dhl.id3004850358304029040902492049.kivacode.com
Open in
urlscan Pro
143.244.138.187
Malicious Activity!
Public Scan
Submission: On April 29 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 29th 2024. Valid for: 3 months.
This is the only time dhl.id3004850358304029040902492049.kivacode.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: EU Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
20 | 143.244.138.187 143.244.138.187 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
5 | 35.244.130.212 35.244.130.212 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
2 | 35.205.43.99 35.205.43.99 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
27 | 4 |
ASN14061 (DIGITALOCEAN-ASN, US)
dhl.id3004850358304029040902492049.kivacode.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 212.130.244.35.bc.googleusercontent.com
res2.weblium.site |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.43.205.35.bc.googleusercontent.com
api.weblium.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
kivacode.com
dhl.id3004850358304029040902492049.kivacode.com |
1 MB |
5 |
weblium.site
res2.weblium.site — Cisco Umbrella Rank: 620672 |
118 KB |
2 |
weblium.com
api.weblium.com — Cisco Umbrella Rank: 445416 |
579 B |
27 | 3 |
Domain | Requested by | |
---|---|---|
20 | dhl.id3004850358304029040902492049.kivacode.com |
dhl.id3004850358304029040902492049.kivacode.com
|
5 | res2.weblium.site |
dhl.id3004850358304029040902492049.kivacode.com
|
2 | api.weblium.com |
dhl.id3004850358304029040902492049.kivacode.com
|
27 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
steunactie.nl |
www.linkedin.com |
docs.google.com |
help-to-ukraine.org |
www.hln.be |
Subject Issuer | Validity | Valid | |
---|---|---|---|
dhl.id3004850358304029040902492049.kivacode.com R3 |
2024-04-29 - 2024-07-28 |
3 months | crt.sh |
res2.weblium.site GTS CA 1D4 |
2024-03-16 - 2024-06-14 |
3 months | crt.sh |
*.weblium.com R3 |
2024-03-24 - 2024-06-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://dhl.id3004850358304029040902492049.kivacode.com/
Frame ID: DC24B2C00E80B876CDC35C3CADA71302
Requests: 32 HTTP requests in this frame
13 Outgoing links
These are links going to different origins than the main page.
Title: Want to Donate
Search URL Search Domain Scan URL
Title: Antoon Praet
Search URL Search Domain Scan URL
Title: Ivan Sabbe
Search URL Search Domain Scan URL
Title: Steunactie.nl
Search URL Search Domain Scan URL
Title: View table
Search URL Search Domain Scan URL
Title: View report
Search URL Search Domain Scan URL
Title: Document for refugees
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Who we are
Search URL Search Domain Scan URL
Title: What we do
Search URL Search Domain Scan URL
Title: Get involved
Search URL Search Domain Scan URL
Title: Contacts
Search URL Search Domain Scan URL
Title: Press
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
dhl.id3004850358304029040902492049.kivacode.com/ |
451 KB 62 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
google-fonts-5bb75d14564d36002605c7b6.css
dhl.id3004850358304029040902492049.kivacode.com/css/ |
163 KB 121 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core-theme-5bb75d14564d36002605c7b6.css
dhl.id3004850358304029040902492049.kivacode.com/css/ |
203 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
dhl.id3004850358304029040902492049.kivacode.com/css/ |
177 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ssr.css
dhl.id3004850358304029040902492049.kivacode.com/css/ |
28 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
view-5bb75d14564d36002605c7b6.js
dhl.id3004850358304029040902492049.kivacode.com/css/ |
19 B 282 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
dhl.id3004850358304029040902492049.kivacode.com/css/ |
399 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
view.js
dhl.id3004850358304029040902492049.kivacode.com/css/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
slider.js
dhl.id3004850358304029040902492049.kivacode.com/css/ |
183 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
react-dom.js
dhl.id3004850358304029040902492049.kivacode.com/css/ |
120 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
legacy.js
dhl.id3004850358304029040902492049.kivacode.com/css/ |
2 MB 515 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendorscontact-form-chunk.js
dhl.id3004850358304029040902492049.kivacode.com/css/ |
265 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
contact-form-chunk.css
dhl.id3004850358304029040902492049.kivacode.com/css/ |
27 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
contact-form-chunk.js
dhl.id3004850358304029040902492049.kivacode.com/css/ |
60 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
initial.js
dhl.id3004850358304029040902492049.kivacode.com/css/ |
95 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
page-5bb75d14564d36002605c7b6.js
dhl.id3004850358304029040902492049.kivacode.com/css/ |
155 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6223349bb7b937002202cf4c_optimized.png
dhl.id3004850358304029040902492049.kivacode.com/css/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
62583ac760259e0022b7d288_optimized_1286_c1286x779-0x0.jpg
dhl.id3004850358304029040902492049.kivacode.com/css/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.js
dhl.id3004850358304029040902492049.kivacode.com/css/ |
90 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site-stat.js
dhl.id3004850358304029040902492049.kivacode.com/css/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
622338740f85370023ee35c6_optimized_1920.webp
res2.weblium.site/res/5d70ac45c917a00023aad765/ |
65 KB 65 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 8 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
12 KB 12 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 9 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
44 B 44 B |
Other
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
save
api.weblium.com/api/website/session/ |
68 B 579 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
save
api.weblium.com/api/website/session/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
62237f49a1b4b600226ebc55_optimized
res2.weblium.site/res/5d70ac45c917a00023aad765/ |
675 B 987 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
62237f49a1b4b600226ebc55_optimized
res2.weblium.site/res/5d70ac45c917a00023aad765/ |
675 B 0 |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
initial.js
res2.weblium.site/site/62583d47874bf900236db362/ |
95 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
page-5bb75d14564d36002605c7b6.js
res2.weblium.site/site/62583d47874bf900236db362/ |
155 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: EU Government (Government)67 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| pathname undefined| preload_polyfill function| preload_polyfill_invoke object| swPromise function| registerAdata function| getAdata function| __set_style__ function| __require_style__ function| blockJsonp function| __require_block__ function| viewJsonp function| __require_view__ object| invokePreload object| __views object| webpackJsonp object| __INITIAL_STATE__ boolean| isRelative string| WEBLIUM_DOMAIN string| STRUCTURE_DOMAIN string| siteUrl string| mode string| pageId object| loadedPages object| scripts object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Dict function| delay function| _ function| __script object| webpackManifest string| slugId string| bucketUrl string| safeStaticDomain string| websiteId string| renderId function| initialLoading object| pageApps object| appsComponents object| apps object| popupsInfo string| API_URL object| appsContent object| regeneratorRuntime object| React function| __webpack_require__ function| MediaPlaceholder function| objectFitImages object| rollbar function| initLegacy object| browserHistory function| loadReactDOM object| memoStorage function| registerAppComponentInitializer function| preloadPopup function| showPopup function| closePopup object| wlStat object| popupsMap boolean| legacyIniting function| hydrateBlock0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.weblium.com
dhl.id3004850358304029040902492049.kivacode.com
res2.weblium.site
143.244.138.187
35.205.43.99
35.244.130.212
0313b568e3ebde272bddfafec1a0984b8c99723798d5100a056ea8c5476644d8
1829c7305de4ec8288ff85299fb73185704776d79ea8e1b3772c592b45e0a5cc
187435d32f749a971aff67b7e004deaa4f91df2af1611da7dd3a793566e09a37
1af81fbc3e62ebe83bc0ccc55a533a26562853bf1470a52e89982283964033e5
23afebe5c23ab17dbd56f899fe47052705ef73889551c8f64c355ee94e94a0a7
251ca9e28f5bd226a5fe83b7b17f2ca3c0d43c68c75db78c1d2899daa5d10356
2de46054e8b2ff723c4ead3f3455cbb616dba3f67719f4fcb6dcf5088cdb9953
31079a702f9a0fd6f91a9b8257c3a4f5b414f75344493aebad298518f7ab8ebc
3aa206fcc95c8d9e3f1986af69eb66655cfd103effe70d05fa2cdd6217212e95
52734ffc9ed5c328ac20a2b1bd1177ade6dd2a4279d2445547fffdd5d1f5e2c4
5ac589704dd368b0f850c85d2d5520c98a789805ece7fe30d0959b82da3a4d0a
67b03b4f1434f091bb27e04bd0a36c15bd3b13360a8da64a8cd1454066342d26
73008aa40e5903cd5025f8c6cfda7b8e50f19cd6484c09e7f86769994624a8b0
75a101a7c3214c232948e4251501543cb799110b868d79c0d5e820add0de292d
7a11f63d869633a397a614242ea79ae1ceb2554dfac838aeb7a8efe65eef1f92
7d0b66b37ca3971d9a388ec2d67f60ded0e6672eb87934927ea4a5c03c512129
8ad39006ff4e157eb1f37acc5eca4683cd4869ec4c7ece90c5d6698709a8ce9a
9909f36942a284fa197cea882732a28bc5f0f029df7fdfa2544afa529fdef409
a2df170bd0114059539550e5e3b9ba6113a376e6acfb35b82259b119cb14f91c
b19e26e8b34ed311747e843b9472ddbddf11ebd1eeb738eb0748ae875ad6f1f5
da01206f08c529026039fec5e08532d903b3412ae65299989eb618e0ff9315b5
dd1dba2a7b39d04d4044db119ab83c0d7f3ad1fa77e22a8dbe083e8d07a8977b
dfcb7c0600cf0414955d8738ea6d01c84c8a8d0c73c005369ce0231b33c85119
f3e02fcbc3e663093ab86a07f6bbaed2f64b6eb62a811c32a4edc21c519044f6
f40329563564231f617f2b50b9eef50bdffde2f8ee3715d5951581d66b18ce66
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f8c6a9744c942098e26d11443c582c349a725144ce357f47d99d737d875e504f
f9350b1319b20ff358c9b8aad6347aa88c620901ea9a36f7c86559c8ac8882ca
fe1f61cd20c3f3246babd891612591164f8c06763356534aa4c8cc2e4010ff3e