ofrezz.com Open in urlscan Pro
44.202.14.139 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fernandoasilva.com/ads.google-3279nd9427ba03j/solve/
Effective URL:
http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
Submission: On August 26 via api (August 26th 2022, 7:46:52 pm UTC) from CA — Scanned from CA

Summary HTTP 21 Redirects Links 54 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 5 domains to perform 21 HTTP transactions. The main IP is 44.202.14.139, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ofrezz.com.

This is the only time ofrezz.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UPS (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.185.177.56 192.185.177.56	26337 (OIS1) (OIS1)
16	44.202.14.139 44.202.14.139	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:806::200a	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:27::... 2620:1ec:27::cafe:1841	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.177.241.160 52.177.241.160	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
21	4

1 192.185.177.56 (United States) 1 redirects

ASN26337 (OIS1, US)
PTR: br208-ip03.hostgator.com.br

fernandoasilva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 44.202.14.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-202-14-139.compute-1.amazonaws.com

ofrezz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:806::200a (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:27::cafe:1841 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

media-us1.digital.nuance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.177.241.160 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ups.inq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	ofrezz.com ofrezz.com	185 KB
3	nuance.com media-us1.digital.nuance.com — Cisco Umbrella Rank: 6512	309 KB
1	inq.com ups.inq.com — Cisco Umbrella Rank: 8021	549 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 286	30 KB
1	fernandoasilva.com 1 redirects fernandoasilva.com	179 B
21	5

	Domain	Requested by
16	ofrezz.com	ofrezz.com
3	media-us1.digital.nuance.com	ofrezz.com
1	ups.inq.com	ofrezz.com
1	ajax.googleapis.com	ofrezz.com
1	fernandoasilva.com	1 redirects
21	5

This site contains links to these domains. Also see Links.

Domain
www.ups.com
wwwapps.ups.com
www.pressroom.ups.com
www.investors.ups.com
www.jobs-ups.com
sustainability.ups.com
www.theupsstore.ca
upscapital.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.digital.nuance.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-10-12` - `2022-10-12`	a year	crt.sh
*.inq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-10-12` - `2022-10-12`	a year	crt.sh

This page contains 5 frames:

Primary Page: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
Frame ID: FE85F4E4A4C774FE052D1FD71F166D48
Requests: 17 HTTP requests in this frame

Frame: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/index_1.html
Frame ID: 857E696A680AD7A735D971FCA6A36759
Requests: 1 HTTP requests in this frame

Frame: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/index_2.html
Frame ID: 2A8C32DD33E48D37E0C61283C8C3B7CA
Requests: 1 HTTP requests in this frame

Frame: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/index_4.html
Frame ID: 02EF8D9E16115159922150BA9D9EA8FB
Requests: 1 HTTP requests in this frame

Frame: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/index_3.html
Frame ID: A022DFFA060F3CD79773BF6E6BC511D3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tracking | UPS - Canada

Page URL History Show full URLs

https://fernandoasilva.com/ads.google-3279nd9427ba03j/solve/ HTTP 302
http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/?... Page URL
http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/t... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

24 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

4
IPs

1
Countries

525 kB
Transfer

1254 kB
Size

1
Cookies

54 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ups.com/ca/en/service-alerts.page?id=alert1
Title: ... More

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/Home.page

Search URL Search Domain Scan URL

URL: https://www.ups.com/doapp/SignUp?loc=en_CA&ClientId=18&returnto=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_CA%26Requester%3Dlasso
Title: Sign up / Log in

Search URL Search Domain Scan URL

URL: https://www.ups.com/
Title: Alerts (1)

Search URL Search Domain Scan URL

URL: https://www.ups.com/dropoff?loc=en_CA
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/Home.page?loc=en_CA
Title: Canada - English

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/fr/Home.page?loc=fr_CA
Title: Canada - Français

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/global.page
Title: Select Another Country or Territory

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/get-started-with-ups.page
Title: Get Started with UPS

Search URL Search Domain Scan URL

URL: https://www.ups.com/ship?loc=en_CA
Title: Ship

Search URL Search Domain Scan URL

URL: https://wwwapps.ups.com/ctc/request?loc=en_CA
Title: Quote

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/w1-location-finder-page.page?quickStart=true&widget=locationFinder
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/billing-payment.page
Title: View & Pay Bill

Search URL Search Domain Scan URL

URL: https://www.ups.com/track?loc=en_CA
Title: Track & Track History

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/tracking/quantum-view.page
Title: Manage Inbound/Outbound Deliveries:Quantum View - for Large Enterprise Businesses

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/tracking.page
Title: Explore All Tracking

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/tracking/mychoice.page
Title: Explore Managing Home Deliveries

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/tracking/my-choice-for-business.page
Title: Explore Managing Business Deliveries

Search URL Search Domain Scan URL

URL: https://wwwapps.ups.com/pickup/schedule?loc=en_CA
Title: Schedule a Pickup

Search URL Search Domain Scan URL

URL: https://www.ups.com/marketplaceshipping/order?loc=en_CA
Title: Manage Online Orders: Marketplace Shipping

Search URL Search Domain Scan URL

URL: https://www.ups.com/uis/create?ActionOriginPair=CreateAReturn___StartSession&loc=en_CA
Title: Create a Return

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/shipping.page
Title: Explore All Shipping

Search URL Search Domain Scan URL

URL: https://www.ups.com/ship/history?loc=en_CA
Title: View Shipping History

Search URL Search Domain Scan URL

URL: https://www.ups.com/uis/create?ActionOriginPair=BatchImportPage___StartSession&loc=en_CA&WT.svl=SubNav
Title: Batch File Shipping

Search URL Search Domain Scan URL

URL: https://www.ups.com/uis/create?ActionOriginPair=CreateAnImport___StartSession&loc=en_CA
Title: Create Import:UPS Import Control

Search URL Search Domain Scan URL

URL: https://wwwapps.ups.com/tradeability?loc=en_CA
Title: International Toolset:UPS TradeAbility

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/shipping/international/services.page
Title: Service Guide

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/packaging-and-supplies.page
Title: Order Supplies

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services.page
Title: Discover UPS Services

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/shipping.page
Title: Shipping

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/billing.page
Title: Billing

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/international-shipping.page
Title: International Shipping

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/contract-logistics.page
Title: Contract Logistics

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/technology-integration.page
Title: Integrating UPS Technology

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/individual-shipper.page
Title: Individual Shipper

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/small-business.page
Title: Small Business

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-support-center.page
Title: Customer Support

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/get-started-with-ups.page
Title: Get Started with UPS

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/sri/tracking/change-delivery.page
Title: Change Delivery

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/claims-support.page
Title: Claims Support

Search URL Search Domain Scan URL

URL: https://wwwapps.ups.com/ppc/ppc.html?loc=en_CA#/profilePage
Title: My Profile

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/about.page
Title: About UPS

Search URL Search Domain Scan URL

URL: https://www.pressroom.ups.com/
Title: Media RelationsOpen the link in a new window

Search URL Search Domain Scan URL

URL: http://www.investors.ups.com/
Title: Investor RelationsOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://www.jobs-ups.com/location
Title: CareersOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://sustainability.ups.com/
Title: Sustainability & Community InvolvementOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://www.theupsstore.ca/
Title: The UPS StoreOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://upscapital.com/ca-en/
Title: UPS CapitalOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://www.instagram.com/UPS_Canada
Title: InstagramOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://twitter.com/UPS_Canada
Title: Twitter Open the link in a new window

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/legal-terms-conditions/fight-fraud.page
Title: Protect Against Fraud

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/legal-terms-conditions/service.page
Title: Service Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/legal-terms-conditions/website.page
Title: Website Terms of Use

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/legal-terms-conditions/privacy-notice.page
Title: Privacy NoticeOpen the link in a new window

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fernandoasilva.com/ads.google-3279nd9427ba03j/solve/ HTTP 302
http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/?email= Page URL
http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://fernandoasilva.com/ads.google-3279nd9427ba03j/solve/ HTTP 302
http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/?email=

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/
Redirect Chain

https://fernandoasilva.com/ads.google-3279nd9427ba03j/solve/
http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/?email=

169 B
547 B

96ms
61ms

Document
text/html

44.202.14.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/?email=
Protocol: HTTP/1.1
Server: 44.202.14.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-14-139.compute-1.amazonaws.com
Software: Apache /
Resource Hash: f4097c14052cb9c3fe1cbd40e41336b6c65f23a1afbd7f10d570a71dd5290b70

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 143
Content-Type: text/html; charset=UTF-8
Date: Fri, 26 Aug 2022 19:46:47 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 26 Aug 2022 19:46:47 GMT
location: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/?email=
referrer-policy: no-referrer-when-downgrade
server: Apache

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 69ms
21ms Script
text/javascript 2607:f8b0:4006:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/?email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://ofrezz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 18:27:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Aug 2023 18:27:16 GMT

GET
H/1.1 200
OK Primary Request track.html Show response
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ 63 KB
12 KB 25ms
25ms Document
text/html 44.202.14.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
Requested by: Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/?email=
Protocol: HTTP/1.1
Server: 44.202.14.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-14-139.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 277277282dbf9434397565ce1cfa388d5e31e933e71b76183bf2da851233a60f

Request headers

Referer: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/?email=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 11657
Content-Type: text/html
Date: Fri, 26 Aug 2022 19:46:47 GMT
ETag: "fd2b-5e729b4e2ef80-gzip"
Keep-Alive: timeout=2, max=99
Last-Modified: Fri, 26 Aug 2022 19:13:18 GMT
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK ups.vendor.54f3c2d83b58.css
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ 130 KB
20 KB 27ms
27ms Stylesheet
text/css 44.202.14.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ups.vendor.54f3c2d83b58.css
Requested by: Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
Protocol: HTTP/1.1
Server: 44.202.14.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-14-139.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 076902752ae5748c9a6a128021d95a1bddf6aac70390b3d07f4ae941571350fe

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 19:46:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 12:29:52 GMT
Server: Apache
ETag: "207b3-5b61b551eb000-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 20337

GET
H/1.1 200
OK ups.styles.bf03bcac6bc2.css
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ 97 KB
15 KB 57ms
33ms Stylesheet
text/css 44.202.14.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ups.styles.bf03bcac6bc2.css
Requested by: Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
Protocol: HTTP/1.1
Server: 44.202.14.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-14-139.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 1470a05848a4d88d02ee92bc8847a1dbf8b5c73644b05490eaa84fe9c1006feb

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 19:46:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Aug 2022 19:15:06 GMT
Server: Apache
ETag: "18413-5e729bb52e280-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 15419

GET
H/1.1 200
OK ups.modules.0cca12c805a5.css
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ 697 KB
77 KB 68ms
44ms Stylesheet
text/css 44.202.14.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ups.modules.0cca12c805a5.css
Requested by: Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
Protocol: HTTP/1.1
Server: 44.202.14.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-14-139.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 48f7242c1f337733da364fa545a3dd18f5601edd832b9fe1227f019a3325be9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 19:46:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Aug 2022 19:16:46 GMT
Server: Apache
ETag: "ae460-5e729c148c380-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100

GET
H/1.1 200
OK ups.widgets.6611168e8d14.css
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ 69 KB
9 KB 57ms
34ms Stylesheet
text/css 44.202.14.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ups.widgets.6611168e8d14.css
Requested by: Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
Protocol: HTTP/1.1
Server: 44.202.14.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-14-139.compute-1.amazonaws.com
Software: Apache /
Resource Hash: dca987a6fdf97b97b04fbcc2bff586ecd7637ace53b2e4e1bc4ef737ba900670

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 19:46:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 12:29:52 GMT
Server: Apache
ETag: "113a9-5b61b551eb000-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 8482

GET
H/1.1 200
OK ups.apps-utrk.5ebbdd.css
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ 74 KB
11 KB 54ms
31ms Stylesheet
text/css 44.202.14.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ups.apps-utrk.5ebbdd.css
Requested by: Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
Protocol: HTTP/1.1
Server: 44.202.14.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-14-139.compute-1.amazonaws.com
Software: Apache /
Resource Hash: f94d2ab358987555c99e0be52f450293ed78850f6c78f305b22f8327c4bc617f

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 19:46:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 12:29:52 GMT
Server: Apache
ETag: "1273b-5b61b551eb000-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 10781

GET
H/1.1 200
OK UPS_logo.svg
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ 2 KB
2 KB 51ms
23ms Image
image/svg+xml 44.202.14.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/UPS_logo.svg
Requested by: Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
Protocol: HTTP/1.1
Server: 44.202.14.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-14-139.compute-1.amazonaws.com
Software: Apache /
Resource Hash: b6f911ba8158fafaac0e01b5c737957f9a334697c5fd7d935a68795e9d9e1c00

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 19:46:48 GMT
Last-Modified: Thu, 10 Dec 2020 12:29:52 GMT
Server: Apache
ETag: "870-5b61b551eb000"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 2160

GET
H/1.1 200
OK icp.gif
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ 43 B
309 B 24ms
23ms Image
image/gif 44.202.14.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/icp.gif
Requested by: Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
Protocol: HTTP/1.1
Server: 44.202.14.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-14-139.compute-1.amazonaws.com
Software: Apache /
Resource Hash: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 19:46:48 GMT
Last-Modified: Thu, 10 Dec 2020 12:29:52 GMT
Server: Apache
ETag: "2b-5b61b551eb000"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=96
Content-Length: 43

GET
H/1.1 200
OK styles.7d4255341a2c49ba8357.bundle.css
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ 259 B
501 B 46ms
23ms Stylesheet
text/css 44.202.14.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/styles.7d4255341a2c49ba8357.bundle.css
Requested by: Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
Protocol: HTTP/1.1
Server: 44.202.14.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-14-139.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 0130f0f5a7d2a1791fa84865db5b7f9cdcac4b0a4fbe90fef182164b65c00343

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 19:46:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 12:29:52 GMT
Server: Apache
ETag: "103-5b61b551eb000-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 181

GET
H/1.1 200
OK index_1.html Show response
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ Frame 857E 167 B
473 B 40ms
27ms Document
text/html 44.202.14.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/index_1.html
Requested by: Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
Protocol: HTTP/1.1
Server: 44.202.14.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-14-139.compute-1.amazonaws.com
Software: Apache /
Resource Hash: eab4d56ac0ee5cd6a9981c73fb48e653839c1bf33169656e0137224c4c54ffaa

Request headers

Referer: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 154
Content-Type: text/html
Date: Fri, 26 Aug 2022 19:46:47 GMT
ETag: "a7-5b61b551eb000-gzip"
Keep-Alive: timeout=2, max=97
Last-Modified: Thu, 10 Dec 2020 12:29:52 GMT
Server: Apache
Vary: Accept-Encoding

GET
H2 200 InqFramework.js
media-us1.digital.nuance.com/media/launch/ci/ 0
191 KB 304ms
77ms Other
application/javascript 2620:1ec:27::cafe:1841
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/ci/InqFramework.js?codeVersion=1607582044799

Requested by

Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:27::cafe:1841 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://ofrezz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
samesite: Strict
x-azure-ref-originshield: 0kyIJYwAAAAAGxhEzOZ8SRLCQHcxVnOVPQ082QUEzMTUwODA3MDI1AGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
x-cache: TCP_HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Aug 2022 02:22:08 GMT
server: TouchCommerce Server
date: Fri, 26 Aug 2022 19:46:48 GMT
x-azure-ref: 0KCMJYwAAAAB2TRmx6U8HT7OWGHdQjwWAWVZSMzBFREdFMDMxOABjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
etag: "GLwYYmbPPKJ"
accept-ranges: bytes

GET
H2 200 pre-acif.js
ups.inq.com/tagserver/acif/ 0
549 B 153ms
40ms Other
application/javascript 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.inq.com/tagserver/acif/pre-acif.js

Requested by

Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://ofrezz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 19:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
samesite: Strict
server: TouchCommerce Server
etag: "CZNYrMxQHjq"
strict-transport-security: max-age=31536000; includeSubDomains
p3p: policyref="http://ups.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
cache-control: max-age=3600
last-modified: Wed, 17 Aug 2022 16:30:12 GMT
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-length: 139
x-xss-protection: 1; mode=block

GET
H2 200 acif.js
media-us1.digital.nuance.com/media/launch/acif/ 0
112 KB 528ms
301ms Other
application/javascript 2620:1ec:27::cafe:1841
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/acif/acif.js

Requested by

Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:27::cafe:1841 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://ofrezz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
samesite: Strict
x-azure-ref-originshield: 0MxcJYwAAAABnJRu/q89tSrYCyusLrjpiQ082QUEzMTUwODA4MDE3AGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
x-cache: TCP_HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Aug 2022 03:34:56 GMT
server: TouchCommerce Server
date: Fri, 26 Aug 2022 19:46:48 GMT
x-azure-ref: 0KCMJYwAAAAA7C4kzto9TSpk+S5ciaFTAWVZSMzBFREdFMDMxOABjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
etag: "87FezZLTtuS"
accept-ranges: bytes

GET
H2 200 acif-configs.js
media-us1.digital.nuance.com/media/sites/10005649/assets/automatons/ 0
6 KB 602ms
376ms Other
application/javascript 2620:1ec:27::cafe:1841
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/sites/10005649/assets/automatons/acif-configs.js

Requested by

Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:27::cafe:1841 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://ofrezz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
samesite: Strict
x-azure-ref-originshield: 0khsJYwAAAABp9dbsI8+rToYIzT0egLxwQ082QUEzMTUwODA4MDI1AGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
x-cache: TCP_HIT
vary: Accept-Encoding
content-length: 6059
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Feb 2021 16:01:12 GMT
server: TouchCommerce Server
date: Fri, 26 Aug 2022 19:46:48 GMT
x-azure-ref: 0KCMJYwAAAACZ/xSXRgreRYRlTIGmo/10WVZSMzBFREdFMDMxOABjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
etag: "6PC4fFQSc63"
accept-ranges: bytes

GET
H/1.1 200
OK 055096b75efc91eabeb7fa0fb14e24cd44ba71f4
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ 34 KB
34 KB 23ms
23ms Font
application/octet-stream 44.202.14.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/055096b75efc91eabeb7fa0fb14e24cd44ba71f4
Requested by: Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ups.styles.bf03bcac6bc2.css
Protocol: HTTP/1.1
Server: 44.202.14.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-14-139.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e94f926fe32bb1db75044f07af73ade28a728efe7b16fefdd59a064514cb1316

Request headers

Referer: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ups.styles.bf03bcac6bc2.css
Origin: http://ofrezz.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 19:46:48 GMT
Last-Modified: Thu, 10 Dec 2020 12:29:52 GMT
Server: Apache
ETag: "8794-5b61b551eb000"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 34708

GET
H/1.1 200
OK index_2.html Show response
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ Frame 2A8C 701 B
684 B 24ms
23ms Document
text/html 44.202.14.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/index_2.html
Requested by: Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
Protocol: HTTP/1.1
Server: 44.202.14.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-14-139.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 9653cc7c737d874e74d4529bf9da4f5906e068cfe7994aa2ae64e7fb537ed989

Request headers

Referer: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/track.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 364
Content-Type: text/html
Date: Fri, 26 Aug 2022 19:46:48 GMT
ETag: "2bd-5b61b551eb000-gzip"
Keep-Alive: timeout=2, max=98
Last-Modified: Thu, 10 Dec 2020 12:29:52 GMT
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK social.jpg
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ 882 B
1 KB 24ms
23ms Image
image/jpeg 44.202.14.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/social.jpg
Requested by: Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ups.modules.0cca12c805a5.css
Protocol: HTTP/1.1
Server: 44.202.14.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-14-139.compute-1.amazonaws.com
Software: Apache /
Resource Hash: a95cccb9b4b1b5b2d1d5a599c70662117e629c9525f2e9d9b9f1cd6a73052e5a

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ups.modules.0cca12c805a5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 19:46:48 GMT
Last-Modified: Thu, 10 Dec 2020 12:29:52 GMT
Server: Apache
ETag: "372-5b61b551eb000"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=95
Content-Length: 882

GET
H/1.1 200
OK index_4.html Show response
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ Frame 02EF 241 B
521 B 24ms
23ms Document
text/html 44.202.14.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/index_4.html
Requested by: Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/index_2.html
Protocol: HTTP/1.1
Server: 44.202.14.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-14-139.compute-1.amazonaws.com
Software: Apache /
Resource Hash: c694ec1f7a48dd18d33f0750a9de65ae44859aa54a9db8e25e98d7bbb1ff14cf

Request headers

Referer: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/index_2.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 202
Content-Type: text/html
Date: Fri, 26 Aug 2022 19:46:48 GMT
ETag: "f1-5b61b551eb000-gzip"
Keep-Alive: timeout=2, max=94
Last-Modified: Thu, 10 Dec 2020 12:29:52 GMT
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK index_3.html Show response
ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/ Frame A022 327 B
564 B 24ms
23ms Document
text/html 44.202.14.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/index_3.html
Requested by: Host: ofrezz.com
URL: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/index_2.html
Protocol: HTTP/1.1
Server: 44.202.14.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-202-14-139.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 2d9668f6f97ac0527e0635f052d73111bf1119d4671b22f99076d504bd195779

Request headers

Referer: http://ofrezz.com/wp-content/plugins/wp-mail-smtp/src/track.ups.ca/services/information.page/index_2.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 244
Content-Type: text/html
Date: Fri, 26 Aug 2022 19:46:48 GMT
ETag: "147-5b61b551eb000-gzip"
Keep-Alive: timeout=2, max=97
Last-Modified: Thu, 10 Dec 2020 12:29:52 GMT
Server: Apache
Vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UPS (Transportation)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ofrezz.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: crditjis2934q9rh9v81hl120b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fernandoasilva.com
media-us1.digital.nuance.com
ofrezz.com
ups.inq.com
192.185.177.56
2607:f8b0:4006:806::200a
2620:1ec:27::cafe:1841
44.202.14.139
52.177.241.160
0130f0f5a7d2a1791fa84865db5b7f9cdcac4b0a4fbe90fef182164b65c00343
076902752ae5748c9a6a128021d95a1bddf6aac70390b3d07f4ae941571350fe
1470a05848a4d88d02ee92bc8847a1dbf8b5c73644b05490eaa84fe9c1006feb
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
277277282dbf9434397565ce1cfa388d5e31e933e71b76183bf2da851233a60f
2d9668f6f97ac0527e0635f052d73111bf1119d4671b22f99076d504bd195779
48f7242c1f337733da364fa545a3dd18f5601edd832b9fe1227f019a3325be9e
9653cc7c737d874e74d4529bf9da4f5906e068cfe7994aa2ae64e7fb537ed989
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a95cccb9b4b1b5b2d1d5a599c70662117e629c9525f2e9d9b9f1cd6a73052e5a
b6f911ba8158fafaac0e01b5c737957f9a334697c5fd7d935a68795e9d9e1c00
c694ec1f7a48dd18d33f0750a9de65ae44859aa54a9db8e25e98d7bbb1ff14cf
dca987a6fdf97b97b04fbcc2bff586ecd7637ace53b2e4e1bc4ef737ba900670
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94f926fe32bb1db75044f07af73ade28a728efe7b16fefdd59a064514cb1316
eab4d56ac0ee5cd6a9981c73fb48e653839c1bf33169656e0137224c4c54ffaa
f4097c14052cb9c3fe1cbd40e41336b6c65f23a1afbd7f10d570a71dd5290b70
f94d2ab358987555c99e0be52f450293ed78850f6c78f305b22f8327c4bc617f

ofrezz.com Open in urlscan Pro 44.202.14.139 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

24 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

4 IPs

1 Countries

525 kBTransfer

1254 kBSize

1 Cookies

54 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

1 Cookies

Indicators

ofrezz.com Open in urlscan Pro
44.202.14.139 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

24 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

4
IPs

1
Countries

525 kB
Transfer

1254 kB
Size

1
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!