status.my-uam.com Open in urlscan Pro
159.89.87.155 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://status.my-uam.com/dhlde-bot/contents/
Submission: On November 04 via automatic, source phishtank (November 4th 2021, 3:14:27 pm UTC) — Scanned from DE

Summary HTTP 18 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 159.89.87.155, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is status.my-uam.com.
TLS certificate: Issued by R3 on October 14th 2021. Valid for: 3 months.

This is the only time status.my-uam.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Tracking (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 18	159.89.87.155 159.89.87.155	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	54.146.216.78 54.146.216.78	14618 (AMAZON-AES) (AMAZON-AES)
18	2

18 159.89.87.155 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

status.my-uam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.216.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-216-78.compute-1.amazonaws.com

xpsship.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	my-uam.com 1 redirects status.my-uam.com	91 KB
1	xpsship.com xpsship.com	4 KB
18	2

	Domain	Requested by
18	status.my-uam.com	1 redirects status.my-uam.com
1	xpsship.com	status.my-uam.com
18	2

This site contains links to these domains. Also see Links.

Domain
www.visa.gr
www.mastercard.com

Subject Issuer	Validity	Valid
status.my-uam.com R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
xpsship.com R3	`2021-09-07` - `2021-12-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://status.my-uam.com/dhlde-bot/contents/
Frame ID: A46871EEF52BB8E9B2782B1EA493EA5E
Requests: 17 HTTP requests in this frame

Frame: https://status.my-uam.com/dhlde-bot/contents/vbv_files/saved_resource.html
Frame ID: CAC183A704BF3F6EFB4534FC2AA3C54A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DHL

Page URL History Show full URLs

https://status.my-uam.com/dhlde-bot/contents HTTP 301
https://status.my-uam.com/dhlde-bot/contents/ Page URL

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

96 kB
Transfer

100 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.visa.gr/gr/kaptec_yia_onouc/online_ayopec/verified_by_visa.aspx

Search URL Search Domain Scan URL

URL: http://www.mastercard.com/gr/consumer/secure-code.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://status.my-uam.com/dhlde-bot/contents HTTP 301
https://status.my-uam.com/dhlde-bot/contents/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response status.my-uam.com/dhlde-bot/contents/ Redirect Chain https://status.my-uam.com/dhlde-bot/contents https://status.my-uam.com/dhlde-bot/contents/	9 KB 3 KB	97ms 97ms	Document text/html	159.89.87.155 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://status.my-uam.com/dhlde-bot/contents/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.89.87.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash `4509e783ae3db1f21801af05b1cb35494560dc85bf4dacec3c3065dd6397105b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx/1.10.3 (Ubuntu) date Thu, 04 Nov 2021 15:14:23 GMT content-type text/html last-modified Wed, 03 Nov 2021 13:17:29 GMT etag W/"61828be9-25d6" content-encoding gzip Redirect headers server nginx/1.10.3 (Ubuntu) date Thu, 04 Nov 2021 15:14:22 GMT content-type text/html content-length 194 location https://status.my-uam.com/dhlde-bot/contents/
GET H2	200	vpos3_euro_3DS.css status.my-uam.com/dhlde-bot/contents/vbv_files/	10 KB 10 KB	95ms 94ms	Stylesheet text/css	159.89.87.155 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://status.my-uam.com/dhlde-bot/contents/vbv_files/vpos3_euro_3DS.css Requested by Host: status.my-uam.com URL: https://status.my-uam.com/dhlde-bot/contents/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.89.87.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash `078795b78d922985187df7d94d238b4510fde9ccdb2662b7952c9d93893d99fe` Request headers Accept-Language de-DE,de;q=0.9 Referer https://status.my-uam.com/dhlde-bot/contents/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 15:14:23 GMT last-modified Wed, 03 Nov 2021 13:17:29 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "61828be9-26f7" content-length 9975 content-type text/css
GET H2	200	scripts.js.t%C3%A9l%C3%A9charger Show response status.my-uam.com/dhlde-bot/contents/vbv_files/	7 KB 7 KB	184ms 183ms	Script application/octet-stream	159.89.87.155 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://status.my-uam.com/dhlde-bot/contents/vbv_files/scripts.js.t%C3%A9l%C3%A9charger Requested by Host: status.my-uam.com URL: https://status.my-uam.com/dhlde-bot/contents/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.89.87.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash `cdbfde60ae9317d64b872bbce11dcd943c0c19e42302df769a646578e1a34cdc` Request headers Accept-Language de-DE,de;q=0.9 Referer https://status.my-uam.com/dhlde-bot/contents/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 15:14:23 GMT last-modified Wed, 03 Nov 2021 13:17:29 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "61828be9-1a3b" content-length 6715 content-type application/octet-stream
GET H2	200	vpos.js.t%C3%A9l%C3%A9charger Show response status.my-uam.com/dhlde-bot/contents/vbv_files/	16 KB 16 KB	185ms 185ms	Script application/octet-stream	159.89.87.155 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://status.my-uam.com/dhlde-bot/contents/vbv_files/vpos.js.t%C3%A9l%C3%A9charger Requested by Host: status.my-uam.com URL: https://status.my-uam.com/dhlde-bot/contents/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.89.87.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash `7386af596fef06382f8bf29e56b2dddeb04bc2fa4c44a16b7f0cbd15318c1fb8` Request headers Accept-Language de-DE,de;q=0.9 Referer https://status.my-uam.com/dhlde-bot/contents/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 15:14:23 GMT last-modified Wed, 03 Nov 2021 13:17:29 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "61828be9-40e3" content-length 16611 content-type application/octet-stream
GET H/1.1	200 OK	dhl-png-dhl-png-489.png xpsship.com/wp-content/uploads/2017/06/	4 KB 4 KB	323ms 104ms	Image image/png	54.146.216.78 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://xpsship.com/wp-content/uploads/2017/06/dhl-png-dhl-png-489.png Requested by Host: status.my-uam.com URL: https://status.my-uam.com/dhlde-bot/contents/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.146.216.78 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-146-216-78.compute-1.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash `31d1f428e0131490a63176f95c2e0aae03dde9c94d07a4a5dd16f131a8fef463` Request headers Accept-Language de-DE,de;q=0.9 Referer https://status.my-uam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 04 Nov 2021 15:14:23 GMT Last-Modified Tue, 11 Jun 2019 15:06:48 GMT Server nginx/1.18.0 (Ubuntu) ETag "5cffc388-fb2" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 4018
GET H2	200	visa_verified.png status.my-uam.com/dhlde-bot/contents/vbv_files/	3 KB 3 KB	97ms 97ms	Image image/png	159.89.87.155 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://status.my-uam.com/dhlde-bot/contents/vbv_files/visa_verified.png Requested by Host: status.my-uam.com URL: https://status.my-uam.com/dhlde-bot/contents/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.89.87.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash `aa65221cec37785bd0226398102479df573eee338ff8db4e4a42b54145e6fbbc` Request headers Accept-Language de-DE,de;q=0.9 Referer https://status.my-uam.com/dhlde-bot/contents/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 15:14:23 GMT last-modified Wed, 03 Nov 2021 13:17:29 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "61828be9-bd3" content-length 3027 content-type image/png
GET H2	200	mastercard_securecode.png status.my-uam.com/dhlde-bot/contents/vbv_files/	1 KB 1 KB	98ms 96ms	Image image/png	159.89.87.155 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://status.my-uam.com/dhlde-bot/contents/vbv_files/mastercard_securecode.png Requested by Host: status.my-uam.com URL: https://status.my-uam.com/dhlde-bot/contents/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.89.87.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash `0762085252dfb8ccd2ece5b27995d17e2de80892745730dde75bbdef22ec87a9` Request headers Accept-Language de-DE,de;q=0.9 Referer https://status.my-uam.com/dhlde-bot/contents/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 15:14:23 GMT last-modified Wed, 03 Nov 2021 13:17:29 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "61828be9-501" content-length 1281 content-type image/png
GET H2	200	visa.png status.my-uam.com/dhlde-bot/contents/vbv_files/	2 KB 2 KB	98ms 96ms	Image image/png	159.89.87.155 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://status.my-uam.com/dhlde-bot/contents/vbv_files/visa.png Requested by Host: status.my-uam.com URL: https://status.my-uam.com/dhlde-bot/contents/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.89.87.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash `6a96541883039b7eedcfd56d037d3398fe8f8ae6a94021f96f16dfc4546749a6` Request headers Accept-Language de-DE,de;q=0.9 Referer https://status.my-uam.com/dhlde-bot/contents/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 15:14:23 GMT last-modified Wed, 03 Nov 2021 13:17:29 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "61828be9-734" content-length 1844 content-type image/png
GET H2	200	mastercard.png status.my-uam.com/dhlde-bot/contents/vbv_files/	2 KB 2 KB	98ms 97ms	Image image/png	159.89.87.155 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://status.my-uam.com/dhlde-bot/contents/vbv_files/mastercard.png Requested by Host: status.my-uam.com URL: https://status.my-uam.com/dhlde-bot/contents/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.89.87.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash `88eb2f34894290347636bb5b5de715e3d97ea7dafe8066d3b6d9fa8f0ad70a55` Request headers Accept-Language de-DE,de;q=0.9 Referer https://status.my-uam.com/dhlde-bot/contents/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 15:14:23 GMT last-modified Wed, 03 Nov 2021 13:17:29 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "61828be9-7a6" content-length 1958 content-type image/png
GET H2	200	maestro.png status.my-uam.com/dhlde-bot/contents/vbv_files/	2 KB 2 KB	98ms 97ms	Image image/png	159.89.87.155 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://status.my-uam.com/dhlde-bot/contents/vbv_files/maestro.png Requested by Host: status.my-uam.com URL: https://status.my-uam.com/dhlde-bot/contents/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.89.87.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash `11631495a8a7b2cb49e02290cae651ec9552bd850d201d259cd278bb09512223` Request headers Accept-Language de-DE,de;q=0.9 Referer https://status.my-uam.com/dhlde-bot/contents/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 15:14:23 GMT last-modified Wed, 03 Nov 2021 13:17:29 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "61828be9-6c6" content-length 1734 content-type image/png
GET H2	200	CVV.JPG status.my-uam.com/dhlde-bot/contents/vbv_files/	23 KB 23 KB	99ms 99ms	Image image/jpeg	159.89.87.155 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://status.my-uam.com/dhlde-bot/contents/vbv_files/CVV.JPG Requested by Host: status.my-uam.com URL: https://status.my-uam.com/dhlde-bot/contents/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.89.87.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash `47c7ccd5bd79e33e62cef299b910406e1f6ef6e66922654f999ab06998cea933` Request headers Accept-Language de-DE,de;q=0.9 Referer https://status.my-uam.com/dhlde-bot/contents/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 15:14:23 GMT last-modified Wed, 03 Nov 2021 13:17:29 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "61828be9-5a86" content-length 23174 content-type image/jpeg
GET H2	200	CID.JPG status.my-uam.com/dhlde-bot/contents/vbv_files/	21 KB 21 KB	190ms 190ms	Image image/jpeg	159.89.87.155 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://status.my-uam.com/dhlde-bot/contents/vbv_files/CID.JPG Requested by Host: status.my-uam.com URL: https://status.my-uam.com/dhlde-bot/contents/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.89.87.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash `5252a27dbac77e0128d6afe6445beaae27da5669f096a0b7b1180dca1fcead94` Request headers Accept-Language de-DE,de;q=0.9 Referer https://status.my-uam.com/dhlde-bot/contents/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 15:14:23 GMT last-modified Wed, 03 Nov 2021 13:17:29 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "61828be9-527e" content-length 21118 content-type image/jpeg
GET H2	200	PaymentHandler status.my-uam.com/dhlde-bot/contents/vbv_files/	143 B 285 B	191ms 190ms	Image application/octet-stream	159.89.87.155 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://status.my-uam.com/dhlde-bot/contents/vbv_files/PaymentHandler Requested by Host: status.my-uam.com URL: https://status.my-uam.com/dhlde-bot/contents/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.89.87.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash `1d6b7722721362778eb55559eacde7741ff3472a4ed534d8d3554216f4cc95c8` Request headers Accept-Language de-DE,de;q=0.9 Referer https://status.my-uam.com/dhlde-bot/contents/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 15:14:23 GMT last-modified Wed, 03 Nov 2021 13:17:29 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "61828be9-8f" content-length 143 content-type application/octet-stream
GET H2	200	x.gif status.my-uam.com/dhlde-bot/contents/vbv_files/	661 B 794 B	191ms 191ms	Image image/gif	159.89.87.155 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://status.my-uam.com/dhlde-bot/contents/vbv_files/x.gif Requested by Host: status.my-uam.com URL: https://status.my-uam.com/dhlde-bot/contents/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.89.87.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash `78be9441943a8406bc5f57cf731edc08b4d5a22c41cf690f0335939427b353b0` Request headers Accept-Language de-DE,de;q=0.9 Referer https://status.my-uam.com/dhlde-bot/contents/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 15:14:23 GMT last-modified Wed, 03 Nov 2021 13:17:29 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "61828be9-295" content-length 661 content-type image/gif
GET H2	200	saved_resource.html Show response status.my-uam.com/dhlde-bot/contents/vbv_files/ Frame CAC1	149 B 275 B	188ms 188ms	Document text/html	159.89.87.155 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://status.my-uam.com/dhlde-bot/contents/vbv_files/saved_resource.html Requested by Host: status.my-uam.com URL: https://status.my-uam.com/dhlde-bot/contents/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.89.87.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash `97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://status.my-uam.com/dhlde-bot/contents/ Response headers server nginx/1.10.3 (Ubuntu) date Thu, 04 Nov 2021 15:14:23 GMT content-type text/html last-modified Wed, 03 Nov 2021 13:17:29 GMT etag W/"61828be9-95" content-encoding gzip
GET H2	500	EurobankSans-Regular.woff status.my-uam.com/dhlde-bot/contents/vbv_files/euro_new/	0 0	185ms 185ms	Font text/html	159.89.87.155 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://status.my-uam.com/dhlde-bot/contents/vbv_files/euro_new/EurobankSans-Regular.woff Requested by Host: status.my-uam.com URL: https://status.my-uam.com/dhlde-bot/contents/vbv_files/vpos3_euro_3DS.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.89.87.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash Request headers Referer https://status.my-uam.com/dhlde-bot/contents/vbv_files/vpos3_euro_3DS.css Origin https://status.my-uam.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 15:14:23 GMT server nginx/1.10.3 (Ubuntu) content-type text/html;charset=utf-8
GET H2	500	EurobankSans-Light.woff status.my-uam.com/dhlde-bot/contents/vbv_files/euro_new/	0 0	182ms 181ms	Font text/html	159.89.87.155 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://status.my-uam.com/dhlde-bot/contents/vbv_files/euro_new/EurobankSans-Light.woff Requested by Host: status.my-uam.com URL: https://status.my-uam.com/dhlde-bot/contents/vbv_files/vpos3_euro_3DS.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.89.87.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash Request headers Referer https://status.my-uam.com/dhlde-bot/contents/vbv_files/vpos3_euro_3DS.css Origin https://status.my-uam.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 15:14:23 GMT server nginx/1.10.3 (Ubuntu) content-type text/html;charset=utf-8
GET H2	500	EurobankSans-Bold.woff status.my-uam.com/dhlde-bot/contents/vbv_files/euro_new/	0 0	182ms 181ms	Font text/html	159.89.87.155 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://status.my-uam.com/dhlde-bot/contents/vbv_files/euro_new/EurobankSans-Bold.woff Requested by Host: status.my-uam.com URL: https://status.my-uam.com/dhlde-bot/contents/vbv_files/vpos3_euro_3DS.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.89.87.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash Request headers Referer https://status.my-uam.com/dhlde-bot/contents/vbv_files/vpos3_euro_3DS.css Origin https://status.my-uam.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 15:14:23 GMT server nginx/1.10.3 (Ubuntu) content-type text/html;charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Tracking (Transportation)

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://status.my-uam.com/dhlde-bot/contents/vbv_files/euro_new/EurobankSans-Regular.woff Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://status.my-uam.com/dhlde-bot/contents/vbv_files/euro_new/EurobankSans-Light.woff Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://status.my-uam.com/dhlde-bot/contents/vbv_files/euro_new/EurobankSans-Bold.woff Message: Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

status.my-uam.com
xpsship.com
159.89.87.155
54.146.216.78
0762085252dfb8ccd2ece5b27995d17e2de80892745730dde75bbdef22ec87a9
078795b78d922985187df7d94d238b4510fde9ccdb2662b7952c9d93893d99fe
11631495a8a7b2cb49e02290cae651ec9552bd850d201d259cd278bb09512223
1d6b7722721362778eb55559eacde7741ff3472a4ed534d8d3554216f4cc95c8
31d1f428e0131490a63176f95c2e0aae03dde9c94d07a4a5dd16f131a8fef463
4509e783ae3db1f21801af05b1cb35494560dc85bf4dacec3c3065dd6397105b
47c7ccd5bd79e33e62cef299b910406e1f6ef6e66922654f999ab06998cea933
5252a27dbac77e0128d6afe6445beaae27da5669f096a0b7b1180dca1fcead94
6a96541883039b7eedcfd56d037d3398fe8f8ae6a94021f96f16dfc4546749a6
7386af596fef06382f8bf29e56b2dddeb04bc2fa4c44a16b7f0cbd15318c1fb8
78be9441943a8406bc5f57cf731edc08b4d5a22c41cf690f0335939427b353b0
88eb2f34894290347636bb5b5de715e3d97ea7dafe8066d3b6d9fa8f0ad70a55
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
aa65221cec37785bd0226398102479df573eee338ff8db4e4a42b54145e6fbbc
cdbfde60ae9317d64b872bbce11dcd943c0c19e42302df769a646578e1a34cdc

status.my-uam.com Open in urlscan Pro 159.89.87.155 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

96 kBTransfer

100 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

54 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

status.my-uam.com Open in urlscan Pro
159.89.87.155 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

96 kB
Transfer

100 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!