a1340b3022928af6893801a278f260c4231bd2bdc18a36ed3
45d6531c625ebf772224efafbdae1df17a4ba830646ac005e9c44a348ba1c068
7438605ad02fa4e6419f5a7b387862820084a38c856788ea7b589f8be3228385
771c9facb27fc03cec36ae9c51c2bcb2fae7f10a8e063ac1110aacfdc9eb5218
b06b90167daeb43177f96c19d95aa96f42429486fddb57fe040ef06705ea12fa
b509c9f6899bca6ce1f523808fdf18e710f0f42b6fe67a7f0ed312441afff4af
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
c56f8212b5d14de262449b3e389b0917d7137e26b2aa9bc8886464c3c5aa609e
d7b60f240143038930642f2c5da56eb92b104c304cc03bbd6bce39ebebf980a0
e016969a760bd61008aa874ce0dcb7c8dd99bfae70148cbc5c523b327a293511
ea00ec06cd452a38314815329c268b8248c76ef98675593ce9c741d1b199d920
f33e84d9248a0df23b0938c66c334e58ff828ff56a5e2b7506cca015d8097c6a
fa40b590287a6ce8e6c0dbf2eb50cc5fcd387f40df1c00cf9e996b8251e9e590
fec8bec1f9bfff5f2e5a9db0d1b1ef7fd2f2905cd13770aada26acce066efa2c

www.delivery-packages.info Open in urlscan Pro 45.128.232.114 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

168 kBTransfer

1090 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

1 Cookies

7 Console Messages

www.delivery-packages.info Open in urlscan Pro
45.128.232.114 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

168 kB
Transfer

1090 kB
Size

1
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!