ofrezz.com
Open in
urlscan Pro
44.202.14.139
Malicious Activity!
Public Scan
Effective URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
Submission: On August 26 via api from CA — Scanned from CA
Summary
This is the only time ofrezz.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UPS (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 192.185.177.56 192.185.177.56 | 26337 (OIS1) (OIS1) | |
16 | 44.202.14.139 44.202.14.139 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:806::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2620:1ec:27::... 2620:1ec:27::cafe:1841 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 52.177.241.160 52.177.241.160 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
21 | 4 |
ASN26337 (OIS1, US)
PTR: br208-ip03.hostgator.com.br
fernandoasilva.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-202-14-139.compute-1.amazonaws.com
ofrezz.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
media-us1.digital.nuance.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
ofrezz.com
ofrezz.com |
185 KB |
3 |
nuance.com
media-us1.digital.nuance.com — Cisco Umbrella Rank: 6512 |
309 KB |
1 |
inq.com
ups.inq.com — Cisco Umbrella Rank: 8021 |
549 B |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 286 |
30 KB |
1 |
fernandoasilva.com
1 redirects
fernandoasilva.com |
179 B |
21 | 5 |
Domain | Requested by | |
---|---|---|
16 | ofrezz.com |
ofrezz.com
|
3 | media-us1.digital.nuance.com |
ofrezz.com
|
1 | ups.inq.com |
ofrezz.com
|
1 | ajax.googleapis.com |
ofrezz.com
|
1 | fernandoasilva.com | 1 redirects |
21 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.ups.com |
wwwapps.ups.com |
www.pressroom.ups.com |
www.investors.ups.com |
www.jobs-ups.com |
sustainability.ups.com |
www.theupsstore.ca |
upscapital.com |
www.instagram.com |
twitter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
*.digital.nuance.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2021-10-12 - 2022-10-12 |
a year | crt.sh |
*.inq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2021-10-12 - 2022-10-12 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
Frame ID: FE85F4E4A4C774FE052D1FD71F166D48
Requests: 17 HTTP requests in this frame
Frame:
http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/index_1.html
Frame ID: 857E696A680AD7A735D971FCA6A36759
Requests: 1 HTTP requests in this frame
Frame:
http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/index_2.html
Frame ID: 2A8C32DD33E48D37E0C61283C8C3B7CA
Requests: 1 HTTP requests in this frame
Frame:
http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/index_4.html
Frame ID: 02EF8D9E16115159922150BA9D9EA8FB
Requests: 1 HTTP requests in this frame
Frame:
http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/index_3.html
Frame ID: A022DFFA060F3CD79773BF6E6BC511D3
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Tracking | UPS - CanadaPage URL History Show full URLs
-
https://fernandoasilva.com/ads.google-3279nd9427ba03j/solve/
HTTP 302
http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/?... Page URL
- http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/t... Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
54 Outgoing links
These are links going to different origins than the main page.
Title: ... More
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Sign up / Log in
Search URL Search Domain Scan URL
Title: Alerts (1)
Search URL Search Domain Scan URL
Title: Locations
Search URL Search Domain Scan URL
Title: Canada - English
Search URL Search Domain Scan URL
Title: Canada - Français
Search URL Search Domain Scan URL
Title: Select Another Country or Territory
Search URL Search Domain Scan URL
Title: Get Started with UPS
Search URL Search Domain Scan URL
Title: Ship
Search URL Search Domain Scan URL
Title: Quote
Search URL Search Domain Scan URL
Title: Locations
Search URL Search Domain Scan URL
Title: View & Pay Bill
Search URL Search Domain Scan URL
Title: Track & Track History
Search URL Search Domain Scan URL
Title: Manage Inbound/Outbound Deliveries:Quantum View - for Large Enterprise Businesses
Search URL Search Domain Scan URL
Title: Explore All Tracking
Search URL Search Domain Scan URL
Title: Explore Managing Home Deliveries
Search URL Search Domain Scan URL
Title: Explore Managing Business Deliveries
Search URL Search Domain Scan URL
Title: Schedule a Pickup
Search URL Search Domain Scan URL
Title: Manage Online Orders: Marketplace Shipping
Search URL Search Domain Scan URL
Title: Create a Return
Search URL Search Domain Scan URL
Title: Explore All Shipping
Search URL Search Domain Scan URL
Title: View Shipping History
Search URL Search Domain Scan URL
Title: Batch File Shipping
Search URL Search Domain Scan URL
Title: Create Import:UPS Import Control
Search URL Search Domain Scan URL
Title: International Toolset:UPS TradeAbility
Search URL Search Domain Scan URL
Title: Service Guide
Search URL Search Domain Scan URL
Title: Order Supplies
Search URL Search Domain Scan URL
Title: Discover UPS Services
Search URL Search Domain Scan URL
Title: Shipping
Search URL Search Domain Scan URL
Title: Billing
Search URL Search Domain Scan URL
Title: International Shipping
Search URL Search Domain Scan URL
Title: Contract Logistics
Search URL Search Domain Scan URL
Title: Integrating UPS Technology
Search URL Search Domain Scan URL
Title: Individual Shipper
Search URL Search Domain Scan URL
Title: Small Business
Search URL Search Domain Scan URL
Title: Customer Support
Search URL Search Domain Scan URL
Title: Get Started with UPS
Search URL Search Domain Scan URL
Title: Change Delivery
Search URL Search Domain Scan URL
Title: Claims Support
Search URL Search Domain Scan URL
Title: My Profile
Search URL Search Domain Scan URL
Title: About UPS
Search URL Search Domain Scan URL
Title: Media RelationsOpen the link in a new window
Search URL Search Domain Scan URL
Title: Investor RelationsOpen the link in a new window
Search URL Search Domain Scan URL
Title: CareersOpen the link in a new window
Search URL Search Domain Scan URL
Title: Sustainability & Community InvolvementOpen the link in a new window
Search URL Search Domain Scan URL
Title: The UPS StoreOpen the link in a new window
Search URL Search Domain Scan URL
Title: UPS CapitalOpen the link in a new window
Search URL Search Domain Scan URL
Title: InstagramOpen the link in a new window
Search URL Search Domain Scan URL
Title: Twitter Open the link in a new window
Search URL Search Domain Scan URL
Title: Protect Against Fraud
Search URL Search Domain Scan URL
Title: Service Terms and Conditions
Search URL Search Domain Scan URL
Title: Website Terms of Use
Search URL Search Domain Scan URL
Title: Privacy NoticeOpen the link in a new window
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://fernandoasilva.com/ads.google-3279nd9427ba03j/solve/
HTTP 302
http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/?email= Page URL
- http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://fernandoasilva.com/ads.google-3279nd9427ba03j/solve/ HTTP 302
- http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/?email=
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ Redirect Chain
|
169 B 547 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
track.html
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ |
63 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ups.vendor.54f3c2d83b58.css
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ |
130 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ups.styles.bf03bcac6bc2.css
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ |
97 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ups.modules.0cca12c805a5.css
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ |
697 KB 77 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ups.widgets.6611168e8d14.css
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ |
69 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ups.apps-utrk.5ebbdd.css
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ |
74 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
UPS_logo.svg
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icp.gif
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ |
43 B 309 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.7d4255341a2c49ba8357.bundle.css
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ |
259 B 501 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index_1.html
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ Frame 857E |
167 B 473 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
InqFramework.js
media-us1.digital.nuance.com/media/launch/ci/ |
0 191 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pre-acif.js
ups.inq.com/tagserver/acif/ |
0 549 B |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
acif.js
media-us1.digital.nuance.com/media/launch/acif/ |
0 112 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
acif-configs.js
media-us1.digital.nuance.com/media/sites/10005649/assets/automatons/ |
0 6 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
055096b75efc91eabeb7fa0fb14e24cd44ba71f4
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ |
34 KB 34 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index_2.html
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ Frame 2A8C |
701 B 684 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
social.jpg
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ |
882 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index_4.html
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ Frame 02EF |
241 B 521 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index_3.html
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ Frame A022 |
327 B 564 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UPS (Transportation)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ofrezz.com/ | Name: PHPSESSID Value: crditjis2934q9rh9v81hl120b |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
fernandoasilva.com
media-us1.digital.nuance.com
ofrezz.com
ups.inq.com
192.185.177.56
2607:f8b0:4006:806::200a
2620:1ec:27::cafe:1841
44.202.14.139
52.177.241.160
0130f0f5a7d2a1791fa84865db5b7f9cdcac4b0a4fbe90fef182164b65c00343
076902752ae5748c9a6a128021d95a1bddf6aac70390b3d07f4ae941571350fe
1470a05848a4d88d02ee92bc8847a1dbf8b5c73644b05490eaa84fe9c1006feb
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
277277282dbf9434397565ce1cfa388d5e31e933e71b76183bf2da851233a60f
2d9668f6f97ac0527e0635f052d73111bf1119d4671b22f99076d504bd195779
48f7242c1f337733da364fa545a3dd18f5601edd832b9fe1227f019a3325be9e
9653cc7c737d874e74d4529bf9da4f5906e068cfe7994aa2ae64e7fb537ed989
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a95cccb9b4b1b5b2d1d5a599c70662117e629c9525f2e9d9b9f1cd6a73052e5a
b6f911ba8158fafaac0e01b5c737957f9a334697c5fd7d935a68795e9d9e1c00
c694ec1f7a48dd18d33f0750a9de65ae44859aa54a9db8e25e98d7bbb1ff14cf
dca987a6fdf97b97b04fbcc2bff586ecd7637ace53b2e4e1bc4ef737ba900670
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94f926fe32bb1db75044f07af73ade28a728efe7b16fefdd59a064514cb1316
eab4d56ac0ee5cd6a9981c73fb48e653839c1bf33169656e0137224c4c54ffaa
f4097c14052cb9c3fe1cbd40e41336b6c65f23a1afbd7f10d570a71dd5290b70
f94d2ab358987555c99e0be52f450293ed78850f6c78f305b22f8327c4bc617f