tracking-1z18aa639364847undeliverypackageups.com Open in urlscan Pro
162.210.100.196 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tracking-1z18aa639364847undeliverypackageups.com/
Effective URL:
http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizL...
Submission: On January 31 via api (January 31st 2024, 6:05:05 pm UTC) from GB — Scanned from GB

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 162.210.100.196, located in United States and belongs to STEADFAST, US. The main domain is tracking-1z18aa639364847undeliverypackageups.com.

This is the only time tracking-1z18aa639364847undeliverypackageups.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UPS (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
2 16	162.210.100.196 162.210.100.196		32748 (STEADFAST) (STEADFAST)
14	2

16 162.210.100.196 (United States) 2 redirects

ASN32748 (STEADFAST, US)
PTR: setting.siedenpuns.com

tracking-1z18aa639364847undeliverypackageups.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	tracking-1z18aa639364847undeliverypackageups.com 2 redirects tracking-1z18aa639364847undeliverypackageups.com	2 MB
14	1

	Domain	Requested by
16	tracking-1z18aa639364847undeliverypackageups.com	2 redirects tracking-1z18aa639364847undeliverypackageups.com
14	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak
Frame ID: B0601ACD535CFA065576E83E3FFA10E6
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tracking | UPS - United States

Page URL History Show full URLs

http://tracking-1z18aa639364847undeliverypackageups.com/ HTTP 302
http://tracking-1z18aa639364847undeliverypackageups.com/main.php HTTP 302
http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8... Page URL

Page Statistics

14
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1692 kB
Transfer

1689 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tracking-1z18aa639364847undeliverypackageups.com/ HTTP 302
http://tracking-1z18aa639364847undeliverypackageups.com/main.php HTTP 302
http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Details Show response tracking-1z18aa639364847undeliverypackageups.com/ Redirect Chain http://tracking-1z18aa639364847undeliverypackageups.com/ http://tracking-1z18aa639364847undeliverypackageups.com/main.php http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880...	41 KB 41 KB	197ms 192ms	Document text/html	162.210.100.196 STEADFAST
General Check archive.org Show headers Download Go to Full URL http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak Protocol HTTP/1.1 Server 162.210.100.196 , United States, ASN32748 (STEADFAST, US), Reverse DNS setting.siedenpuns.com Software Apache / Resource Hash `fa971263e7e2c2032cfe105de2e09ce530396a5250f1424c1a3d512d33d25e09` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. accept-language en-GB,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Wed, 31 Jan 2024 18:04:54 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=98 Pragma no-cache Server Apache Transfer-Encoding chunked Redirect headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Wed, 31 Jan 2024 18:04:53 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=99 Pragma no-cache Server Apache Transfer-Encoding chunked location Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak
GET H/1.1	200 OK	ups_006.css tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/	102 KB 102 KB	144ms 143ms	Stylesheet text/css	162.210.100.196 STEADFAST
General Check archive.org Show headers Download Go to Full URL http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/ups_006.css Requested by Host: tracking-1z18aa639364847undeliverypackageups.com URL: http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak Protocol HTTP/1.1 Server 162.210.100.196 , United States, ASN32748 (STEADFAST, US), Reverse DNS setting.siedenpuns.com Software Apache / Resource Hash `2b0994395d1265e32bcd41b1a1faaf9d584dab7814646c2224a75b3aee8fbe0e` Request headers accept-language en-GB,en;q=0.9 Referer http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers Date Wed, 31 Jan 2024 18:04:54 GMT Last-Modified Tue, 05 Dec 2023 04:06:56 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 104491
GET H/1.1	200 OK	ups_005.css tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/	231 KB 232 KB	322ms 194ms	Stylesheet text/css	162.210.100.196 STEADFAST
General Check archive.org Show headers Download Go to Full URL http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/ups_005.css Requested by Host: tracking-1z18aa639364847undeliverypackageups.com URL: http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak Protocol HTTP/1.1 Server 162.210.100.196 , United States, ASN32748 (STEADFAST, US), Reverse DNS setting.siedenpuns.com Software Apache / Resource Hash `c0c6fa3666308cd53422b2390a847252024465dae30b3a818b0dacede485bdde` Request headers accept-language en-GB,en;q=0.9 Referer http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers Date Wed, 31 Jan 2024 18:04:54 GMT Last-Modified Tue, 05 Dec 2023 04:06:56 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 237006
GET H/1.1	200 OK	ups_003.css tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/	741 KB 741 KB	445ms 317ms	Stylesheet text/css	162.210.100.196 STEADFAST
General Check archive.org Show headers Download Go to Full URL http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/ups_003.css Requested by Host: tracking-1z18aa639364847undeliverypackageups.com URL: http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak Protocol HTTP/1.1 Server 162.210.100.196 , United States, ASN32748 (STEADFAST, US), Reverse DNS setting.siedenpuns.com Software Apache / Resource Hash `2304349fbcf171b2c20205998a4fd8792765a1ba9a9ce02dd16d74f1a33a7418` Request headers accept-language en-GB,en;q=0.9 Referer http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers Date Wed, 31 Jan 2024 18:04:54 GMT Last-Modified Tue, 05 Dec 2023 04:06:56 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 758815
GET H/1.1	200 OK	ups.css tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/	69 KB 70 KB	323ms 193ms	Stylesheet text/css	162.210.100.196 STEADFAST
General Check archive.org Show headers Download Go to Full URL http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/ups.css Requested by Host: tracking-1z18aa639364847undeliverypackageups.com URL: http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak Protocol HTTP/1.1 Server 162.210.100.196 , United States, ASN32748 (STEADFAST, US), Reverse DNS setting.siedenpuns.com Software Apache / Resource Hash `d98835978aaf8b44c47da4452bce0189666cc5b751fb2cc914c869241f17d5a6` Request headers accept-language en-GB,en;q=0.9 Referer http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers Date Wed, 31 Jan 2024 18:04:54 GMT Last-Modified Tue, 05 Dec 2023 04:06:56 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 70977
GET H/1.1	200 OK	ups_002.css tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/	75 KB 75 KB	318ms 181ms	Stylesheet text/css	162.210.100.196 STEADFAST
General Check archive.org Show headers Download Go to Full URL http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/ups_002.css Requested by Host: tracking-1z18aa639364847undeliverypackageups.com URL: http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak Protocol HTTP/1.1 Server 162.210.100.196 , United States, ASN32748 (STEADFAST, US), Reverse DNS setting.siedenpuns.com Software Apache / Resource Hash `c794d0fce9f9f6218cc78289f0380d7bd15baf1d27d2161fc8cff521c6de31d0` Request headers accept-language en-GB,en;q=0.9 Referer http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers Date Wed, 31 Jan 2024 18:04:54 GMT Last-Modified Tue, 05 Dec 2023 04:06:56 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 76336
GET H/1.1	200 OK	ups_004.css tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/	103 KB 103 KB	408ms 148ms	Stylesheet text/css	162.210.100.196 STEADFAST
General Check archive.org Show headers Download Go to Full URL http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/ups_004.css Requested by Host: tracking-1z18aa639364847undeliverypackageups.com URL: http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak Protocol HTTP/1.1 Server 162.210.100.196 , United States, ASN32748 (STEADFAST, US), Reverse DNS setting.siedenpuns.com Software Apache / Resource Hash `b5bdd67f7bc46128b2092d875aaa9833d7f9652ddcc237e9c91ab8d5e6dab6f8` Request headers accept-language en-GB,en;q=0.9 Referer http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers Date Wed, 31 Jan 2024 18:04:54 GMT Last-Modified Tue, 05 Dec 2023 04:06:56 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 105607
GET H/1.1	200 OK	css.css tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/	7 KB 7 KB	853ms 138ms	Stylesheet text/css	162.210.100.196 STEADFAST
General Check archive.org Show headers Download Go to Full URL http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/css.css Requested by Host: tracking-1z18aa639364847undeliverypackageups.com URL: http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak Protocol HTTP/1.1 Server 162.210.100.196 , United States, ASN32748 (STEADFAST, US), Reverse DNS setting.siedenpuns.com Software Apache / Resource Hash `d7c386848e3e41f2e3c8f38613bb8c456a710c2159e20f8466e0b23e0e50015e` Request headers accept-language en-GB,en;q=0.9 Referer http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers Date Wed, 31 Jan 2024 18:04:55 GMT Last-Modified Tue, 05 Dec 2023 04:06:56 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 6828
GET H/1.1	200 OK	styles.css tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/	228 B 468 B	941ms 139ms	Stylesheet text/css	162.210.100.196 STEADFAST
General Check archive.org Show headers Download Go to Full URL http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/styles.css Requested by Host: tracking-1z18aa639364847undeliverypackageups.com URL: http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak Protocol HTTP/1.1 Server 162.210.100.196 , United States, ASN32748 (STEADFAST, US), Reverse DNS setting.siedenpuns.com Software Apache / Resource Hash `21035d440edbc1425b5114c3cc967ad9027c5dba7f89ecc3d677ed4f5dfd6dab` Request headers accept-language en-GB,en;q=0.9 Referer http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers Date Wed, 31 Jan 2024 18:04:55 GMT Last-Modified Tue, 05 Dec 2023 04:06:56 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 228
GET H/1.1	200 OK	UPS_logo.svg tracking-1z18aa639364847undeliverypackageups.com/us_assetz/img/	2 KB 2 KB	138ms 138ms	Image image/svg+xml	162.210.100.196 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/img/UPS_logo.svg Requested by Host: tracking-1z18aa639364847undeliverypackageups.com URL: http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak Protocol HTTP/1.1 Server 162.210.100.196 , United States, ASN32748 (STEADFAST, US), Reverse DNS setting.siedenpuns.com Software Apache / Resource Hash `a416370f6f98339e7edf9fe2c70a45bf9cfba93c0520921db47d15c27934ba88` Request headers accept-language en-GB,en;q=0.9 Referer http://tracking-1z18aa639364847undeliverypackageups.com/Details?sslchannel=true&sessionid=6IMIHXwGdm3BDkOL3q2N70VDnGpTDGi09LFMv5lpS8H9Q1PXmNBv8RTakjgizLN81vuMxnkx5xcByDVhOhXH72ERElYytQcGb7vxOlAv880ONutOmItcNKZMmTrKTuN5ak User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers Date Wed, 31 Jan 2024 18:04:55 GMT Last-Modified Tue, 05 Dec 2023 04:06:56 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 2162
GET H/1.1	200 OK	Roboto-Regular.woff tracking-1z18aa639364847undeliverypackageups.com/us_assetz/fonts/	92 KB 92 KB	147ms 147ms	Font font/woff	162.210.100.196 STEADFAST
General Check archive.org Show headers Download Go to Full URL http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/fonts/Roboto-Regular.woff Requested by Host: tracking-1z18aa639364847undeliverypackageups.com URL: http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/ups_005.css Protocol HTTP/1.1 Server 162.210.100.196 , United States, ASN32748 (STEADFAST, US), Reverse DNS setting.siedenpuns.com Software Apache / Resource Hash `c511a38838f14cd23a3e2a7c7c9b7f2864a2a6b9e548053bb71b432a677966e2` Request headers Referer http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/ups_005.css Origin http://tracking-1z18aa639364847undeliverypackageups.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers Date Wed, 31 Jan 2024 18:04:59 GMT Last-Modified Tue, 05 Dec 2023 04:06:56 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 93784
GET DATA	200 OK	truncated /	36 KB 36 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a48e55eba408d92c3a2653ca845937678c75eabe60cad691debf89c0a2b94872` Request headers Referer http://tracking-1z18aa639364847undeliverypackageups.com/ Origin http://tracking-1z18aa639364847undeliverypackageups.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers Content-Type application/x-font-woff;charset=utf-8
GET H/1.1	200 OK	Roboto-Medium.woff tracking-1z18aa639364847undeliverypackageups.com/us_assetz/fonts/	92 KB 92 KB	169ms 168ms	Font font/woff	162.210.100.196 STEADFAST
General Check archive.org Show headers Download Go to Full URL http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/fonts/Roboto-Medium.woff Requested by Host: tracking-1z18aa639364847undeliverypackageups.com URL: http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/ups_005.css Protocol HTTP/1.1 Server 162.210.100.196 , United States, ASN32748 (STEADFAST, US), Reverse DNS setting.siedenpuns.com Software Apache / Resource Hash `4f543ad26c42709ef00a1921f7dd1aa27a1930a354ecb353196665e43dac3706` Request headers Referer http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/ups_005.css Origin http://tracking-1z18aa639364847undeliverypackageups.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers Date Wed, 31 Jan 2024 18:04:59 GMT Last-Modified Tue, 05 Dec 2023 04:06:56 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 94364
GET H/1.1	200 OK	Roboto-Italic.woff tracking-1z18aa639364847undeliverypackageups.com/us_assetz/fonts/	97 KB 97 KB	158ms 158ms	Font font/woff	162.210.100.196 STEADFAST
General Check archive.org Show headers Download Go to Full URL http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/fonts/Roboto-Italic.woff Requested by Host: tracking-1z18aa639364847undeliverypackageups.com URL: http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/ups_005.css Protocol HTTP/1.1 Server 162.210.100.196 , United States, ASN32748 (STEADFAST, US), Reverse DNS setting.siedenpuns.com Software Apache / Resource Hash `a3ebbe5cccfbabf1e67669b3dc6dc3792f55cf0153bc6f99a39a8d6328c24b98` Request headers Referer http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/ups_005.css Origin http://tracking-1z18aa639364847undeliverypackageups.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers Date Wed, 31 Jan 2024 18:04:59 GMT Last-Modified Tue, 05 Dec 2023 04:06:56 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 99428
GET H/1.1	404 Not Found	social.jpg tracking-1z18aa639364847undeliverypackageups.com/assets/resources/images/	315 B 315 B	139ms 138ms	Image text/html	162.210.100.196 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL http://tracking-1z18aa639364847undeliverypackageups.com/assets/resources/images/social.jpg Requested by Host: tracking-1z18aa639364847undeliverypackageups.com URL: http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/ups_003.css Protocol HTTP/1.1 Server 162.210.100.196 , United States, ASN32748 (STEADFAST, US), Reverse DNS setting.siedenpuns.com Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers accept-language en-GB,en;q=0.9 Referer http://tracking-1z18aa639364847undeliverypackageups.com/us_assetz/css/ups_003.css User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36. Response headers Date Wed, 31 Jan 2024 18:05:05 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UPS (Transportation)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			tracking-1z18aa639364847undeliverypackageups.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: b8e06fb958dc08923cf8491981039e69

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://tracking-1z18aa639364847undeliverypackageups.com/assets/resources/images/social.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

tracking-1z18aa639364847undeliverypackageups.com
162.210.100.196
21035d440edbc1425b5114c3cc967ad9027c5dba7f89ecc3d677ed4f5dfd6dab
2304349fbcf171b2c20205998a4fd8792765a1ba9a9ce02dd16d74f1a33a7418
2b0994395d1265e32bcd41b1a1faaf9d584dab7814646c2224a75b3aee8fbe0e
4f543ad26c42709ef00a1921f7dd1aa27a1930a354ecb353196665e43dac3706
a3ebbe5cccfbabf1e67669b3dc6dc3792f55cf0153bc6f99a39a8d6328c24b98
a416370f6f98339e7edf9fe2c70a45bf9cfba93c0520921db47d15c27934ba88
a48e55eba408d92c3a2653ca845937678c75eabe60cad691debf89c0a2b94872
b5bdd67f7bc46128b2092d875aaa9833d7f9652ddcc237e9c91ab8d5e6dab6f8
c0c6fa3666308cd53422b2390a847252024465dae30b3a818b0dacede485bdde
c511a38838f14cd23a3e2a7c7c9b7f2864a2a6b9e548053bb71b432a677966e2
c794d0fce9f9f6218cc78289f0380d7bd15baf1d27d2161fc8cff521c6de31d0
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d7c386848e3e41f2e3c8f38613bb8c456a710c2159e20f8466e0b23e0e50015e
d98835978aaf8b44c47da4452bce0189666cc5b751fb2cc914c869241f17d5a6
fa971263e7e2c2032cfe105de2e09ce530396a5250f1424c1a3d512d33d25e09

tracking-1z18aa639364847undeliverypackageups.com Open in urlscan Pro 162.210.100.196 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

1692 kBTransfer

1689 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

tracking-1z18aa639364847undeliverypackageups.com Open in urlscan Pro
162.210.100.196 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1692 kB
Transfer

1689 kB
Size

1
Cookies

14 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!