ups-com-reschedule-package.thenewtradition.net Open in urlscan Pro
103.186.0.250 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ups-com-reschedule-package.thenewtradition.net/
Effective URL:
https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25...
Submission: On June 30 via api (June 30th 2024, 10:02:06 am UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 103.186.0.250, located in Indonesia and belongs to IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID. The main domain is ups-com-reschedule-package.thenewtradition.net.
TLS certificate: Issued by R11 on June 27th 2024. Valid for: 3 months.

This is the only time ups-com-reschedule-package.thenewtradition.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UPS (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
2 17	103.186.0.250 103.186.0.250		136052 (IDNIC-IDC...) (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia)
15	2

17 103.186.0.250 (Indonesia) 2 redirects

ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID)
PTR: ip103-186-0-250.cloudhost.web.id

ups-com-reschedule-package.thenewtradition.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	thenewtradition.net 2 redirects ups-com-reschedule-package.thenewtradition.net	1 MB
15	1

	Domain	Requested by
17	ups-com-reschedule-package.thenewtradition.net	2 redirects ups-com-reschedule-package.thenewtradition.net
15	1

This site contains no links.

Subject Issuer	Validity	Valid
ups-com-reschedule-package.thenewtradition.net R11	`2024-06-27` - `2024-09-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U
Frame ID: 4CCFFCED65E76BCB21FE5F492A396AA3
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tracking | UPS - United States

Page URL History Show full URLs

https://ups-com-reschedule-package.thenewtradition.net/ HTTP 302
https://ups-com-reschedule-package.thenewtradition.net/main.php HTTP 302
https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn... Page URL

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1561 kB
Transfer

1680 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ups-com-reschedule-package.thenewtradition.net/ HTTP 302
https://ups-com-reschedule-package.thenewtradition.net/main.php HTTP 302
https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Details Show response ups-com-reschedule-package.thenewtradition.net/ Redirect Chain https://ups-com-reschedule-package.thenewtradition.net/ https://ups-com-reschedule-package.thenewtradition.net/main.php https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSw...	41 KB 5 KB	344ms 344ms	Document text/html	103.186.0.250 IDNIC-IDCLOUDHOST...
General Check archive.org Show headers Download Go to Full URL https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.186.0.250 , Indonesia, ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID), Reverse DNS ip103-186-0-250.cloudhost.web.id Software Apache / Resource Hash `3f3f9d83bbff6f263d7ed06aeaef733eab089d04942b581d5f2967ff33ccaf8e` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sun, 30 Jun 2024 10:01:58 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=99 Pragma no-cache Server Apache Transfer-Encoding chunked Vary Accept-Encoding Redirect headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sun, 30 Jun 2024 10:01:57 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache Transfer-Encoding chunked Vary Accept-Encoding location Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U
GET H/1.1	200 OK	ups_006.css ups-com-reschedule-package.thenewtradition.net/us_assetz/css/	102 KB 102 KB	308ms 306ms	Stylesheet text/css	103.186.0.250 IDNIC-IDCLOUDHOST...
General Check archive.org Show headers Download Go to Full URL https://ups-com-reschedule-package.thenewtradition.net/us_assetz/css/ups_006.css Requested by Host: ups-com-reschedule-package.thenewtradition.net URL: https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.186.0.250 , Indonesia, ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID), Reverse DNS ip103-186-0-250.cloudhost.web.id Software Apache / Resource Hash `2b0994395d1265e32bcd41b1a1faaf9d584dab7814646c2224a75b3aee8fbe0e` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 30 Jun 2024 10:01:58 GMT Last-Modified Mon, 27 Jun 2022 22:34:16 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 104491
GET H/1.1	200 OK	ups_005.css ups-com-reschedule-package.thenewtradition.net/us_assetz/css/	231 KB 232 KB	318ms 316ms	Stylesheet text/css	103.186.0.250 IDNIC-IDCLOUDHOST...
General Check archive.org Show headers Download Go to Full URL https://ups-com-reschedule-package.thenewtradition.net/us_assetz/css/ups_005.css Requested by Host: ups-com-reschedule-package.thenewtradition.net URL: https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.186.0.250 , Indonesia, ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID), Reverse DNS ip103-186-0-250.cloudhost.web.id Software Apache / Resource Hash `c0c6fa3666308cd53422b2390a847252024465dae30b3a818b0dacede485bdde` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 30 Jun 2024 10:01:58 GMT Last-Modified Mon, 27 Jun 2022 22:34:16 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 237006
GET H/1.1	200 OK	ups_003.css ups-com-reschedule-package.thenewtradition.net/us_assetz/css/	741 KB 741 KB	875ms 304ms	Stylesheet text/css	103.186.0.250 IDNIC-IDCLOUDHOST...
General Check archive.org Show headers Download Go to Full URL https://ups-com-reschedule-package.thenewtradition.net/us_assetz/css/ups_003.css Requested by Host: ups-com-reschedule-package.thenewtradition.net URL: https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.186.0.250 , Indonesia, ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID), Reverse DNS ip103-186-0-250.cloudhost.web.id Software Apache / Resource Hash `2304349fbcf171b2c20205998a4fd8792765a1ba9a9ce02dd16d74f1a33a7418` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 30 Jun 2024 10:01:59 GMT Last-Modified Mon, 27 Jun 2022 22:34:16 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 758815
GET H/1.1	200 OK	ups.css ups-com-reschedule-package.thenewtradition.net/us_assetz/css/	69 KB 70 KB	918ms 302ms	Stylesheet text/css	103.186.0.250 IDNIC-IDCLOUDHOST...
General Check archive.org Show headers Download Go to Full URL https://ups-com-reschedule-package.thenewtradition.net/us_assetz/css/ups.css Requested by Host: ups-com-reschedule-package.thenewtradition.net URL: https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.186.0.250 , Indonesia, ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID), Reverse DNS ip103-186-0-250.cloudhost.web.id Software Apache / Resource Hash `d98835978aaf8b44c47da4452bce0189666cc5b751fb2cc914c869241f17d5a6` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 30 Jun 2024 10:01:59 GMT Last-Modified Mon, 27 Jun 2022 22:34:16 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 70977
GET H/1.1	200 OK	ups_002.css ups-com-reschedule-package.thenewtradition.net/us_assetz/css/	75 KB 75 KB	927ms 312ms	Stylesheet text/css	103.186.0.250 IDNIC-IDCLOUDHOST...
General Check archive.org Show headers Download Go to Full URL https://ups-com-reschedule-package.thenewtradition.net/us_assetz/css/ups_002.css Requested by Host: ups-com-reschedule-package.thenewtradition.net URL: https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.186.0.250 , Indonesia, ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID), Reverse DNS ip103-186-0-250.cloudhost.web.id Software Apache / Resource Hash `c794d0fce9f9f6218cc78289f0380d7bd15baf1d27d2161fc8cff521c6de31d0` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 30 Jun 2024 10:01:59 GMT Last-Modified Mon, 27 Jun 2022 22:34:16 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 76336
GET H/1.1	200 OK	ups_004.css ups-com-reschedule-package.thenewtradition.net/us_assetz/css/	103 KB 103 KB	918ms 303ms	Stylesheet text/css	103.186.0.250 IDNIC-IDCLOUDHOST...
General Check archive.org Show headers Download Go to Full URL https://ups-com-reschedule-package.thenewtradition.net/us_assetz/css/ups_004.css Requested by Host: ups-com-reschedule-package.thenewtradition.net URL: https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.186.0.250 , Indonesia, ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID), Reverse DNS ip103-186-0-250.cloudhost.web.id Software Apache / Resource Hash `b5bdd67f7bc46128b2092d875aaa9833d7f9652ddcc237e9c91ab8d5e6dab6f8` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 30 Jun 2024 10:01:59 GMT Last-Modified Mon, 27 Jun 2022 22:34:16 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 105607
GET H/1.1	200 OK	css.css ups-com-reschedule-package.thenewtradition.net/us_assetz/css/	7 KB 7 KB	3235ms 1787ms	Stylesheet text/css	103.186.0.250 IDNIC-IDCLOUDHOST...
General Check archive.org Show headers Download Go to Full URL https://ups-com-reschedule-package.thenewtradition.net/us_assetz/css/css.css Requested by Host: ups-com-reschedule-package.thenewtradition.net URL: https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.186.0.250 , Indonesia, ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID), Reverse DNS ip103-186-0-250.cloudhost.web.id Software Apache / Resource Hash `d7c386848e3e41f2e3c8f38613bb8c456a710c2159e20f8466e0b23e0e50015e` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 30 Jun 2024 10:01:59 GMT Last-Modified Mon, 27 Jun 2022 22:34:16 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 6828
GET H/1.1	200 OK	styles.css ups-com-reschedule-package.thenewtradition.net/us_assetz/css/	228 B 468 B	1793ms 300ms	Stylesheet text/css	103.186.0.250 IDNIC-IDCLOUDHOST...
General Check archive.org Show headers Download Go to Full URL https://ups-com-reschedule-package.thenewtradition.net/us_assetz/css/styles.css Requested by Host: ups-com-reschedule-package.thenewtradition.net URL: https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.186.0.250 , Indonesia, ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID), Reverse DNS ip103-186-0-250.cloudhost.web.id Software Apache / Resource Hash `21035d440edbc1425b5114c3cc967ad9027c5dba7f89ecc3d677ed4f5dfd6dab` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 30 Jun 2024 10:01:59 GMT Last-Modified Mon, 27 Jun 2022 22:34:16 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 228
GET H/1.1	200 OK	UPS_logo.svg ups-com-reschedule-package.thenewtradition.net/us_assetz/img/	2 KB 2 KB	1792ms 305ms	Image image/svg+xml	103.186.0.250 IDNIC-IDCLOUDHOST...
General Check archive.org Show headers Download Go to Show image Full URL https://ups-com-reschedule-package.thenewtradition.net/us_assetz/img/UPS_logo.svg Requested by Host: ups-com-reschedule-package.thenewtradition.net URL: https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.186.0.250 , Indonesia, ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID), Reverse DNS ip103-186-0-250.cloudhost.web.id Software Apache / Resource Hash `a416370f6f98339e7edf9fe2c70a45bf9cfba93c0520921db47d15c27934ba88` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 30 Jun 2024 10:01:59 GMT Last-Modified Mon, 27 Jun 2022 22:34:16 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 2162
GET H/1.1	200 OK	Roboto-Regular.woff ups-com-reschedule-package.thenewtradition.net/us_assetz/fonts/	92 KB 92 KB	304ms 304ms	Font font/woff	103.186.0.250 IDNIC-IDCLOUDHOST...
General Check archive.org Show headers Download Go to Full URL https://ups-com-reschedule-package.thenewtradition.net/us_assetz/fonts/Roboto-Regular.woff Requested by Host: ups-com-reschedule-package.thenewtradition.net URL: https://ups-com-reschedule-package.thenewtradition.net/us_assetz/css/ups_005.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.186.0.250 , Indonesia, ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID), Reverse DNS ip103-186-0-250.cloudhost.web.id Software Apache / Resource Hash `c511a38838f14cd23a3e2a7c7c9b7f2864a2a6b9e548053bb71b432a677966e2` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ups-com-reschedule-package.thenewtradition.net/us_assetz/css/ups_005.css Origin https://ups-com-reschedule-package.thenewtradition.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 30 Jun 2024 10:02:05 GMT Last-Modified Mon, 27 Jun 2022 22:34:16 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 93784
GET H/1.1	200 OK	Roboto-Medium.woff ups-com-reschedule-package.thenewtradition.net/us_assetz/fonts/	92 KB 92 KB	621ms 312ms	Font font/woff	103.186.0.250 IDNIC-IDCLOUDHOST...
General Check archive.org Show headers Download Go to Full URL https://ups-com-reschedule-package.thenewtradition.net/us_assetz/fonts/Roboto-Medium.woff Requested by Host: ups-com-reschedule-package.thenewtradition.net URL: https://ups-com-reschedule-package.thenewtradition.net/us_assetz/css/ups_005.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.186.0.250 , Indonesia, ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID), Reverse DNS ip103-186-0-250.cloudhost.web.id Software Apache / Resource Hash `4f543ad26c42709ef00a1921f7dd1aa27a1930a354ecb353196665e43dac3706` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ups-com-reschedule-package.thenewtradition.net/us_assetz/css/ups_005.css Origin https://ups-com-reschedule-package.thenewtradition.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 30 Jun 2024 10:02:05 GMT Last-Modified Mon, 27 Jun 2022 22:34:16 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 94364
GET H/1.1	404 Not Found	social.jpg ups-com-reschedule-package.thenewtradition.net/assets/resources/images/	315 B 315 B	311ms 311ms	Image text/html	103.186.0.250 IDNIC-IDCLOUDHOST...
General Check archive.org Show headers Download Go to Show image Full URL https://ups-com-reschedule-package.thenewtradition.net/assets/resources/images/social.jpg Requested by Host: ups-com-reschedule-package.thenewtradition.net URL: https://ups-com-reschedule-package.thenewtradition.net/us_assetz/css/ups_003.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.186.0.250 , Indonesia, ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID), Reverse DNS ip103-186-0-250.cloudhost.web.id Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ups-com-reschedule-package.thenewtradition.net/us_assetz/css/ups_003.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 30 Jun 2024 10:02:05 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET DATA	200 OK	truncated /	36 KB 36 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e6717bd20db32157f0677a42af3c9bf2b5195f9fab23875ad24427089e742103` Request headers Referer Origin https://ups-com-reschedule-package.thenewtradition.net Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type application/x-font-woff;charset=utf-8
GET H/1.1	200 OK	Roboto-Italic.woff ups-com-reschedule-package.thenewtradition.net/us_assetz/fonts/	86 KB 0	994ms 349ms	Font font/woff	103.186.0.250 IDNIC-IDCLOUDHOST...
General Check archive.org Show headers Download Go to Full URL https://ups-com-reschedule-package.thenewtradition.net/us_assetz/fonts/Roboto-Italic.woff Requested by Host: ups-com-reschedule-package.thenewtradition.net URL: https://ups-com-reschedule-package.thenewtradition.net/us_assetz/css/ups_005.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.186.0.250 , Indonesia, ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID), Reverse DNS ip103-186-0-250.cloudhost.web.id Software Apache / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ups-com-reschedule-package.thenewtradition.net/us_assetz/css/ups_005.css Origin https://ups-com-reschedule-package.thenewtradition.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 30 Jun 2024 10:02:05 GMT Last-Modified Mon, 27 Jun 2022 22:34:16 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 99428
GET H/1.1	200 OK	favicon.ico ups-com-reschedule-package.thenewtradition.net/us_assetz/img/	2 KB 2 KB	987ms 306ms	Other image/x-icon	103.186.0.250 IDNIC-IDCLOUDHOST...
General Check archive.org Show headers Download Go to Full URL https://ups-com-reschedule-package.thenewtradition.net/us_assetz/img/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.186.0.250 , Indonesia, ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID), Reverse DNS ip103-186-0-250.cloudhost.web.id Software Apache / Resource Hash `9ca2236bb4ec1714e173cecb6bcc95c82e12df204c7d4c87fe4b9f01135efce8` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ups-com-reschedule-package.thenewtradition.net/Details?sslchannel=true&sessionid=24NJLq54xFPPznpQErAJjxq10dh7CCIvmQR8YKugnn1NNJps5AaVzo0fBiZf25JTBGtK0OYWWIaUETHiYKGv3c0AZs2p0B4xbfKPr7Y77SSwJsWao4cnnrMCUvuTtoBH3U Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 30 Jun 2024 10:02:05 GMT Last-Modified Mon, 27 Jun 2022 22:34:16 GMT Server Apache Content-Type image/x-icon Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2238

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UPS (Transportation)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ups-com-reschedule-package.thenewtradition.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 085bf10c264230e24094797522d353ab

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ups-com-reschedule-package.thenewtradition.net/assets/resources/images/social.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ups-com-reschedule-package.thenewtradition.net
103.186.0.250
21035d440edbc1425b5114c3cc967ad9027c5dba7f89ecc3d677ed4f5dfd6dab
2304349fbcf171b2c20205998a4fd8792765a1ba9a9ce02dd16d74f1a33a7418
2b0994395d1265e32bcd41b1a1faaf9d584dab7814646c2224a75b3aee8fbe0e
3f3f9d83bbff6f263d7ed06aeaef733eab089d04942b581d5f2967ff33ccaf8e
4f543ad26c42709ef00a1921f7dd1aa27a1930a354ecb353196665e43dac3706
9ca2236bb4ec1714e173cecb6bcc95c82e12df204c7d4c87fe4b9f01135efce8
a416370f6f98339e7edf9fe2c70a45bf9cfba93c0520921db47d15c27934ba88
b5bdd67f7bc46128b2092d875aaa9833d7f9652ddcc237e9c91ab8d5e6dab6f8
c0c6fa3666308cd53422b2390a847252024465dae30b3a818b0dacede485bdde
c511a38838f14cd23a3e2a7c7c9b7f2864a2a6b9e548053bb71b432a677966e2
c794d0fce9f9f6218cc78289f0380d7bd15baf1d27d2161fc8cff521c6de31d0
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d7c386848e3e41f2e3c8f38613bb8c456a710c2159e20f8466e0b23e0e50015e
d98835978aaf8b44c47da4452bce0189666cc5b751fb2cc914c869241f17d5a6
e6717bd20db32157f0677a42af3c9bf2b5195f9fab23875ad24427089e742103

ups-com-reschedule-package.thenewtradition.net Open in urlscan Pro 103.186.0.250 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

1561 kBTransfer

1680 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

ups-com-reschedule-package.thenewtradition.net Open in urlscan Pro
103.186.0.250 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1561 kB
Transfer

1680 kB
Size

1
Cookies

15 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!