www.teli-tende.com Open in urlscan Pro
209.59.138.165 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/index.php?email=taaane@aa
Effective URL:
https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa
Submission: On February 23 via automatic, source openphish (February 23rd 2021, 1:49:31 am UTC)

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 209.59.138.165, located in United States and belongs to LIQUIDWEB, US. The main domain is www.teli-tende.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 29th 2021. Valid for: 3 months.

This is the only time www.teli-tende.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
10	209.59.138.165 209.59.138.165		32244 (LIQUIDWEB) (LIQUIDWEB)
10	1

10 209.59.138.165 (United States)

ASN32244 (LIQUIDWEB, US)

www.teli-tende.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	teli-tende.com www.teli-tende.com	233 KB
10	1

	Domain	Requested by
10	www.teli-tende.com	www.teli-tende.com
10	1

This site contains no links.

Subject Issuer	Validity	Valid
teli-tende.com cPanel, Inc. Certification Authority	`2021-01-29` - `2021-04-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa
Frame ID: 5E252F255B8499427FB71DFBB03EFD3E
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/index.php?email=taaane@aa Page URL
https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

233 kB
Transfer

230 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/index.php?email=taaane@aa Page URL
https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK index.php
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/ 342 B
1 KB 424ms
141ms Document
text/html 209.59.138.165
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/index.php?email=taaane@aa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.59.138.165 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Host: www.teli-tende.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 01:49:13 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: upgrade-insecure-requests
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: max-age=7776000, enforce
X-Frame-Options: sameorigin
Feature-Policy: accelerometer *; ambient-light-sensor *; autoplay *; battery *; camera *; display-capture *; document-domain *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; layout-animations *; legacy-image-formats *; magnetometer *; microphone *; midi *; oversized-images *; payment *; picture-in-picture *; publickey-credentials *; sync-xhr *; usb *; wake-lock *; notifications *; push *; speaker *; vibrate *;
Cache-Control: max-age=3600
Expires: Tue, 23 Feb 2021 02:49:13 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 236
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Primary Request verify.php Show response
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/ 8 KB
3 KB 141ms
141ms Document
text/html 209.59.138.165
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.59.138.165 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

c53a4259b2a4eadd61634f3bb26201d6181150d85ce733e63ca6bf4b55ccb4f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Host: www.teli-tende.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/index.php?email=taaane@aa
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/index.php?email=taaane@aa

Response headers

Date: Tue, 23 Feb 2021 01:49:13 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: upgrade-insecure-requests
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: max-age=7776000, enforce
X-Frame-Options: sameorigin
Feature-Policy: accelerometer *; ambient-light-sensor *; autoplay *; battery *; camera *; display-capture *; document-domain *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; layout-animations *; legacy-image-formats *; magnetometer *; microphone *; midi *; oversized-images *; payment *; picture-in-picture *; publickey-credentials *; sync-xhr *; usb *; wake-lock *; notifications *; push *; speaker *; vibrate *;
Cache-Control: max-age=3600
Expires: Tue, 23 Feb 2021 02:49:13 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1655
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK logo2.jpg
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/ 4 KB
5 KB 141ms
140ms Image
text/plain 209.59.138.165
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/logo2.jpg

Requested by

Host: www.teli-tende.com
URL: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.59.138.165 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

26933abb67839e269d8fc9d49b5ff722a1f48646776a8bdfb25e572d10996b41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 01:49:13 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 3902
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 22 Feb 2021 11:04:06 GMT
Server: Apache
X-Frame-Options: sameorigin
Expect-CT: max-age=7776000, enforce
Strict-Transport-Security: max-age=31536000
Content-Type: text/plain
Cache-Control: public, must-revalidate, proxy-revalidate
Feature-Policy: accelerometer *; ambient-light-sensor *; autoplay *; battery *; camera *; display-capture *; document-domain *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; layout-animations *; legacy-image-formats *; magnetometer *; microphone *; midi *; oversized-images *; payment *; picture-in-picture *; publickey-credentials *; sync-xhr *; usb *; wake-lock *; notifications *; push *; speaker *; vibrate *;
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Expires: Tue, 23 Feb 2021 02:49:13 GMT

GET
H/1.1 200
OK user.jpg
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/ 882 B
2 KB 411ms
136ms Image
text/plain 209.59.138.165
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/user.jpg

Requested by

Host: www.teli-tende.com
URL: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.59.138.165 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

a01ba8776a34d2e00fb9f265d8d25351b79bd7fcc36a2447aa3b7f5baa705893

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 01:49:13 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 882
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 22 Feb 2021 11:04:06 GMT
Server: Apache
X-Frame-Options: sameorigin
Expect-CT: max-age=7776000, enforce
Strict-Transport-Security: max-age=31536000
Content-Type: text/plain
Cache-Control: public, must-revalidate, proxy-revalidate
Feature-Policy: accelerometer *; ambient-light-sensor *; autoplay *; battery *; camera *; display-capture *; document-domain *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; layout-animations *; legacy-image-formats *; magnetometer *; microphone *; midi *; oversized-images *; payment *; picture-in-picture *; publickey-credentials *; sync-xhr *; usb *; wake-lock *; notifications *; push *; speaker *; vibrate *;
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Expires: Tue, 23 Feb 2021 02:49:13 GMT

GET
H/1.1 200
OK pass.jpg
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/ 870 B
2 KB 412ms
137ms Image
text/plain 209.59.138.165
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/pass.jpg

Requested by

Host: www.teli-tende.com
URL: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.59.138.165 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

e31974b7ac3c5ef44883b43d4c5ede1bbcc30c7067cfd9d1583daea7b936d627

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 01:49:13 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 870
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 22 Feb 2021 11:04:06 GMT
Server: Apache
X-Frame-Options: sameorigin
Expect-CT: max-age=7776000, enforce
Strict-Transport-Security: max-age=31536000
Content-Type: text/plain
Cache-Control: public, must-revalidate, proxy-revalidate
Feature-Policy: accelerometer *; ambient-light-sensor *; autoplay *; battery *; camera *; display-capture *; document-domain *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; layout-animations *; legacy-image-formats *; magnetometer *; microphone *; midi *; oversized-images *; payment *; picture-in-picture *; publickey-credentials *; sync-xhr *; usb *; wake-lock *; notifications *; push *; speaker *; vibrate *;
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Expires: Tue, 23 Feb 2021 02:49:13 GMT

GET
H/1.1 200
OK sidechic.png
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/ 147 KB
148 KB 420ms
139ms Image
text/plain 209.59.138.165
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/sidechic.png

Requested by

Host: www.teli-tende.com
URL: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.59.138.165 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

f5b9fbc426d1cbd5ac333582708411c0c97513f35f69a732bf59f7256d9824d6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 01:49:13 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 150452
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 22 Feb 2021 11:04:06 GMT
Server: Apache
X-Frame-Options: sameorigin
Expect-CT: max-age=7776000, enforce
Strict-Transport-Security: max-age=31536000
Content-Type: text/plain
Cache-Control: public, must-revalidate, proxy-revalidate
Feature-Policy: accelerometer *; ambient-light-sensor *; autoplay *; battery *; camera *; display-capture *; document-domain *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; layout-animations *; legacy-image-formats *; magnetometer *; microphone *; midi *; oversized-images *; payment *; picture-in-picture *; publickey-credentials *; sync-xhr *; usb *; wake-lock *; notifications *; push *; speaker *; vibrate *;
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Expires: Tue, 23 Feb 2021 02:49:13 GMT

GET
H/1.1 200
OK logo.jpg
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/ 443 B
1 KB 425ms
142ms Image
text/plain 209.59.138.165
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/logo.jpg

Requested by

Host: www.teli-tende.com
URL: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.59.138.165 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

2f680b51b19fc3c5befd02bd9d0d4e88c2722a5210157e4ef68933c5ba352109

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 01:49:13 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 443
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 22 Feb 2021 11:04:06 GMT
Server: Apache
X-Frame-Options: sameorigin
Expect-CT: max-age=7776000, enforce
Strict-Transport-Security: max-age=31536000
Content-Type: text/plain
Cache-Control: public, must-revalidate, proxy-revalidate
Feature-Policy: accelerometer *; ambient-light-sensor *; autoplay *; battery *; camera *; display-capture *; document-domain *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; layout-animations *; legacy-image-formats *; magnetometer *; microphone *; midi *; oversized-images *; payment *; picture-in-picture *; publickey-credentials *; sync-xhr *; usb *; wake-lock *; notifications *; push *; speaker *; vibrate *;
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Expires: Tue, 23 Feb 2021 02:49:13 GMT

GET
H/1.1 200
OK appstore.png
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/ 6 KB
7 KB 547ms
136ms Image
text/plain 209.59.138.165
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/appstore.png

Requested by

Host: www.teli-tende.com
URL: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.59.138.165 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

90b309d25fba95636c00eb6ce2b3e73f322f1fa35fc6b607753b451b795162e6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 01:49:14 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 5758
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 22 Feb 2021 11:04:06 GMT
Server: Apache
X-Frame-Options: sameorigin
Expect-CT: max-age=7776000, enforce
Strict-Transport-Security: max-age=31536000
Content-Type: text/plain
Cache-Control: public, must-revalidate, proxy-revalidate
Feature-Policy: accelerometer *; ambient-light-sensor *; autoplay *; battery *; camera *; display-capture *; document-domain *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; layout-animations *; legacy-image-formats *; magnetometer *; microphone *; midi *; oversized-images *; payment *; picture-in-picture *; publickey-credentials *; sync-xhr *; usb *; wake-lock *; notifications *; push *; speaker *; vibrate *;
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Expires: Tue, 23 Feb 2021 02:49:14 GMT

GET
H/1.1 200
OK playstore.jpg
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/ 7 KB
8 KB 386ms
136ms Image
text/plain 209.59.138.165
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/playstore.jpg

Requested by

Host: www.teli-tende.com
URL: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.59.138.165 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

080bd11d5493a718327a84cfc7cfdf43b48d5f9b7081c137394e16f2fb5252dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 01:49:13 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 7090
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 22 Feb 2021 11:04:06 GMT
Server: Apache
X-Frame-Options: sameorigin
Expect-CT: max-age=7776000, enforce
Strict-Transport-Security: max-age=31536000
Content-Type: text/plain
Cache-Control: public, must-revalidate, proxy-revalidate
Feature-Policy: accelerometer *; ambient-light-sensor *; autoplay *; battery *; camera *; display-capture *; document-domain *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; layout-animations *; legacy-image-formats *; magnetometer *; microphone *; midi *; oversized-images *; payment *; picture-in-picture *; publickey-credentials *; sync-xhr *; usb *; wake-lock *; notifications *; push *; speaker *; vibrate *;
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Expires: Tue, 23 Feb 2021 02:49:13 GMT

GET
H/1.1 200
OK aliexpress.png
www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/ 56 KB
57 KB 260ms
140ms Image
text/plain 209.59.138.165
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/webfiles/photos/aliexpress.png

Requested by

Host: www.teli-tende.com
URL: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.59.138.165 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

0eeef82957b8831d86f79b89fbedf1e85006d6a4f4eb4a12a713032f712c1d1a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.teli-tende.com/.tmb/Ca/DHL.13.0.1/source/verify.php?email=taaane@aa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 01:49:13 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 56915
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 22 Feb 2021 11:04:06 GMT
Server: Apache
X-Frame-Options: sameorigin
Expect-CT: max-age=7776000, enforce
Strict-Transport-Security: max-age=31536000
Content-Type: text/plain
Cache-Control: public, must-revalidate, proxy-revalidate
Feature-Policy: accelerometer *; ambient-light-sensor *; autoplay *; battery *; camera *; display-capture *; document-domain *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; layout-animations *; legacy-image-formats *; magnetometer *; microphone *; midi *; oversized-images *; payment *; picture-in-picture *; publickey-credentials *; sync-xhr *; usb *; wake-lock *; notifications *; push *; speaker *; vibrate *;
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=497
Expires: Tue, 23 Feb 2021 02:49:13 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.teli-tende.com
209.59.138.165
080bd11d5493a718327a84cfc7cfdf43b48d5f9b7081c137394e16f2fb5252dc
0eeef82957b8831d86f79b89fbedf1e85006d6a4f4eb4a12a713032f712c1d1a
26933abb67839e269d8fc9d49b5ff722a1f48646776a8bdfb25e572d10996b41
2f680b51b19fc3c5befd02bd9d0d4e88c2722a5210157e4ef68933c5ba352109
90b309d25fba95636c00eb6ce2b3e73f322f1fa35fc6b607753b451b795162e6
a01ba8776a34d2e00fb9f265d8d25351b79bd7fcc36a2447aa3b7f5baa705893
c53a4259b2a4eadd61634f3bb26201d6181150d85ce733e63ca6bf4b55ccb4f1
e31974b7ac3c5ef44883b43d4c5ede1bbcc30c7067cfd9d1583daea7b936d627
f5b9fbc426d1cbd5ac333582708411c0c97513f35f69a732bf59f7256d9824d6

www.teli-tende.com Open in urlscan Pro 209.59.138.165 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

233 kBTransfer

230 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

www.teli-tende.com Open in urlscan Pro
209.59.138.165 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

233 kB
Transfer

230 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!