ups-internationell.com
Open in
urlscan Pro
208.113.188.117
Malicious Activity!
Public Scan
Submission: On July 10 via automatic, source phishtank — Scanned from DE
Summary
TLS certificate: Issued by R3 on July 6th 2023. Valid for: 3 months.
This is the only time ups-internationell.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UPS (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
29 | 208.113.188.117 208.113.188.117 | 26347 (DREAMHOST-AS) (DREAMHOST-AS) | |
1 | 44.238.162.224 44.238.162.224 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2620:1ec:bdf::64 2620:1ec:bdf::64 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
32 | 4 |
ASN26347 (DREAMHOST-AS, US)
PTR: apache2-grog.iad1-shared-e1-02.dreamhost.com
ups-internationell.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-162-224.us-west-2.compute.amazonaws.com
mpsnare.iesnare.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
media-us1.digital.nuance.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
ups-internationell.com
ups-internationell.com |
701 KB |
1 |
nuance.com
media-us1.digital.nuance.com — Cisco Umbrella Rank: 8681 |
7 KB |
1 |
iesnare.com
mpsnare.iesnare.com — Cisco Umbrella Rank: 5149 |
809 B |
0 |
gigya.com
Failed
cdns.us1.gigya.com Failed |
|
32 | 4 |
Domain | Requested by | |
---|---|---|
29 | ups-internationell.com |
ups-internationell.com
media-us1.digital.nuance.com |
1 | media-us1.digital.nuance.com |
ups-internationell.com
|
1 | mpsnare.iesnare.com |
ups-internationell.com
|
0 | cdns.us1.gigya.com Failed |
ups-internationell.com
|
32 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.ups-internationell.com R3 |
2023-07-06 - 2023-10-04 |
3 months | crt.sh |
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA |
2023-05-01 - 2024-05-29 |
a year | crt.sh |
*.digital.nuance.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2022-09-14 - 2023-10-12 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://ups-internationell.com/hrsui/hr-HRips/home/
Frame ID: 8714B75F90A0A2C0F737A9BAB335F557
Requests: 32 HTTP requests in this frame
Frame:
https://ups-internationell.com/nuance/nuance-chat.html?IFRAME&nuance-frame-ac=0
Frame ID: 85D1CB1A7302AF39229834EEB066FD6D
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Praćenje | UPS - GermanyDetected technologies
Modernizr (JavaScript Libraries) ExpandDetected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ups-internationell.com/hrsui/hr-HRips/home/ |
36 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.sync.js
ups-internationell.com/hrsui/hr-HRips/home/js/ |
168 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ups.vendor.616f83.js
ups-internationell.com/hrsui/hr-HRips/home/js/ |
468 KB 136 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ups.vendor.54f3c2d83b58.css
ups-internationell.com/hrsui/hr-HRips/home/css/ |
134 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ups.styles.64d519c676ed.css
ups-internationell.com/hrsui/hr-HRips/home/css/ |
102 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ups.modules.6bb4323d192a.css
ups-internationell.com/hrsui/hr-HRips/home/css/ |
741 KB 88 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ups.widgets.7e2315c2b219.css
ups-internationell.com/hrsui/hr-HRips/home/css/ |
69 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ups.header.0578a4.js
ups-internationell.com/hrsui/hr-HRips/home/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.249bde.js
ups-internationell.com/hrsui/hr-HRips/home/js/ |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UPS_logo.svg
ups-internationell.com/hrsui/hr-HRips/home/img/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modallogin-1807.01_min.js
ups-internationell.com/hrsui/hr-HRips/home/js/ |
28 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
snare.js
ups-internationell.com/hrsui/hr-HRips/home/js/ |
38 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gigya.js
ups-internationell.com/hrsui/hr-HRips/home/js/ |
438 KB 122 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.min.js
ups-internationell.com/hrsui/hr-HRips/home/js/ |
105 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.min.js
ups-internationell.com/hrsui/hr-HRips/home/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.min.js
ups-internationell.com/hrsui/hr-HRips/home/js/ |
36 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icp.gif
ups-internationell.com/hrsui/hr-HRips/home/img/ |
43 B 132 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inqChatLaunch10005649.js
ups-internationell.com/hrsui/hr-HRips/home/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ups.scripts.5735b4.js
ups-internationell.com/hrsui/hr-HRips/home/js/ |
329 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QCyJdEiY.js
ups-internationell.com/hrsui/hr-HRips/home/js/UmhvDi0VAQM/cQk/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.js
ups-internationell.com/hrsui/hr-HRips/home/js/ |
369 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Regular.woff
ups-internationell.com/assets/resources/styles/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
0 0 |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Light.woff
ups-internationell.com/assets/resources/styles/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Medium.woff
ups-internationell.com/assets/resources/styles/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.js
mpsnare.iesnare.com/script/ |
96 B 809 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Regular.woff2
ups-internationell.com/assets/resources/styles/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Medium.woff2
ups-internationell.com/assets/resources/styles/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Light.woff2
ups-internationell.com/assets/resources/styles/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sdk.config.get
cdns.us1.gigya.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chatLoader.min.js
media-us1.digital.nuance.com/media/launch/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social.jpg
ups-internationell.com/assets/resources/images/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nuance-chat.html
ups-internationell.com/nuance/ Frame 85D1 |
315 B 343 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cdns.us1.gigya.com
- URL
- https://cdns.us1.gigya.com/sdk.config.get?apiKey=3_iCVSE9Ao6y9HITzXCDEN85YkhAnYbAuW1a6LOUnRKPEcwU_QCjFz7q_a1qfN5Vgd&httpStatusCodes=true
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UPS (Transportation)230 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend boolean| excludeShippingApp boolean| excludeTrackingApp boolean| excludeCtcApp boolean| excludeSiteWide boolean| excludeWorldShipSite object| excludeList object| mtags undefined| e undefined| visitor function| getCookie undefined| targetPageParams object| utag_data string| utag_sync_GdprFlag_c6 function| _toConsumableArray function| _slice function| $ function| jQuery object| H5F object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI object| parsley undefined| popWin undefined| popWinType boolean| ie function| helpModLvl function| helpFieldLvl function| printerFriend function| newWindow function| popWindow function| popLanguage function| setPreferences function| popWrapper function| submitHomepageLinkContent object| html5 object| Modernizr string| expand string| collapse string| wems_country string| wems_locale string| wems_ts string| wems_ext_locale object| obj_live_chat undefined| $location string| rightRailLabel function| launchLoginModal function| closeLogin function| processLogin function| captcharesp function| changeTempPassword function| replaceAll function| closeLegal function| updateLegal function| closeMycLegal function| updateMYCLegal function| checkCountry function| submitenter function| submitRecoverMyIDEnter function| submitForm function| processForgotOptions function| closeForgot function| processForgot function| processForgotPassword function| processVerifySecurityQuestionsAnswers function| processSendPIN function| processVerifyPIN function| processUpdatePassword function| Conti function| veremail function| ContinueVerifyEmail function| closeVeremail function| clearErrors function| validateLoginForm function| validateChangePasswordForm function| clearChangePasswordErrors function| validateEmailVerificationForm function| validateLinkAccounts function| show_pwd function| hide_pwd function| processLinkMyAccount function| closeLinkMyAccount function| processRegisterAccounts function| processConnectWithSocialMedia function| onLoginModalHandler function| onLogoutHandler function| loginModal function| processResetMyPassword function| forgotProcessRecoverMyID function| validateResetMyPasswordForm function| clearResetMyPasswordErrors function| validateRecoverMyIDForm function| clearRecoverMyIDErrors function| processUpdateRecoverMyID function| processEmailResend function| verifyScroll function| validatePIN function| clearPINErrors function| validateChanPass function| clearChanPassErrors function| userIDOnBlur function| validate function| passwordOnBlur function| validateLegalCheckbox function| clearLegalCheckboxErrors function| continueToTrackingPage string| io_operation string| io_bbout_element_id boolean| io_install_flash boolean| io_install_stm number| io_exclude_stm string| io_install_stm_error_handler object| bb string| bb_contents number| bb_min_time number| bb_max_time number| bb_time_incr number| bb_max_upd_time number| start_time number| bb_update_time function| waitforbb string| _i_a string| localObjectName function| __if_a function| __if_b function| __if_c object| _i_d object| _i_o object| _i_z object| _i_aa object| _i_ac object| _i_cr function| __if_d object| io_adp function| __if_e object| _i_dt function| __if_f function| iov_fl_cb function| iov_fl_fn function| iov_fl_get_value function| __if_g object| io_dp function| __if_h function| ioGetBlackbox object| io_cm function| __if_i object| _i_fm object| _i_fn object| _i_fo object| _i_dl object| _i_fp function| __if_j function| __if_k number| _i_fq function| __if_l number| _i_fs function| __if_m string| io_last_error object| IGLOO string| io_stm_cab_url string| io_flash_needs_update_handler boolean| io_enable_rip object| io_flash_blacklist object| io_flash_whitelist string| io_min_flash_in_firefox_version string| io_min_flash_in_firefox_linux_version string| io_min_flash_version string| _i_dw number| _i_g number| _i_bl object| gigya object| CryptoJS string| identifier function| isloc function| cacheManager function| cacheUnset function| jsonJq function| checkCache function| validateForm object| $jscomp undefined| pwShown function| login function| onLoad function| onLoginHandler function| executePlugins function| alignElementHeight function| getAccountInfoResponse function| getPagelink function| encode64 function| createChatURL function| checkIfCondition function| maxHeight undefined| thirdContFluid undefined| rightRail undefined| upsAuth object| authentication undefined| _instance number| index string| ariaExpanded function| addTrackingHistory function| processSuccessResponse function| processResponse string| urlParam string| queryParam string| cmeTrnscrptLnk string| arExpan string| pdCastCn string| arHid function| cmeFeedbackInit function| upsCmeSubNavInit function| mostRecentInit function| recentCategoryInit function| tableInit object| $head object| UPS function| evaluateLegacySettings function| wrapWithTryCatch function| secureProtocol function| getParentV3LanderConfig function| loadChat object| v3Lander object| v3LanderConfig object| __webpack_exports__2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ups-internationell.com/ | Name: gig_canary Value: false |
|
.ups-internationell.com/ | Name: gig_canary_ver Value: 13023-3-27540675 |
15 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdns.us1.gigya.com
media-us1.digital.nuance.com
mpsnare.iesnare.com
ups-internationell.com
cdns.us1.gigya.com
208.113.188.117
2620:1ec:bdf::64
44.238.162.224
0ee9b76d3956e30ace9b7fbbcba48ef2a4fdeb03e2acbeb6c971141ae853854b
1516f19456534c11d44a5c073cdf98018907c91c003917656028d893722caa10
1e6b5c1ff433f77b86f12357c7602b03a9935b11f56c3a5357aaa092b83a0550
251c124ce7404d935e9061d5939542d20ff18c34eb901c7c110276abcd9cd763
3a8ad4dbfffa6cb740366e228a6767454b1859309216e3a3b1e2ffb714087f23
402af9f51de0a03ab9f7648bbc979f1468e50cbc4d23b955737d45576790a55e
45e8aa7ebbca7aa7be5e368b6b3bbb80c5f10fdccadfe603d9126c151991d022
60e5b9f226bd4b00026f6fb027180ee7de99492942fae72aff3e4b9d1dc2d9ce
83f6d0a304a26b2bbd3305b9da3a2abfcc7de761c5289897c6106151b2653f13
84f8202fd49ee2b2d63840259ea75bcd7d1cfe9c5c8b9277b94a18bbeb355601
97ecd42dea3bc998c5efd456bc13e2c45c700fba1c581961ca1481676bf08b42
9d85d7354d1d601fc6565a1667b11131ce0672e9c54c788452c7b63ea3447e2b
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a416370f6f98339e7edf9fe2c70a45bf9cfba93c0520921db47d15c27934ba88
a4de061468970a198ee6903037a816a0cb079fc84d6ad61eda85ff750f4fdc7e
b1f890d22e6f88ffffad71061a82c6d49492f9a9c0a10633f6e8f0d2dc216300
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e0ccf147054a28abdb72469fd8cf73382d3d5ead5025f62c24648a2cb5421c08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50bbcaed0297558a1582ee004f53b4fd9f4d1b2df2240b69d411d566235d33d
ed5da797ad8338a0be7c260e24f9faa63b442a1a9fad5be48f0bcfb624a8d7e0
f79a125173bb6cefbbac05c2bb6712487907bf60ea66bc7272631cbd3d06a0ac
f884525eb150d4fbbaf6b49c0074baa744582ae9913ed773b4ee833d21f2caa1