urlscan.io logo urlscan.io
SecurityTrails logo

ups.ma Open in urlscan Pro
95.216.33.54  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ups.ma/
Effective URL: http://ups.ma/ups/ma/fr/Home.html
Submission: On September 12 via manual from MA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 8 domains to perform 35 HTTP transactions. The main IP is 95.216.33.54, located in Finland and belongs to HETZNER-AS, DE. The main domain is ups.ma.
This is the only time ups.ma was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UPS (Transportation)

Domain & IP information

IP Address AS Autonomous System
1 21 95.216.33.54 24940 (HETZNER-AS)
3 23.210.249.165 16625 (AKAMAI-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
3 104.111.215.136 16625 (AKAMAI-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.194.111.119 16509 (AMAZON-02)
35 11
21    95.216.33.54 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: shuriken.nindohost.net
ups.ma
3    23.210.249.165 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-165.deploy.static.akamaitechnologies.com
www.ups.com
1    2a02:26f0:6c00:291::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
s.go-mpulse.net
1    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    104.111.215.136 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-136.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    2a02:26f0:6c00:192::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
c.go-mpulse.net
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s.ytimg.com
1    2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    54.194.111.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-111-119.eu-west-1.compute.amazonaws.com
ups.tt.omtrdc.net
Domain Requested by
21 ups.ma 1 redirects ups.ma
www.ups.com
3 tags.tiqcdn.com ups.ma
3 www.ups.com ups.ma
2 www.googletagmanager.com ups.ma
1 ups.tt.omtrdc.net ups.ma
1 s.ytimg.com www.youtube.com
1 c.go-mpulse.net s.go-mpulse.net
1 www.youtube.com ups.ma
1 s.go-mpulse.net ups.ma
35 9
Subject Issuer Validity Valid
www.ups.com
COMODO RSA Organization Validation Secure Server CA		 2020-05-29 -
2022-05-29		 2 years crt.sh
akstat.io
DigiCert Secure Site ECC CA-1		 2020-05-06 -
2021-08-05		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://ups.ma/ups/ma/fr/Home.html
Frame ID: F56CC777A115CCB8C5532630E3E1F50D
Requests: 34 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/TADEN-6MDCS-UHH5M-YHPKQ-2GBH3
Frame ID: AEBF43C304497C354C4D0C1E1D01342B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ups.ma/ HTTP 301
    http://ups.ma/ups/ma/fr/Home.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Page Statistics

35
Requests

26 %
HTTPS

60 %
IPv6

8
Domains

9
Subdomains

11
IPs

5
Countries

3199 kB
Transfer

3593 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ups.ma/ HTTP 301
    http://ups.ma/ups/ma/fr/Home.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • http://www.googletagmanager.com/gtag/js?id=DC-9635422&l=dataLayer&cx=c HTTP 307
  • https://www.googletagmanager.com/gtag/js?id=DC-9635422&l=dataLayer&cx=c

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Home.html
ups.ma/ups/ma/fr/
Redirect Chain
  • http://ups.ma/
  • http://ups.ma/ups/ma/fr/Home.html
62 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
bf93926297103d1604a31ad2ca75d46d9e9b73531a45c60b5dc08eab9fd85b33

Request headers

Host
ups.ma
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Server
Apache
Last-Modified
Mon, 15 Jun 2020 18:12:29 GMT
Accept-Ranges
bytes
Content-Length
63982
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Date
Sat, 12 Sep 2020 10:23:38 GMT
Server
Apache
Location
http://ups.ma/ups/ma/fr/Home.html
Content-Length
241
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
utag.sync.js
ups.ma/tags.tiqcdn.com/utag/ups/maestro/prod/ 		152 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ups.ma/tags.tiqcdn.com/utag/ups/maestro/prod/utag.sync.js
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
65636af75cdb02b535e2801eec3f4ca8be58a05957ac8909883661ee18a45eab

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Mon, 15 Jun 2020 18:13:56 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
155319
modernizr.699b9a.js
ups.ma/ups/assets/resources/scripts/vendor/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ups.ma/ups/assets/resources/scripts/vendor/modernizr.699b9a.js
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
1a933c728ee0c4e4789224e2bfb0aac647e5992108f5f9d52e1b0a761d3bb5ee

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Mon, 15 Jun 2020 18:14:47 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
15518
ups.vendor.95a2e2.js
ups.ma/ups/assets/resources/scripts/vendor/ 		814 KB
814 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ups.ma/ups/assets/resources/scripts/vendor/ups.vendor.95a2e2.js
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
accc9d37327ba3f8a1a7ab318f3c5206cacfeb7fc0da6bdd669df9206462b822

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Mon, 15 Jun 2020 18:14:48 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
833755
ups.vendor.54f3c2d83b58.css
ups.ma/ups/assets/resources/styles/ 		134 KB
134 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ups.ma/ups/assets/resources/styles/ups.vendor.54f3c2d83b58.css
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
aafdb00d968f94403b8d216c67907f97b694206c4db1481487e022161fb492e2

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Mon, 15 Jun 2020 18:12:49 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=100
Content-Length
136827
ups.styles.5c3550869b79.css
ups.ma/ups/assets/resources/styles/ 		197 KB
197 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ups.ma/ups/assets/resources/styles/ups.styles.5c3550869b79.css
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
6087d0ee6fe9865f26b8dc8338c1694c13b56635407be0f6bb6451c40f81bbea

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Mon, 15 Jun 2020 18:12:49 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=100
Content-Length
201359
ups.modules.290f026a81fc.css
ups.ma/ups/assets/resources/styles/ 		640 KB
640 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ups.ma/ups/assets/resources/styles/ups.modules.290f026a81fc.css
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
e30e6f56bfa25cc0bc2b5c29c81023f79190070f235675b150fe37d0ffba0e44

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Mon, 15 Jun 2020 18:12:48 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=100
Content-Length
655009
ups.widgets.946ed385b267.css
ups.ma/ups/assets/resources/styles/ 		68 KB
69 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ups.ma/ups/assets/resources/styles/ups.widgets.946ed385b267.css
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
e4064e9afdc5bff23af93a32e1b2b9dc5b32739689b84dfd24aff16cac21eb7c

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Mon, 15 Jun 2020 18:12:49 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=100
Content-Length
69911
UPS_Smart_Banner.1.2.0.js
ups.ma/ups/assets/resources/scripts/ 		503 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ups.ma/ups/assets/resources/scripts/UPS_Smart_Banner.1.2.0.js
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
d36be6c2a7c95759ca7d7440f1c1e5e50dfbe908b00c581850ce863858b84315

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Mon, 15 Jun 2020 18:12:46 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
503
onelink2aad.css
ups.ma/ups/_onelink_/ups/sites/www.ups.com/ 		173 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ups.ma/ups/_onelink_/ups/sites/www.ups.com/onelink2aad.css?ts=20200522
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
09c5f0f2bd048461d93e753de69534518a2a1775138155f3edbd3aaa5f472ea6

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Mon, 15 Jun 2020 18:16:37 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=100
Content-Length
173
onelink7033.css
ups.ma/ups/_onelink_/ups/sites/www.ups.com/en2frfr/ 		929 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ups.ma/ups/_onelink_/ups/sites/www.ups.com/en2frfr/onelink7033.css?ts=20180515
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
d3db82c8f8978eb8cfc85576c647d786fd0f1b48c8c5f9ae7f639b394c419f42

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Mon, 15 Jun 2020 18:19:50 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
929
onelinkb761.js
ups.ma/ups/_onelink_/ups/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ups.ma/ups/_onelink_/ups/onelinkb761.js?ts=20200424-2
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
bad905fb8036ec05ac8ff4f0143241588cbf704f1c0215fd17aef8dfd4ff2c66

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Mon, 15 Jun 2020 18:12:35 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1167
onelink_clientsort.js
ups.ma/ups/pAckAgEs/onelink/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ups.ma/ups/pAckAgEs/onelink/onelink_clientsort.js
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
60e89085e065d1a57f45c97580981e01f8a46d68ffbac58a765b99f17f37a258

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Mon, 15 Jun 2020 18:12:35 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1646
UPS_logo.svg
www.ups.com/assets/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ups.com/assets/resources/images/UPS_logo.svg
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.165 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-165.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b6f911ba8158fafaac0e01b5c737957f9a334697c5fd7d935a68795e9d9e1c00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server-Timing
cdn-cache; desc=HIT, edge; dur=1
Content-Length
1152
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 23 Oct 2019 16:07:01 GMT
Server
Apache
Cache-Control
no-cache
X-Frame-Options
SAMEORIGIN
Date
Sat, 12 Sep 2020 10:23:39 GMT
Vary
Accept-Encoding
Content-Type
image/svg+xml
Connection
keep-alive
Debug-AK-TLS
No bypass
Accept-Ranges
bytes
Expires
Sat, 12 Sep 2020 10:23:39 GMT
icon-alert-circle.png
ups.ma/ups/assets/resources/images/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ups.ma/ups/assets/resources/images/icons/icon-alert-circle.png
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
ba04fcb46931a4d7530ebfc98a1c75200ea9eee7d8d2bf523e3e4b78de4d1467

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Mon, 15 Jun 2020 18:14:40 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1489
m4-target-df1-16x6-tracking-solutions.jpg
www.ups.com/assets/resources/images/1600x1000/ 		198 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ups.com/assets/resources/images/1600x1000/m4-target-df1-16x6-tracking-solutions.jpg
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.165 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-165.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
185d251136a01421a69e9fc4bc79d4202bb0b0e92d93cd25b87531212b4e6891

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Thu, 23 May 2019 17:23:12 GMT
Server
Akamai Image Manager
Connection
keep-alive
Content-Type
image/jpeg
Cache-Control
private, no-transform, max-age=43200
Debug-AK-TLS
No bypass
Server-Timing
cdn-cache; desc=HIT, edge; dur=1
Content-Length
202852
Expires
Sat, 12 Sep 2020 22:23:39 GMT
m35-lithium-ion-batteries.jpg
ups.ma/ups/assets/resources/images/210x210/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ups.ma/ups/assets/resources/images/210x210/m35-lithium-ion-batteries.jpg
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
fbe98ad9b2142929c57669ecf2e9efd3b8651ce1efe3a79f026393b02ba882c7

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Mon, 15 Jun 2020 18:14:03 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
14642
m35-fraudulent-email.jpg
ups.ma/ups/assets/resources/images/210x210/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ups.ma/ups/assets/resources/images/210x210/m35-fraudulent-email.jpg
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
07a8daffc05304686c7c4b4dfa7f4956d3fd370da146840b8fdc27d8fc4b9767

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Mon, 15 Jun 2020 18:14:03 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4749
icp.gif
ups.ma/ups/img/ 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ups.ma/ups/img/icp.gif
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Mon, 15 Jun 2020 18:12:18 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
43
ups.scripts.2e68b6.js
ups.ma/ups/assets/resources/scripts/ 		315 KB
315 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ups.ma/ups/assets/resources/scripts/ups.scripts.2e68b6.js
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
165bd42d20b436795676c5f866ba009d5fff8b7cfb6cde0c81bd8372ba6119ac

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Mon, 15 Jun 2020 18:12:46 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
322072
a598c836206fda01f01586ae6397
www.ups.com/assets/ 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ups.com/assets/a598c836206fda01f01586ae6397
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.165 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9afb19236652db969869d392e8b9df9db16f47b6580ef46ef0c67c72ef701a10

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Sep 2020 20:56:57 GMT
ETag
"19cd9cc7cf6a15a4e9ec91c97a60e0169e9084bd3916f2a1e89cce17acb5ec7a"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate
Server-Timing
cdn-cache; desc=HIT, edge; dur=1
Content-Length
18548
Expires
0
utag.js
ups.ma/tags.tiqcdn.com/utag/ups/maestro/prod/ 		356 KB
357 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ups.ma/tags.tiqcdn.com/utag/ups/maestro/prod/utag.js
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
30dd010ad76240dd3f0b26dea42f99374c33f87af67f5eab1d488126344c138a

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Last-Modified
Mon, 15 Jun 2020 18:13:57 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
365035
TADEN-6MDCS-UHH5M-YHPKQ-2GBH3
s.go-mpulse.net/boomerang/ Frame AEBF 		187 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/TADEN-6MDCS-UHH5M-YHPKQ-2GBH3
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:291::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Sep 2020 10:23:39 GMT
content-encoding
br
last-modified
Thu, 10 Sep 2020 00:23:33 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=604800
timing-allow-origin
*
content-length
47928
truncated
/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
130d9b075e9052cb4838cf5a0041416d35ea6c962b90f2f4cf5d93b470d47b87

Request headers

Origin
http://ups.ma
Referer
http://ups.ma/ups/assets/resources/styles/ups.styles.5c3550869b79.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
a598c836206fda01f01586ae6397
ups.ma/assets/ 		0
0
m4-target-df1-16x6-tracking-solutions.jpg
ups.ma/assets/resources/images/1600x1000/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ups.ma/assets/resources/images/1600x1000/m4-target-df1-16x6-tracking-solutions.jpg
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
HTTP/1.1
Server
95.216.33.54 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
shuriken.nindohost.net
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:39 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
iframe_api
www.youtube.com/ 		859 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: ups.ma
URL: http://ups.ma/tags.tiqcdn.com/utag/ups/maestro/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
7303fd4521b231bad4280672d36b7a4486a47a3bc0248da7df8c28989e462400
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Sep 2020 10:23:39 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
status
200
cache-control
no-cache
content-type
application/javascript
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 GMT
utag.380.js
tags.tiqcdn.com/utag/ups/maestro/prod/ 		39 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/ups/maestro/prod/utag.380.js?utv=ut4.46.202005281107
Requested by
Host: ups.ma
URL: http://ups.ma/tags.tiqcdn.com/utag/ups/maestro/prod/utag.js
Protocol
HTTP/1.1
Server
104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-136.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6ba9ae12eb4a0fd6d230bb1988f698899da1c333ec2828d3d380624fd6f91ee4

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Aug 2020 11:21:58 GMT
Server
AkamaiNetStorage
ETag
"d9e410ec5cd2b530eade9e650838f840:1597663318.858307"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1296000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7078
Expires
Sun, 27 Sep 2020 10:23:40 GMT
utag.448.js
tags.tiqcdn.com/utag/ups/maestro/prod/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/ups/maestro/prod/utag.448.js?utv=ut4.46.202005011904
Requested by
Host: ups.ma
URL: http://ups.ma/tags.tiqcdn.com/utag/ups/maestro/prod/utag.js
Protocol
HTTP/1.1
Server
104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-136.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c33c4d5e4d190f987a05bf8e3e9866eea71c7b9c1770603f66927ed85d79eff9

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Aug 2020 11:22:02 GMT
Server
AkamaiNetStorage
ETag
"69661d412d210ce58b3e2261ab3f85ca:1597663322.444785"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1296000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4360
Expires
Sun, 27 Sep 2020 10:23:40 GMT
config.json
c.go-mpulse.net/api/ Frame AEBF 		68 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=TADEN-6MDCS-UHH5M-YHPKQ-2GBH3&d=ups.ma&t=5333021&v=1.571.0&if=&sl=0&si=bl006qtgc35-NaN&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,LOGN&acao=
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/TADEN-6MDCS-UHH5M-YHPKQ-2GBH3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 12 Sep 2020 10:23:39 GMT
Cache-Control
public, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
68
Content-Type
application/json
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflOyhzcj/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflOyhzcj/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f03e882b29d452040b26578e5612d8708fe2940d5009d6ba60988413275562de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Sep 2020 20:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137459
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33990
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 18:21:18 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Fri, 18 Sep 2020 20:12:40 GMT
js
www.googletagmanager.com/gtag/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-6689043
Requested by
Host: ups.ma
URL: http://ups.ma/tags.tiqcdn.com/utag/ups/maestro/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5ca4e6d9a69004cf81e851cbee1557892b0d097622ea7ae8d8f224aec3d76666
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Sep 2020 10:23:40 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35650
x-xss-protection
0
last-modified
Sat, 12 Sep 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 12 Sep 2020 10:23:40 GMT
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=DC-9635422&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=DC-9635422&l=dataLayer&cx=c
88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-9635422&l=dataLayer&cx=c
Requested by
Host: ups.ma
URL: http://ups.ma/ups/ma/fr/Home.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b33ff430c90ff247f95385fe10fe2f2ad63773b4f5b4516537da17e1f36b3786
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Sep 2020 10:23:40 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35654
x-xss-protection
0
last-modified
Sat, 12 Sep 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 12 Sep 2020 10:23:40 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=DC-9635422&l=dataLayer&cx=c
Non-Authoritative-Reason
HSTS
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
356 B 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=ups/maestro/202006041429&cb=1599906220078
Requested by
Host: ups.ma
URL: http://ups.ma/tags.tiqcdn.com/utag/ups/maestro/prod/utag.js
Protocol
HTTP/1.1
Server
104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-136.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 12 Sep 2020 10:23:40 GMT
Last-Modified
Thu, 14 Apr 2016 16:57:51 GMT
Server
AkamaiNetStorage
ETag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
Content-Type
application/x-javascript
Cache-Control
max-age=600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2
Expires
Sat, 12 Sep 2020 10:33:40 GMT
a598c836206fda01f01586ae6397
ups.ma/assets/ 		0
0
delivery
ups.tt.omtrdc.net/rest/v1/ 		209 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ups.tt.omtrdc.net/rest/v1/delivery?client=ups&sessionId=48ec99b77d1f4f0096800eeea7038a01&version=2.2.0
Requested by
Host: ups.ma
URL: http://ups.ma/tags.tiqcdn.com/utag/ups/maestro/prod/utag.sync.js
Protocol
HTTP/1.1
Server
54.194.111.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-111-119.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
dc62b6bdbb33435e0e938df2020320b705dcd3c7d29423502af2b4d3141f05ca

Request headers

Referer
http://ups.ma/ups/ma/fr/Home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 12 Sep 2020 10:23:41 GMT
Content-Encoding
gzip
Vary
Origin,Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
http://ups.ma
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
X-Request-ID
42b6d3c06c173ed1e4a2228d4dcd2aab

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ups.ma
URL
https://ups.ma/assets/a598c836206fda01f01586ae6397
Domain
ups.ma
URL
https://ups.ma/assets/a598c836206fda01f01586ae6397

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UPS (Transportation)

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| utag_data boolean| excludeShippingApp boolean| excludeTrackingApp boolean| excludeCtcApp boolean| excludeSiteWide object| excludeList object| mtags function| getCookie function| e object| visitor object| adobe function| Visitor object| s_c_il number| s_c_in object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| html5 object| Modernizr function| yepnope function| _toConsumableArray function| _slice object| ngFileUpload function| $ function| jQuery object| H5F object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI object| parsley object| angular function| getMobileOperatingSystem function| encodeReturnURLs object| onEliNk__OldFunc function| onEliNk__HookFunc function| OneLinkAlphaSort function| OneLinkAlphaSortColl function| OneLinkSortDropdown string| BOOMR_API_key object| BOOMR number| BOOMR_lstart string| expand string| collapse string| wems_country string| wems_locale string| wems_ext_locale string| wems_ts undefined| $location object| obj_live_chat string| alertsUrl string| rightRailLabel function| executePlugins function| alignElementHeight function| getAccountInfoResponse function| getPagelink function| encode64 function| createChatURL function| checkIfCondition function| maxHeight object| thirdContFluid undefined| rightRail boolean| upsAuth object| authentication string| _instance number| index string| ariaExpanded function| addTrackingHistory function| processSuccessResponse function| processResponse string| urlParam string| queryParam string| cmeTrnscrptLnk string| arExpan string| pdCastCn string| arHid function| cmeFeedbackInit function| upsCmeSubNavInit function| mostRecentInit function| recentCategoryInit function| tableInit object| $head object| UPS object| _cf object| BOOMR_mq boolean| utag_condload undefined| upsNotifyViewChange boolean| includeShippingApp boolean| includeTrackingApp boolean| includeCtcApp boolean| siteWide object| includeList object| docCookies string| SHIPPING_START_TIME_COOKIE function| getPageName object| DCS object| utag function| getShipmentStartTime function| getParameterByName function| setShipmentStartTime function| removeShipmentStartTime function| shipingJourneyDuration function| clubvars function| prodAffiliationAccount function| trimStr function| setAllDefaultMetaTags function| prepareMap function| addEvent object| wtTempDataCache function| dcsMultiTrack object| carouselElements object| _ac object| bmak string| _sd_trace function| op object| players function| onYouTubeIframeAPIReady object| start function| onPlayerReady function| onPlayerStateChange string| countries object| cookie_notice object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportLogPayloadsQueue_ object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ string| gtagRename object| dataLayer function| gtag object| google_tag_manager object| google_tag_data number| BOOMR_onload

5 Cookies

Domain/Path Name / Value
.ups.ma/ Name: _gcl_au
Value: 1.1.1349480821.1599906220
.ups.ma/ Name: mbox
Value: session#48ec99b77d1f4f0096800eeea7038a01#1599908080
.ups.ma/ Name: AMCV_036784BD57A8BB277F000101%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C18518%7CMCMID%7C91287472527630074992387369513255016689%7CMCOPTOUT-1599913419s%7CNONE%7CvVersion%7C4.4.0
.ups.ma/ Name: check
Value: true
.ups.ma/ Name: AMCVS_036784BD57A8BB277F000101%40AdobeOrg
Value: 1

8 Console Messages

Source Level URL
Text
console-api log URL: http://ups.ma/tags.tiqcdn.com/utag/ups/maestro/prod/utag.sync.js(Line 2)
Message:
Starting utag.sync.js: 1599906219468
console-api log URL: http://ups.ma/tags.tiqcdn.com/utag/ups/maestro/prod/utag.sync.js(Line 9)
Message:
No%20Marketo%20Cookie%20ID%20found%20in%20utag.sync.html
console-api log URL: http://ups.ma/tags.tiqcdn.com/utag/ups/maestro/prod/utag.sync.js(Line 10)
Message:
Loading Adobe Visitor API 4.4.0 in utag.sync.js: 1599906219474
console-api log URL: http://ups.ma/tags.tiqcdn.com/utag/ups/maestro/prod/utag.sync.js(Line 11)
Message:
Loading Adobe Test-Target API 2.2 in utag.sync.js: 1599906219482
console-api log URL: http://ups.ma/tags.tiqcdn.com/utag/ups/maestro/prod/utag.sync.js(Line 12)
Message:
Ending utag.sync.js: 1599906219494
console-api info URL: http://ups.ma/tags.tiqcdn.com/utag/ups/maestro/prod/utag.js(Line 116)
Message:
null
console-api info URL: http://ups.ma/tags.tiqcdn.com/utag/ups/maestro/prod/utag.js(Line 116)
Message:
removing cookie
console-api log URL: http://ups.ma/tags.tiqcdn.com/utag/ups/maestro/prod/utag.js(Line 339)
Message:
Tealium loaded with version: ut4.46.202006041429

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.go-mpulse.net
s.go-mpulse.net
s.ytimg.com
tags.tiqcdn.com
ups.ma
ups.tt.omtrdc.net
www.googletagmanager.com
www.ups.com
www.youtube.com
ups.ma
104.111.215.136
23.210.249.165
2a00:1450:4001:808::200e
2a00:1450:4001:818::2008
2a00:1450:4001:821::200e
2a00:1450:4001:824::2008
2a02:26f0:6c00:192::11a6
2a02:26f0:6c00:291::11a6
54.194.111.119
95.216.33.54
07a8daffc05304686c7c4b4dfa7f4956d3fd370da146840b8fdc27d8fc4b9767
09c5f0f2bd048461d93e753de69534518a2a1775138155f3edbd3aaa5f472ea6
130d9b075e9052cb4838cf5a0041416d35ea6c962b90f2f4cf5d93b470d47b87
165bd42d20b436795676c5f866ba009d5fff8b7cfb6cde0c81bd8372ba6119ac
185d251136a01421a69e9fc4bc79d4202bb0b0e92d93cd25b87531212b4e6891
1a933c728ee0c4e4789224e2bfb0aac647e5992108f5f9d52e1b0a761d3bb5ee
30dd010ad76240dd3f0b26dea42f99374c33f87af67f5eab1d488126344c138a
3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e
5ca4e6d9a69004cf81e851cbee1557892b0d097622ea7ae8d8f224aec3d76666
6087d0ee6fe9865f26b8dc8338c1694c13b56635407be0f6bb6451c40f81bbea
60e89085e065d1a57f45c97580981e01f8a46d68ffbac58a765b99f17f37a258
65636af75cdb02b535e2801eec3f4ca8be58a05957ac8909883661ee18a45eab
6ba9ae12eb4a0fd6d230bb1988f698899da1c333ec2828d3d380624fd6f91ee4
7303fd4521b231bad4280672d36b7a4486a47a3bc0248da7df8c28989e462400
9afb19236652db969869d392e8b9df9db16f47b6580ef46ef0c67c72ef701a10
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
aafdb00d968f94403b8d216c67907f97b694206c4db1481487e022161fb492e2
accc9d37327ba3f8a1a7ab318f3c5206cacfeb7fc0da6bdd669df9206462b822
b33ff430c90ff247f95385fe10fe2f2ad63773b4f5b4516537da17e1f36b3786
b6f911ba8158fafaac0e01b5c737957f9a334697c5fd7d935a68795e9d9e1c00
ba04fcb46931a4d7530ebfc98a1c75200ea9eee7d8d2bf523e3e4b78de4d1467
bad905fb8036ec05ac8ff4f0143241588cbf704f1c0215fd17aef8dfd4ff2c66
bf93926297103d1604a31ad2ca75d46d9e9b73531a45c60b5dc08eab9fd85b33
c33c4d5e4d190f987a05bf8e3e9866eea71c7b9c1770603f66927ed85d79eff9
d36be6c2a7c95759ca7d7440f1c1e5e50dfbe908b00c581850ce863858b84315
d3db82c8f8978eb8cfc85576c647d786fd0f1b48c8c5f9ae7f639b394c419f42
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dc62b6bdbb33435e0e938df2020320b705dcd3c7d29423502af2b4d3141f05ca
e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f
e30e6f56bfa25cc0bc2b5c29c81023f79190070f235675b150fe37d0ffba0e44
e4064e9afdc5bff23af93a32e1b2b9dc5b32739689b84dfd24aff16cac21eb7c
f03e882b29d452040b26578e5612d8708fe2940d5009d6ba60988413275562de
fbe98ad9b2142929c57669ecf2e9efd3b8651ce1efe3a79f026393b02ba882c7