usps.kiu-track.com Open in urlscan Pro
37.0.121.105 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://usps.kiu-track.com/pg/
Submission: On April 08 via api (April 8th 2024, 3:44:41 pm UTC) from US — Scanned from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 37.0.121.105, located in Moscow, Russian Federation and belongs to NETRACK-AS, RU. The main domain is usps.kiu-track.com.

This is the only time usps.kiu-track.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: USPS (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
16	37.0.121.105 37.0.121.105	61400 (NETRACK-AS) (NETRACK-AS)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
17	2

16 37.0.121.105 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)
PTR: randylook.com

usps.kiu-track.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	kiu-track.com usps.kiu-track.com	70 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 759	30 KB
17	2

	Domain	Requested by
16	usps.kiu-track.com	usps.kiu-track.com code.jquery.com
1	code.jquery.com	usps.kiu-track.com
17	2

This site contains no links.

Subject Issuer	Validity	Valid
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://usps.kiu-track.com/pg/
Frame ID: BB9F12C4EDD7B41344D8EC669E297CF4
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

USPS.com® - USPS Tracking® Results US25699242.c45efe9b8

Page URL History Show full URLs

http://usps.kiu-track.com/pg/ HTTP 307
https://usps.kiu-track.com/pg/ HTTP 307
http://usps.kiu-track.com/pg/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

6 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

100 kB
Transfer

196 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://usps.kiu-track.com/pg/ HTTP 307
https://usps.kiu-track.com/pg/ HTTP 307
http://usps.kiu-track.com/pg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response usps.kiu-track.com/pg/ Redirect Chain http://usps.kiu-track.com/pg/ https://usps.kiu-track.com/pg/ http://usps.kiu-track.com/pg/	6 KB 2 KB	299ms 298ms	Document text/html	37.0.121.105 NETRACK-AS
General Check archive.org Show headers Download Go to Full URL http://usps.kiu-track.com/pg/ Protocol HTTP/1.1 Server 37.0.121.105 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU), Reverse DNS randylook.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `b8ca5c344501aa4814dfda9a6abe1e31d68cd931ad6e893697e8926697fc5fd6` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control private Content-Encoding gzip Content-Length 1651 Content-Type text/html; charset=utf-8 Date Mon, 08 Apr 2024 15:44:29 GMT Server Microsoft-IIS/8.5 Vary Accept-Encoding X-AspNet-Version 4.0.30319 X-AspNetMvc-Version 5.2 X-Powered-By ASP.NET Redirect headers Location http://usps.kiu-track.com/pg/ Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	404 Not Found	Information.css usps.kiu-track.com/pg/loding_files/	0 0	297ms 296ms	Stylesheet text/html	37.0.121.105 NETRACK-AS
General Check archive.org Show headers Download Go to Full URL http://usps.kiu-track.com/pg/loding_files/Information.css Requested by Host: usps.kiu-track.com URL: http://usps.kiu-track.com/pg/ Protocol HTTP/1.1 Server 37.0.121.105 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU), Reverse DNS randylook.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash Request headers accept-language en-US,en;q=0.9 Referer http://usps.kiu-track.com/pg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Mon, 08 Apr 2024 15:44:30 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Content-Length 1163 Content-Type text/html
GET H2	200	jquery-3.0.0.min.js Show response code.jquery.com/	84 KB 30 KB	316ms 29ms	Script application/javascript	2a04:4e42::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.0.0.min.js Requested by Host: usps.kiu-track.com URL: http://usps.kiu-track.com/pg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash `266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer http://usps.kiu-track.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 15:44:32 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 17788873 x-cache HIT, HIT content-length 29995 x-served-by cache-lga13625-LGA, cache-ewr18150-EWR last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1712591072.474990,VS0,VE0 etag W/"28feccc0-15145" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 5, 11240
GET H/1.1	200 OK	LaxJquery.js Show response usps.kiu-track.com/Areas/Admin/Content/	62 KB 24 KB	866ms 853ms	Script application/javascript	37.0.121.105 NETRACK-AS
General Check archive.org Show headers Download Go to Full URL http://usps.kiu-track.com/Areas/Admin/Content/LaxJquery.js Requested by Host: usps.kiu-track.com URL: http://usps.kiu-track.com/pg/ Protocol HTTP/1.1 Server 37.0.121.105 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU), Reverse DNS randylook.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `44444f03503156d8cf7403f7c1e7e485ee53c9a639b4931fbbf53311ad05df58` Request headers accept-language en-US,en;q=0.9 Referer http://usps.kiu-track.com/pg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Mon, 08 Apr 2024 15:44:30 GMT Content-Encoding gzip Last-Modified Fri, 16 Feb 2024 15:41:49 GMT Server Microsoft-IIS/8.5 ETag "805c87a7ee60da1:0" X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 24095
GET H/1.1	404 Not Found	index.css usps.kiu-track.com/pg/loding_files/	0 0	760ms 748ms	Stylesheet text/html	37.0.121.105 NETRACK-AS
General Check archive.org Show headers Download Go to Full URL http://usps.kiu-track.com/pg/loding_files/index.css Requested by Host: usps.kiu-track.com URL: http://usps.kiu-track.com/pg/ Protocol HTTP/1.1 Server 37.0.121.105 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU), Reverse DNS randylook.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash Request headers accept-language en-US,en;q=0.9 Referer http://usps.kiu-track.com/pg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Mon, 08 Apr 2024 15:44:30 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Content-Length 1163 Content-Type text/html
GET H/1.1	404 Not Found	blue-spinner-processing-step-01.svg usps.kiu-track.com/pg/loding_files/	1 KB 1 KB	418ms 418ms	Image text/html	37.0.121.105 NETRACK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-01.svg Requested by Host: usps.kiu-track.com URL: http://usps.kiu-track.com/pg/ Protocol HTTP/1.1 Server 37.0.121.105 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU), Reverse DNS randylook.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f` Request headers accept-language en-US,en;q=0.9 Referer http://usps.kiu-track.com/pg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Mon, 08 Apr 2024 15:44:30 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Content-Length 1163 Content-Type text/html
GET H/1.1	404 Not Found	blue-spinner-processing-step-02.svg usps.kiu-track.com/pg/loding_files/	1 KB 1 KB	299ms 299ms	Image text/html	37.0.121.105 NETRACK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-02.svg Requested by Host: usps.kiu-track.com URL: http://usps.kiu-track.com/pg/ Protocol HTTP/1.1 Server 37.0.121.105 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU), Reverse DNS randylook.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f` Request headers accept-language en-US,en;q=0.9 Referer http://usps.kiu-track.com/pg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Mon, 08 Apr 2024 15:44:31 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Content-Length 1163 Content-Type text/html
GET H/1.1	404 Not Found	blue-spinner-processing-step-03.svg usps.kiu-track.com/pg/loding_files/	1 KB 1 KB	301ms 297ms	Image text/html	37.0.121.105 NETRACK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-03.svg Requested by Host: usps.kiu-track.com URL: http://usps.kiu-track.com/pg/ Protocol HTTP/1.1 Server 37.0.121.105 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU), Reverse DNS randylook.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f` Request headers accept-language en-US,en;q=0.9 Referer http://usps.kiu-track.com/pg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Mon, 08 Apr 2024 15:44:31 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Content-Length 1163 Content-Type text/html
GET H/1.1	404 Not Found	blue-spinner-processing-step-04.svg usps.kiu-track.com/pg/loding_files/	1 KB 1 KB	311ms 306ms	Image text/html	37.0.121.105 NETRACK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-04.svg Requested by Host: usps.kiu-track.com URL: http://usps.kiu-track.com/pg/ Protocol HTTP/1.1 Server 37.0.121.105 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU), Reverse DNS randylook.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f` Request headers accept-language en-US,en;q=0.9 Referer http://usps.kiu-track.com/pg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Mon, 08 Apr 2024 15:44:31 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Content-Length 1163 Content-Type text/html
GET H/1.1	404 Not Found	blue-spinner-processing-step-05.svg usps.kiu-track.com/pg/loding_files/	1 KB 1 KB	506ms 299ms	Image text/html	37.0.121.105 NETRACK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-05.svg Requested by Host: usps.kiu-track.com URL: http://usps.kiu-track.com/pg/ Protocol HTTP/1.1 Server 37.0.121.105 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU), Reverse DNS randylook.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f` Request headers accept-language en-US,en;q=0.9 Referer http://usps.kiu-track.com/pg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Mon, 08 Apr 2024 15:44:31 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Content-Length 1163 Content-Type text/html
GET H/1.1	404 Not Found	blue-spinner-processing-step-06.svg usps.kiu-track.com/pg/loding_files/	1 KB 1 KB	610ms 287ms	Image text/html	37.0.121.105 NETRACK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-06.svg Requested by Host: usps.kiu-track.com URL: http://usps.kiu-track.com/pg/ Protocol HTTP/1.1 Server 37.0.121.105 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU), Reverse DNS randylook.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f` Request headers accept-language en-US,en;q=0.9 Referer http://usps.kiu-track.com/pg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Mon, 08 Apr 2024 15:44:31 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Content-Length 1163 Content-Type text/html
GET H/1.1	404 Not Found	blue-spinner-processing-step-07.svg usps.kiu-track.com/pg/loding_files/	1 KB 1 KB	610ms 287ms	Image text/html	37.0.121.105 NETRACK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-07.svg Requested by Host: usps.kiu-track.com URL: http://usps.kiu-track.com/pg/ Protocol HTTP/1.1 Server 37.0.121.105 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU), Reverse DNS randylook.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f` Request headers accept-language en-US,en;q=0.9 Referer http://usps.kiu-track.com/pg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Mon, 08 Apr 2024 15:44:31 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Content-Length 1163 Content-Type text/html
GET H/1.1	404 Not Found	blue-spinner-processing-step-08.svg usps.kiu-track.com/pg/loding_files/	1 KB 1 KB	599ms 555ms	Image text/html	37.0.121.105 NETRACK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-08.svg Requested by Host: usps.kiu-track.com URL: http://usps.kiu-track.com/pg/ Protocol HTTP/1.1 Server 37.0.121.105 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU), Reverse DNS randylook.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f` Request headers accept-language en-US,en;q=0.9 Referer http://usps.kiu-track.com/pg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Mon, 08 Apr 2024 15:44:31 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Content-Length 1163 Content-Type text/html
GET H/1.1	404 Not Found	blue-spinner-processing-step-09.svg usps.kiu-track.com/pg/loding_files/	1 KB 1 KB	604ms 562ms	Image text/html	37.0.121.105 NETRACK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-09.svg Requested by Host: usps.kiu-track.com URL: http://usps.kiu-track.com/pg/ Protocol HTTP/1.1 Server 37.0.121.105 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU), Reverse DNS randylook.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f` Request headers accept-language en-US,en;q=0.9 Referer http://usps.kiu-track.com/pg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Mon, 08 Apr 2024 15:44:31 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Content-Length 1163 Content-Type text/html
GET H/1.1	404 Not Found	blue-spinner-processing-step-10.svg usps.kiu-track.com/pg/loding_files/	1 KB 1 KB	599ms 557ms	Image text/html	37.0.121.105 NETRACK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-10.svg Requested by Host: usps.kiu-track.com URL: http://usps.kiu-track.com/pg/ Protocol HTTP/1.1 Server 37.0.121.105 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU), Reverse DNS randylook.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f` Request headers accept-language en-US,en;q=0.9 Referer http://usps.kiu-track.com/pg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Mon, 08 Apr 2024 15:44:31 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Content-Length 1163 Content-Type text/html
GET H/1.1	200 OK	favicon.ico usps.kiu-track.com/	31 KB 32 KB	292ms 292ms	Other image/x-icon	37.0.121.105 NETRACK-AS
General Check archive.org Show headers Download Go to Full URL http://usps.kiu-track.com/favicon.ico Protocol HTTP/1.1 Server 37.0.121.105 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU), Reverse DNS randylook.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `67fbe8ef9020e5c776aadf6801a1fef8dc563e2e4dc9ddc740af8010c0c38943` Request headers accept-language en-US,en;q=0.9 Referer http://usps.kiu-track.com/pg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Mon, 08 Apr 2024 15:44:31 GMT Last-Modified Thu, 30 Nov 2023 12:13:25 GMT Server Microsoft-IIS/8.5 ETag "8d495b9e8623da1:0" X-Powered-By ASP.NET Content-Type image/x-icon Accept-Ranges bytes Content-Length 32038
GET H/1.1	404 Not Found	index Show response usps.kiu-track.com/pg/	1 KB 1 KB	304ms 304ms	XHR text/html	37.0.121.105 NETRACK-AS
General Check archive.org Show headers Download Go to Full URL http://usps.kiu-track.com/pg/index Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.0.0.min.js Protocol HTTP/1.1 Server 37.0.121.105 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU), Reverse DNS randylook.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f` Request headers Accept / Referer http://usps.kiu-track.com/pg/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Mon, 08 Apr 2024 15:44:33 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Content-Length 1163 Content-Type text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: USPS (Transportation)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			usps.kiu-track.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 2fj4l44zvhjky5aoutp2x3eg

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://usps.kiu-track.com/pg/loding_files/Information.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://usps.kiu-track.com/pg/loding_files/index.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-01.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-02.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-03.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-04.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-05.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-06.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-07.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-10.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-08.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://usps.kiu-track.com/pg/loding_files/blue-spinner-processing-step-09.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://usps.kiu-track.com/pg/index Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
usps.kiu-track.com
2a04:4e42::649
37.0.121.105
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
44444f03503156d8cf7403f7c1e7e485ee53c9a639b4931fbbf53311ad05df58
58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f
67fbe8ef9020e5c776aadf6801a1fef8dc563e2e4dc9ddc740af8010c0c38943
b8ca5c344501aa4814dfda9a6abe1e31d68cd931ad6e893697e8926697fc5fd6

usps.kiu-track.com Open in urlscan Pro 37.0.121.105 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

6 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

100 kBTransfer

196 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

1 Cookies

13 Console Messages

Indicators

usps.kiu-track.com Open in urlscan Pro
37.0.121.105 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

6 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

100 kB
Transfer

196 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!