0/100

low Risk

track-a-package.net

https://track-a-package.net/en/asset.php

158.94.208.174 · Omegatech LTD

Location

Frankfurt am Main, Germany

Domain Age

17 days

HTTP

404 · 11.3s

SSL

Valid· R13, Let's Encrypt, US

Status

COMPLETED

Visual Evidence

Zoom

Title: "404 Not Found"

Save

Linked Phishing Report

This scan is attached to a vendor submission report

Brand

Unknown

Vendors

29/31

Status

partial

✓ isitphish✓ sophos✓ bitdefender✗ threatyeti✓ norton✓ avg✓ eset✓ avast✓ yandex✓ drweb✓ brightcloud✓ chainpatrol✓ microsoft✓ polyswarm✓ apple✓ urlquery✓ netcraft✓ spamhaus✓ phishreport✓ urlscan✓ openphish✓ cisa✓ emsisoft✓ apwg✓ phishtank✗ urlabuse✓ virustotal✓ kaspersky✓ mcafee✓ google✓ fortiguard

KB/IOK Matches (0)—

No KB/IOK detections were recorded for this scan.

track-a-package.net

Unknown

technology | other · 4/15/2026

Summary

The page at track-a-package.net/en/asset.php returns a 404 Not Found with minimal HTML. The domain is newly registered (17 days) and hosts a free Let's Encrypt certificate. The screenshot attached shows a generic 404 page with no branding, logos, or impersonated brand visible in the static HTML. There is no evident credential collection or spoofed login UI in the static content. Based on the available evidence, there is no clear phishing or impersonation signal from the page itself; however, the combination of a newly registered domain and a 404 page means the site could be in early setup or could be hosting something later. The risk score is elevated due to the domain age and the presence of a publicly accessible asset path that yielded 404, but there is insufficient evidence of credential theft or impersonation at this moment.

Evidence Summary

▸Observed 2 capture stage(s); canonical stage is settled_render.

Capture

Stages: 2

Canonical: Settled Render

Changed: No

Credential Signals

Forms: 0

Password fields: 0

Late-stage login UI: No

Resource Signals

Resources: 1

Hosts: 1

Domains: 1

Attack Techniques (0)

Indicators of Compromise (1)

▸No branding, logos, or impersonation visible in HTML source

Risk AssessmentUsed in abuse reports

The scan did not confirm active phishing or credential harvesting on this page. The domain is very new and currently presents a generic 404 page with no brand impersonation signals. The presence of a Let's Encrypt certificate on a new domain is notable but not itself suspicious. Recommend monitoring the domain for future content or branding; if later pages attempt to clone a known brand or request credentials, escalate. Given the lack of first-party branding or impersonation indicators, the current risk is low for phishing on this specific page, but the domain age suggests potential for future misuse.

Recommended Action

Monitor

Cross-Reference9

URL Intelligence