www.teli-tende.com
Open in
urlscan Pro
209.59.138.165
Malicious Activity!
Public Scan
Effective URL: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa
Submission: On February 23 via automatic, source openphish
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 29th 2021. Valid for: 3 months.
This is the only time www.teli-tende.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 209.59.138.165 209.59.138.165 | 32244 (LIQUIDWEB) (LIQUIDWEB) | |
10 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
teli-tende.com
www.teli-tende.com |
233 KB |
10 | 1 |
Domain | Requested by | |
---|---|---|
10 | www.teli-tende.com |
www.teli-tende.com
|
10 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
teli-tende.com cPanel, Inc. Certification Authority |
2021-01-29 - 2021-04-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa
Frame ID: 5E252F255B8499427FB71DFBB03EFD3E
Requests: 10 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/index.php?email=taaane@aa Page URL
- https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/index.php?email=taaane@aa Page URL
- https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
index.php
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/ |
342 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
verify.php
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo2.jpg
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/ |
4 KB 5 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
user.jpg
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/ |
882 B 2 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pass.jpg
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/ |
870 B 2 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sidechic.png
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/ |
147 KB 148 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.jpg
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/ |
443 B 1 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
appstore.png
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/ |
6 KB 7 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
playstore.jpg
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/ |
7 KB 8 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aliexpress.png
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/ |
56 KB 57 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.teli-tende.com
209.59.138.165
080bd11d5493a718327a84cfc7cfdf43b48d5f9b7081c137394e16f2fb5252dc
0eeef82957b8831d86f79b89fbedf1e85006d6a4f4eb4a12a713032f712c1d1a
26933abb67839e269d8fc9d49b5ff722a1f48646776a8bdfb25e572d10996b41
2f680b51b19fc3c5befd02bd9d0d4e88c2722a5210157e4ef68933c5ba352109
90b309d25fba95636c00eb6ce2b3e73f322f1fa35fc6b607753b451b795162e6
a01ba8776a34d2e00fb9f265d8d25351b79bd7fcc36a2447aa3b7f5baa705893
c53a4259b2a4eadd61634f3bb26201d6181150d85ce733e63ca6bf4b55ccb4f1
e31974b7ac3c5ef44883b43d4c5ede1bbcc30c7067cfd9d1583daea7b936d627
f5b9fbc426d1cbd5ac333582708411c0c97513f35f69a732bf59f7256d9824d6