seguimiento.com.es Open in urlscan Pro
159.69.159.67 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.seguimiento.com.es/
Effective URL:
https://seguimiento.com.es/
Submission: On August 30 via automatic, source certstream-suspicious (August 30th 2024, 8:36:08 am UTC) — Scanned from ES

Summary HTTP 23 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 23 HTTP transactions. The main IP is 159.69.159.67, located in Nuremberg, Germany and belongs to HETZNER-AS, DE. The main domain is seguimiento.com.es.
TLS certificate: Issued by R11 on August 30th 2024. Valid for: 3 months.

This is the only time seguimiento.com.es was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 19	159.69.159.67 159.69.159.67	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
23	5

19 159.69.159.67 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.67.159.69.159.clients.your-server.de

www.seguimiento.com.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
seguimiento.com.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	seguimiento.com.es 1 redirects www.seguimiento.com.es seguimiento.com.es	206 KB
2	gstatic.com fonts.gstatic.com	54 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	103 KB
23	5

	Domain	Requested by
18	seguimiento.com.es	seguimiento.com.es
2	fonts.gstatic.com	fonts.googleapis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	seguimiento.com.es
1	www.googletagmanager.com	seguimiento.com.es
1	www.seguimiento.com.es	1 redirects
23	6

This site contains links to these domains. Also see Links.

Domain
a.aliexpress.com
play.google.com

Subject Issuer	Validity	Valid
seguimiento.com.es R11	`2024-08-30` - `2024-11-28`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://seguimiento.com.es/
Frame ID: 7E139B1C5C5D86891DE434226D920E69
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Seguimiento de paquetes y envíos postales en Español 🇪🇸

Page URL History Show full URLs

https://www.seguimiento.com.es/ HTTP 301
https://seguimiento.com.es/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
<link[^>]* href=[^>]*kit\-pro\.fontawesome\.com/releases/v([0-9.]+)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

23
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

363 kB
Transfer

852 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://a.aliexpress.com/_DF3bXo5?dp=homepl&cn=vids
Title: Códigos promocionales de AliExpress

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.vidstezhyty.app&referrer=utm_source%3Dposylka_site%26utm_medium%3Dfooter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.seguimiento.com.es/ HTTP 301
https://seguimiento.com.es/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
seguimiento.com.es/
Redirect Chain

https://www.seguimiento.com.es/
https://seguimiento.com.es/

39 KB
9 KB

93ms
77ms

Document
text/html

159.69.159.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seguimiento.com.es/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.67 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.159.69.159.clients.your-server.de
Software: nginx / Express
Resource Hash: 73d74bdcd3b6c0e320df4c233d49fcb864eb8514ca4061f61c2e84256704438c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 30 Aug 2024 08:36:02 GMT
etag: W/"9b21-191a26d6105"
last-modified: Fri, 30 Aug 2024 08:36:02 GMT
server: nginx
vary: Accept-Encoding
x-cache: MISS
x-powered-by: Express

Redirect headers

content-length: 162
content-type: text/html
date: Fri, 30 Aug 2024 08:36:02 GMT
location: https://seguimiento.com.es/
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 bootstrap-5.0.min.css
seguimiento.com.es/css/ 144 KB
19 KB 69ms
67ms Stylesheet
text/css 159.69.159.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seguimiento.com.es/css/bootstrap-5.0.min.css
Requested by: Host: seguimiento.com.es
URL: https://seguimiento.com.es/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.67 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.159.69.159.clients.your-server.de
Software: nginx / Express
Resource Hash: 40d2440d77b247e2e87a54b155175ce38f37cc8037d5de9138abab50047ae9bf

Request headers

Referer: https://seguimiento.com.es/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: br
last-modified: Sun, 07 Aug 2022 15:46:05 GMT
server: nginx
x-powered-by: Express
etag: W/"23fb6-18278fc2046"
vary: Accept-Encoding
x-cache: MISS
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0

GET
H2 200 fa-solid-900.woff2
seguimiento.com.es/fonts/ 120 KB
120 KB 128ms
127ms Font
font/woff2 159.69.159.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seguimiento.com.es/fonts/fa-solid-900.woff2
Requested by: Host: seguimiento.com.es
URL: https://seguimiento.com.es/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.67 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.159.69.159.clients.your-server.de
Software: nginx / Express
Resource Hash: d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37

Request headers

Referer: https://seguimiento.com.es/
Origin: https://seguimiento.com.es
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: br
last-modified: Tue, 02 Aug 2022 08:46:17 GMT
server: nginx
x-powered-by: Express
etag: W/"1e07c-1825dbbfdd8"
vary: Accept-Encoding
x-cache: MISS
content-type: font/woff2
cache-control: public, max-age=0

GET
H2 200 main.css
seguimiento.com.es/css/ 55 KB
11 KB 70ms
69ms Stylesheet
text/css 159.69.159.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seguimiento.com.es/css/main.css
Requested by: Host: seguimiento.com.es
URL: https://seguimiento.com.es/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.67 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.159.69.159.clients.your-server.de
Software: nginx / Express
Resource Hash: dd48bf745587a66e6b75e3cbb9e6ffe03d153c6547c53217d1dface201019795

Request headers

Referer: https://seguimiento.com.es/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: br
last-modified: Tue, 14 May 2024 09:52:46 GMT
server: nginx
x-powered-by: Express
etag: W/"db5c-18f7684cf72"
vary: Accept-Encoding
x-cache: MISS
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
103 KB 221ms
82ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NS5NGKPFM6

Requested by

Host: seguimiento.com.es
URL: https://seguimiento.com.es/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92096cff7b0b46e8bc668a3ad4d22d93d3424a0255a4c77fca82760ccafb8cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://seguimiento.com.es/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104800
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 30 Aug 2024 08:36:03 GMT

GET
H2 200 logo-es.svg
seguimiento.com.es/img/ 1 KB
808 B 66ms
65ms Image
image/svg+xml 159.69.159.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seguimiento.com.es/img/logo-es.svg
Requested by: Host: seguimiento.com.es
URL: https://seguimiento.com.es/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.67 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.159.69.159.clients.your-server.de
Software: nginx / Express
Resource Hash: f39ef602f613e8468ff841831cba9830e270767660b16d8edc8bd6eab40fbed8

Request headers

Referer: https://seguimiento.com.es/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: br
last-modified: Sat, 16 Dec 2023 15:54:06 GMT
server: nginx
x-powered-by: Express
etag: W/"4f3-18c7355b8b6"
vary: Accept-Encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: public, max-age=0

GET
H2 200 bootstrap.5.0.min.js Show response
seguimiento.com.es/js/ 62 KB
15 KB 188ms
187ms Script
application/javascript 159.69.159.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seguimiento.com.es/js/bootstrap.5.0.min.js
Requested by: Host: seguimiento.com.es
URL: https://seguimiento.com.es/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.67 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.159.69.159.clients.your-server.de
Software: nginx / Express
Resource Hash: fc5433234409795949abce6463f3a00dba086f128fe94dae7541a7f46214f5c8

Request headers

Referer: https://seguimiento.com.es/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: br
last-modified: Sat, 07 May 2022 19:32:05 GMT
server: nginx
x-powered-by: Express
etag: W/"f6de-180a001f9c2"
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0

GET
H2 200 main.js Show response
seguimiento.com.es/js/ 1 KB
690 B 188ms
188ms Script
application/javascript 159.69.159.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seguimiento.com.es/js/main.js
Requested by: Host: seguimiento.com.es
URL: https://seguimiento.com.es/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.67 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.159.69.159.clients.your-server.de
Software: nginx / Express
Resource Hash: a37249deaed418a8a18fb4e581e888575ba8542d8b6c155b2ff0e2240fccdb79

Request headers

Referer: https://seguimiento.com.es/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: br
last-modified: Wed, 18 Oct 2023 11:46:04 GMT
server: nginx
x-powered-by: Express
etag: W/"5b7-18b429b6d4f"
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0

GET
H2 200 tracking.js Show response
seguimiento.com.es/js/ 18 KB
5 KB 69ms
62ms Script
application/javascript 159.69.159.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seguimiento.com.es/js/tracking.js
Requested by: Host: seguimiento.com.es
URL: https://seguimiento.com.es/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.67 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.159.69.159.clients.your-server.de
Software: nginx / Express
Resource Hash: 268b216e681868e6594ee3b414bfd57d66e87041acb0857392b29aaef8fee011

Request headers

Referer: https://seguimiento.com.es/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: br
last-modified: Tue, 14 May 2024 09:52:49 GMT
server: nginx
x-powered-by: Express
etag: W/"4917-18f7684dc25"
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 230ms
79ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800;900&display=swap

Requested by

Host: seguimiento.com.es
URL: https://seguimiento.com.es/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d8816373e79b36a73f742630f33911aad150caf5d4c473ebe3379a02a42a72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://seguimiento.com.es/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 30 Aug 2024 07:52:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Aug 2024 08:36:03 GMT

GET
H2 200 bg-main.svg
seguimiento.com.es/img/vectors/ 3 KB
2 KB 70ms
66ms Image
image/svg+xml 159.69.159.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seguimiento.com.es/img/vectors/bg-main.svg
Requested by: Host: seguimiento.com.es
URL: https://seguimiento.com.es/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.67 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.159.69.159.clients.your-server.de
Software: nginx / Express
Resource Hash: 03efa73626339c00ca7d657b1af320e6fc989844b4f209e570886be451065756

Request headers

Referer: https://seguimiento.com.es/css/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: br
last-modified: Sat, 16 Dec 2023 15:35:45 GMT
server: nginx
x-powered-by: Express
etag: W/"d86-18c7344ebed"
vary: Accept-Encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: public, max-age=0

GET
H2 200 title-shape.svg
seguimiento.com.es/img/vectors/ 260 B
346 B 72ms
69ms Image
image/svg+xml 159.69.159.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seguimiento.com.es/img/vectors/title-shape.svg
Requested by: Host: seguimiento.com.es
URL: https://seguimiento.com.es/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.67 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.159.69.159.clients.your-server.de
Software: nginx / Express
Resource Hash: cbe529bcba21a5db14f129c8134e4ce521995e50ae6bc6cc3b6cb0ae57c3303d

Request headers

Referer: https://seguimiento.com.es/css/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: br
last-modified: Tue, 11 Jul 2023 07:10:05 GMT
server: nginx
x-powered-by: Express
etag: W/"104-18943c93053"
vary: Accept-Encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: public, max-age=0

GET
H2 200 app-android-uk.svg
seguimiento.com.es/img/vectors/ 6 KB
2 KB 72ms
70ms Image
image/svg+xml 159.69.159.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seguimiento.com.es/img/vectors/app-android-uk.svg
Requested by: Host: seguimiento.com.es
URL: https://seguimiento.com.es/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.67 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.159.69.159.clients.your-server.de
Software: nginx / Express
Resource Hash: 41ded29cae08f391c38a8c2af3d416d70186ed624fff00284c60e844843e878e

Request headers

Referer: https://seguimiento.com.es/css/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: br
last-modified: Mon, 07 Aug 2023 11:28:20 GMT
server: nginx
x-powered-by: Express
etag: W/"1900-189cfc15043"
vary: Accept-Encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: public, max-age=0

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 244ms
115ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://seguimiento.com.es
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 17:57:14 GMT
x-content-type-options: nosniff
age: 52729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Aug 2025 17:57:14 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 21 KB
21 KB 189ms
61ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://seguimiento.com.es
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 18:08:00 GMT
x-content-type-options: nosniff
age: 52083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:43:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Aug 2025 18:08:00 GMT

GET
H2 200 correos.svg
seguimiento.com.es/img/couriers/ 3 KB
1 KB 60ms
60ms Image
image/svg+xml 159.69.159.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seguimiento.com.es/img/couriers/correos.svg
Requested by: Host: seguimiento.com.es
URL: https://seguimiento.com.es/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.67 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.159.69.159.clients.your-server.de
Software: nginx / Express
Resource Hash: 9ca4b4430d80704711911dfc8604b4c12f6697c462cdfa1a52c0ed47c09f99da

Request headers

Referer: https://seguimiento.com.es/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: br
last-modified: Sat, 16 Dec 2023 18:23:39 GMT
server: nginx
x-powered-by: Express
etag: W/"d50-18c73dea267"
vary: Accept-Encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: public, max-age=0

GET
H2 200 seur.svg
seguimiento.com.es/img/couriers/ 1 KB
817 B 61ms
59ms Image
image/svg+xml 159.69.159.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seguimiento.com.es/img/couriers/seur.svg
Requested by: Host: seguimiento.com.es
URL: https://seguimiento.com.es/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.67 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.159.69.159.clients.your-server.de
Software: nginx / Express
Resource Hash: 439fe98a1c76643f2ec473b6c9eed158015531c5e189b1e247bac3f7e48fc252

Request headers

Referer: https://seguimiento.com.es/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: br
last-modified: Sat, 16 Dec 2023 20:16:42 GMT
server: nginx
x-powered-by: Express
etag: W/"4cc-18c744620ce"
vary: Accept-Encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: public, max-age=0

GET
H2 200 gls.svg
seguimiento.com.es/img/couriers/ 1 KB
784 B 61ms
61ms Image
image/svg+xml 159.69.159.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seguimiento.com.es/img/couriers/gls.svg
Requested by: Host: seguimiento.com.es
URL: https://seguimiento.com.es/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.67 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.159.69.159.clients.your-server.de
Software: nginx / Express
Resource Hash: 60f74f533516f95ea7fbf3f99995baa25402ef09468d0b859d6905eb23711ff9

Request headers

Referer: https://seguimiento.com.es/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: br
last-modified: Sat, 07 May 2022 10:45:44 GMT
server: nginx
x-powered-by: Express
etag: W/"47b-1809e201684"
vary: Accept-Encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: public, max-age=0

GET
H2 200 dhl-express.svg
seguimiento.com.es/img/couriers/ 1 KB
734 B 60ms
59ms Image
image/svg+xml 159.69.159.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seguimiento.com.es/img/couriers/dhl-express.svg
Requested by: Host: seguimiento.com.es
URL: https://seguimiento.com.es/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.67 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.159.69.159.clients.your-server.de
Software: nginx / Express
Resource Hash: 386a0486e50aeb2e12ea21fcb15c785b93d83fa2739e425d834a389038578eab

Request headers

Referer: https://seguimiento.com.es/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: br
last-modified: Sat, 07 May 2022 10:45:46 GMT
server: nginx
x-powered-by: Express
etag: W/"416-1809e201e23"
vary: Accept-Encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: public, max-age=0

GET
H2 200 mrw.svg
seguimiento.com.es/img/couriers/ 2 KB
1 KB 60ms
60ms Image
image/svg+xml 159.69.159.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seguimiento.com.es/img/couriers/mrw.svg
Requested by: Host: seguimiento.com.es
URL: https://seguimiento.com.es/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.67 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.159.69.159.clients.your-server.de
Software: nginx / Express
Resource Hash: f289af4020fca4e369b1af4c7a7e7fc2ca4cc6ca353a3a3989d06c64ef67d690

Request headers

Referer: https://seguimiento.com.es/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: br
last-modified: Sat, 16 Dec 2023 20:18:22 GMT
server: nginx
x-powered-by: Express
etag: W/"70c-18c7447a75d"
vary: Accept-Encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: public, max-age=0

GET
H2 200 ctt-express.svg
seguimiento.com.es/img/couriers/ 5 KB
2 KB 65ms
64ms Image
image/svg+xml 159.69.159.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seguimiento.com.es/img/couriers/ctt-express.svg
Requested by: Host: seguimiento.com.es
URL: https://seguimiento.com.es/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.67 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.159.69.159.clients.your-server.de
Software: nginx / Express
Resource Hash: d7e5ded837197887b548282341a81633e39e05df096efe37799a47289deb0638

Request headers

Referer: https://seguimiento.com.es/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: br
last-modified: Sat, 16 Dec 2023 18:23:09 GMT
server: nginx
x-powered-by: Express
etag: W/"1274-18c73de2e26"
vary: Accept-Encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: public, max-age=0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 149ms
57ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NS5NGKPFM6&gtm=45je48s0v9174192117za200&_p=1725006963300&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529666&cid=1800962316.1725006964&ul=es-es&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725006963&sct=1&seg=0&dl=https%3A%2F%2Fseguimiento.com.es%2F&dt=Seguimiento%20de%20paquetes%20y%20env%C3%ADos%20postales%20en%20Espa%C3%B1ol%20%F0%9F%87%AA%F0%9F%87%B8&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1057
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NS5NGKPFM6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://seguimiento.com.es/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 08:36:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://seguimiento.com.es
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icon-72x72.png
seguimiento.com.es/img/icons/ 15 KB
14 KB 61ms
61ms Other
image/png 159.69.159.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seguimiento.com.es/img/icons/icon-72x72.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.67 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.67.159.69.159.clients.your-server.de
Software: nginx / Express
Resource Hash: c5cbcc99b3b7bbb8fcc89549e999193fdbd8a101cc5c14c2c0ff8ce5b30579de

Request headers

Referer: https://seguimiento.com.es/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:36:03 GMT
content-encoding: br
last-modified: Sat, 16 Dec 2023 16:35:33 GMT
server: nginx
x-powered-by: Express
etag: W/"3b10-18c737ba827"
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: public, max-age=0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.seguimiento.com.es/	1970-01-21 08:46:06	Name: _ga_NS5NGKPFM6 Value: GS1.1.1725006963.1.0.1725006963.0.0.0
			.seguimiento.com.es/	1970-01-21 08:46:06	Name: _ga Value: GA1.1.1800962316.1725006964

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
seguimiento.com.es
www.googletagmanager.com
www.seguimiento.com.es
159.69.159.67
2001:4860:4802:34::36
2a00:1450:4001:80e::200a
2a00:1450:4001:81c::2008
2a00:1450:4001:828::2003
03efa73626339c00ca7d657b1af320e6fc989844b4f209e570886be451065756
268b216e681868e6594ee3b414bfd57d66e87041acb0857392b29aaef8fee011
386a0486e50aeb2e12ea21fcb15c785b93d83fa2739e425d834a389038578eab
3d8816373e79b36a73f742630f33911aad150caf5d4c473ebe3379a02a42a72b
40d2440d77b247e2e87a54b155175ce38f37cc8037d5de9138abab50047ae9bf
41ded29cae08f391c38a8c2af3d416d70186ed624fff00284c60e844843e878e
439fe98a1c76643f2ec473b6c9eed158015531c5e189b1e247bac3f7e48fc252
60f74f533516f95ea7fbf3f99995baa25402ef09468d0b859d6905eb23711ff9
637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758
73d74bdcd3b6c0e320df4c233d49fcb864eb8514ca4061f61c2e84256704438c
92096cff7b0b46e8bc668a3ad4d22d93d3424a0255a4c77fca82760ccafb8cf9
9ca4b4430d80704711911dfc8604b4c12f6697c462cdfa1a52c0ed47c09f99da
a37249deaed418a8a18fb4e581e888575ba8542d8b6c155b2ff0e2240fccdb79
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c5cbcc99b3b7bbb8fcc89549e999193fdbd8a101cc5c14c2c0ff8ce5b30579de
cbe529bcba21a5db14f129c8134e4ce521995e50ae6bc6cc3b6cb0ae57c3303d
d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37
d7e5ded837197887b548282341a81633e39e05df096efe37799a47289deb0638
dd48bf745587a66e6b75e3cbb9e6ffe03d153c6547c53217d1dface201019795
f289af4020fca4e369b1af4c7a7e7fc2ca4cc6ca353a3a3989d06c64ef67d690
f39ef602f613e8468ff841831cba9830e270767660b16d8edc8bd6eab40fbed8
fc5433234409795949abce6463f3a00dba086f128fe94dae7541a7f46214f5c8

seguimiento.com.es Open in urlscan Pro 159.69.159.67 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

80 %IPv6

5 Domains

6 Subdomains

5 IPs

2 Countries

363 kBTransfer

852 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

32 JavaScript Global Variables

2 Cookies

Indicators

seguimiento.com.es Open in urlscan Pro
159.69.159.67 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

363 kB
Transfer

852 kB
Size

2
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!