webaccess.duckdns.org Open in urlscan Pro
89.47.165.229  Malicious Activity! Public Scan

URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.a...
Submission Tags: @ipnigh
Submission: On August 23 via api from GB

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 39 HTTP transactions. The main IP is 89.47.165.229, located in Lithuania and belongs to RACKRAY UAB Rakrejus, LT. The main domain is webaccess.duckdns.org.
This is the only time webaccess.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

IP Address AS Autonomous System
23 89.47.165.229 62282 (RACKRAY U...)
1 2606:2800:234... 15133 (EDGECAST)
1 23.5.106.24 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
39 5
Domain Requested by
23 webaccess.duckdns.org webaccess.duckdns.org
2 www.google-analytics.com webaccess.duckdns.org
1 www.mydhl.dhl.com webaccess.duckdns.org
1 fast.fonts.net webaccess.duckdns.org
39 4

This site contains no links.

Subject Issuer Validity Valid

1970-01-01 -
1970-01-01
a few seconds crt.sh
www.mydhl.dhl.com
DigiCert SHA2 Secure Server CA
2018-08-01 -
2020-01-30
a year crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months crt.sh

This page contains 8 frames:

Primary Page: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Frame ID: 7DC9F90A12BD93B86ADAF4B30B6DC62A
Requests: 32 HTTP requests in this frame

Frame: http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: 3B556DD88912251C46CB66F9995F8404
Requests: 1 HTTP requests in this frame

Frame: http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: 7AFC65175EB91CD17BDCD7AD7A1ABF1B
Requests: 1 HTTP requests in this frame

Frame: http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: 83B2432731268301933CC88F8449EC11
Requests: 1 HTTP requests in this frame

Frame: http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: 3DF073001C2816B12368B9D4BF03C2E2
Requests: 1 HTTP requests in this frame

Frame: http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: EC5032BAC94A4EBFF08FCC72FE0A1594
Requests: 1 HTTP requests in this frame

Frame: http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: 700A6EE1C457A1DDADF5937D9BAA0140
Requests: 1 HTTP requests in this frame

Frame: http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: A5AFB9F8C96F254C7CB461D685C52BF0
Requests: 4 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

39
Requests

8 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

4
Countries

555 kB
Transfer

585 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 33
  • http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=628787340&utmhn=webaccess.duckdns.org&utme=8(accountStatus*countrySelectedByUser)9((attribute%20undefined%271*(attribute%20undefined%271)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=DHL%20%7C%20Global%20%7C%20English&utmhid=889699346&utmr=-&utmp=smep_portal_page_login%2FShippingOptionsQueryController%2Fcom%2Fdhl%2Fsmep%2Fportlets%2FshippingOptionsQuery%2FenterShippingData.jsp&utmht=1566570787271&utmac=UA-37191247-1&utmcc=__utma%3D185562287.1577410143.1566570787.1566570787.1566570787.1%3B%2B__utmz%3D185562287.1566570787.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmu=qxSAAAAIAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=628787340&utmhn=webaccess.duckdns.org&utme=8(accountStatus*countrySelectedByUser)9((attribute%20undefined%271*(attribute%20undefined%271)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=DHL%20%7C%20Global%20%7C%20English&utmhid=889699346&utmr=-&utmp=smep_portal_page_login%2FShippingOptionsQueryController%2Fcom%2Fdhl%2Fsmep%2Fportlets%2FshippingOptionsQuery%2FenterShippingData.jsp&utmht=1566570787271&utmac=UA-37191247-1&utmcc=__utma%3D185562287.1577410143.1566570787.1566570787.1566570787.1%3B%2B__utmz%3D185562287.1566570787.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmu=qxSAAAAIAAAAAAAAAAAAAAAE~

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.php
webaccess.duckdns.org/dhl/
22 KB
22 KB
Document
General
Full URL
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
699de9e57efe89a85eecce10924c6f5c50467fab484cf7cb4120f932f9cdc259

Request headers

Host
webaccess.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:06 GMT
Server
Apache
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
ga.js
webaccess.duckdns.org/dhl/Files/
0
0
Script
General
Full URL
http://webaccess.duckdns.org/dhl/Files/ga.js
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:06 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
33393
1.css
fast.fonts.net/t/
0
322 B
Stylesheet
General
Full URL
http://fast.fonts.net/t/1.css?apiType=css&projectid=a3f6fe50-744f-4123-952d-600048fa8a7c
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AE) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:06 GMT
Last-Modified
Wed, 21 Feb 2018 12:55:22 GMT
Server
ECS (fcn/41AE)
Etag
"616070693"
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Accept-Ranges
bytes
Content-Length
0
Expires
Fri, 23 Aug 2019 14:33:06 GMT
layout.css
webaccess.duckdns.org/dhl/Files/
1 KB
1 KB
Stylesheet
General
Full URL
http://webaccess.duckdns.org/dhl/Files/layout.css
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
af7f14e6c8e65f74dac6afda27be4ce7512db2a778ec42c36f55a1ed363fc7d8

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:06 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"474-55a52fe311180"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1140
buttons.js
webaccess.duckdns.org/dhl/Files/
0
0
Script
General
Full URL
http://webaccess.duckdns.org/dhl/Files/buttons.js
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:06 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
33393
util.js
webaccess.duckdns.org/dhl/Files/
0
0
Script
General
Full URL
http://webaccess.duckdns.org/dhl/Files/util.js
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:06 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
33393
main.css
webaccess.duckdns.org/dhl/Files/
121 KB
121 KB
Stylesheet
General
Full URL
http://webaccess.duckdns.org/dhl/Files/main.css
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
69f3cd5711722de0b3ce814b2b51d01f60b0c270042659e9972c2b34265ad773

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:06 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"1e22b-55a52fe311180"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
123435
plugins.min.js
webaccess.duckdns.org/dhl/Files/
0
0
Script
General
Full URL
http://webaccess.duckdns.org/dhl/Files/plugins.min.js
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:06 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
33393
jquery.js
webaccess.duckdns.org/dhl/Files/
0
0
Script
General
Full URL
http://webaccess.duckdns.org/dhl/Files/jquery.js
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:06 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
33393
dhl_logo_transparent.png
webaccess.duckdns.org/dhl/Files/
2 KB
2 KB
Image
General
Full URL
http://webaccess.duckdns.org/dhl/Files/dhl_logo_transparent.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
35b8eca53271516f3d66a3dd8f89e1366edb87adad26015424148de71dfcce46

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:07 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"794-55a52fe311180"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1940
form_help.png
webaccess.duckdns.org/dhl/Files/
1 KB
2 KB
Image
General
Full URL
http://webaccess.duckdns.org/dhl/Files/form_help.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
77511e8beca58bc2e49bee41d5ad842b9da8c16370a36a15c2fe253b1fa79530

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:07 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"4f9-55a52fe311180"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1273
mydhl_benefit_1.png
webaccess.duckdns.org/dhl/Files/
5 KB
5 KB
Image
General
Full URL
http://webaccess.duckdns.org/dhl/Files/mydhl_benefit_1.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
6b183a115aa27f57c515661c33997b1c96999981ac7e0534e4a46f1c19377c49

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:07 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"1485-55a52fe311180"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5253
mydhl_benefit_2.png
webaccess.duckdns.org/dhl/Files/
4 KB
4 KB
Image
General
Full URL
http://webaccess.duckdns.org/dhl/Files/mydhl_benefit_2.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
baffd233b0f77bcc50519a65a1e06f71ce63a8f4109581939029021878b56f59

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:07 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"10ad-55a52fe311180"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
4269
mydhl_benefit_3.png
webaccess.duckdns.org/dhl/Files/
6 KB
7 KB
Image
General
Full URL
http://webaccess.duckdns.org/dhl/Files/mydhl_benefit_3.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
b3b3f72fefa8480eef99644b25181c2b18a91464466f24557ed598af68fee7dc

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:07 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"1970-55a52fe311180"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
6512
mydhl_benefit_4.png
webaccess.duckdns.org/dhl/Files/
5 KB
5 KB
Image
General
Full URL
http://webaccess.duckdns.org/dhl/Files/mydhl_benefit_4.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
3dbafdfa54ef76441f3f5e406264767885421889ccab69744e3f7d4226aebe9e

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:07 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"12cd-55a52fe311180"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
4813
mydhl_benefit_5.png
webaccess.duckdns.org/dhl/Files/
3 KB
3 KB
Image
General
Full URL
http://webaccess.duckdns.org/dhl/Files/mydhl_benefit_5.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
cba36ffea0e05b51840b73b915ec8bdc13f68e7f8ca88565fabca1baaf75a00c

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:07 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"bf6-55a52fe311180"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3062
DHL_footer_logo.png
webaccess.duckdns.org/dhl/Files/
724 B
993 B
Image
General
Full URL
http://webaccess.duckdns.org/dhl/Files/DHL_footer_logo.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
38c387b0151772ae21faabbfed1281b46163aa484168d870440f82b64e736063

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:07 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"2d4-55a52fe311180"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
724
dhl-print.css
webaccess.duckdns.org/dhl/Files/
546 B
814 B
Stylesheet
General
Full URL
http://webaccess.duckdns.org/dhl/Files/dhl-print.css
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
e0556ca17eba8429f9d2d2b3997ff5d5386e350b3feed19347667de553a05110

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:07 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"222-55a52fe311180"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
546
jquery.js
webaccess.duckdns.org/dhl/Files/
0
0
Script
General
Full URL
http://webaccess.duckdns.org/dhl/Files/jquery.js
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:07 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
33393
video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame 3B55
0
0

video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame 7AFC
0
0

video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame 83B2
0
0

video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame 3DF0
0
0

video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame EC50
0
0

video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame 700A
0
0

video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame A5AF
156 KB
156 KB
Document
General
Full URL
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
516ced1cfe81b07e87c82fa922a5ddfc8e342ce9b7ce68fc3ad2961a29ebd264

Request headers

Host
webaccess.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4

Response headers

Date
Fri, 23 Aug 2019 14:33:07 GMT
Server
Apache
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
ETag
"26e7e-55a52fe311180"
Accept-Ranges
bytes
Content-Length
159358
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
mydhl_image_western-cultural.jpg
www.mydhl.dhl.com/content/dam/Local_Images/g0/express/mydhl/
134 KB
135 KB
Image
General
Full URL
https://www.mydhl.dhl.com/content/dam/Local_Images/g0/express/mydhl/mydhl_image_western-cultural.jpg
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.5.106.24 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-5-106-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9f6e2d3a6f15517380d4582c8770aee1ca0d29e53d5966aa6982c9f46a8c9efe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Jun 2019 20:08:30 GMT
ETag
"1826bc-2186e-58c1760386b80"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
s-maxage=172800
Date
Fri, 23 Aug 2019 14:33:07 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
137326
X-XSS-Protection
1; mode=block
Expires
Tue, 30 Jul 2019 23:50:43 GMT
bg-header.png
webaccess.duckdns.org/dhl/images/
15 KB
15 KB
Image
General
Full URL
http://webaccess.duckdns.org/dhl/images/bg-header.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
35895b6702bba5a85fc6ff7fc7a3ffd3cec3ba5e690fb04034f42783f442f4c0

Request headers

Referer
http://webaccess.duckdns.org/dhl/Files/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:07 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
33393
shadow_navigation_main_bottom.png
webaccess.duckdns.org/dhl/images/
33 KB
33 KB
Image
General
Full URL
http://webaccess.duckdns.org/dhl/images/shadow_navigation_main_bottom.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
b76821127423f9469cced9162d607ca799e63694ba7a851896c0a96a34ab2927

Request headers

Referer
http://webaccess.duckdns.org/dhl/Files/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:07 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
33393
icon-arrow-close.png
webaccess.duckdns.org/dhl/images/
13 KB
13 KB
Image
General
Full URL
http://webaccess.duckdns.org/dhl/images/icon-arrow-close.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
9c446e64024c9d742c0ae84e90d2e6238b73030435bc40704f9674901d439ce9

Request headers

Referer
http://webaccess.duckdns.org/dhl/Files/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:07 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
33393
443d53e8-5a36-44d4-a132-02501f29ccb4.woff2
www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/
0
0

23c8fd07-fd70-4f71-8660-ee48fd5cdd78.woff2
www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/
0
0

ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4814
date
Fri, 23 Aug 2019 13:12:53 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17168
expires
Fri, 23 Aug 2019 15:12:53 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
servicelink_separator.gif
webaccess.duckdns.org/dhl/images/
13 KB
13 KB
Image
General
Full URL
http://webaccess.duckdns.org/dhl/images/servicelink_separator.gif
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
986aa7c523d0f7fe49d00c04ee4772f941d52fd40964e072b646550cdb7b48e1

Request headers

Referer
http://webaccess.duckdns.org/dhl/Files/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 14:33:07 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
33393
__utm.gif
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=628787340&utmhn=webaccess.duckdns.org&utme=8(accountStatus*countrySelectedByUser)9((attribute%20undefined%271*(attribute%20undefine...
  • https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=628787340&utmhn=webaccess.duckdns.org&utme=8(accountStatus*countrySelectedByUser)9((attribute%20undefined%271*(attribute%20undefin...
35 B
105 B
Image
General
Full URL
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=628787340&utmhn=webaccess.duckdns.org&utme=8(accountStatus*countrySelectedByUser)9((attribute%20undefined%271*(attribute%20undefined%271)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=DHL%20%7C%20Global%20%7C%20English&utmhid=889699346&utmr=-&utmp=smep_portal_page_login%2FShippingOptionsQueryController%2Fcom%2Fdhl%2Fsmep%2Fportlets%2FshippingOptionsQuery%2FenterShippingData.jsp&utmht=1566570787271&utmac=UA-37191247-1&utmcc=__utma%3D185562287.1577410143.1566570787.1566570787.1566570787.1%3B%2B__utmz%3D185562287.1566570787.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmu=qxSAAAAIAAAAAAAAAAAAAAAE~
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2019 11:16:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11787
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=628787340&utmhn=webaccess.duckdns.org&utme=8(accountStatus*countrySelectedByUser)9((attribute%20undefined%271*(attribute%20undefined%271)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=DHL%20%7C%20Global%20%7C%20English&utmhid=889699346&utmr=-&utmp=smep_portal_page_login%2FShippingOptionsQueryController%2Fcom%2Fdhl%2Fsmep%2Fportlets%2FshippingOptionsQuery%2FenterShippingData.jsp&utmht=1566570787271&utmac=UA-37191247-1&utmcc=__utma%3D185562287.1577410143.1566570787.1566570787.1566570787.1%3B%2B__utmz%3D185562287.1566570787.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmu=qxSAAAAIAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
758b3adb-babc-432f-8224-6d5987a29d87.woff
www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/
0
0

e934c7fe-0eba-45c0-be91-b05ff19b5073.woff
www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/
0
0

truncated
/ Frame A5AF
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e306705c996676db01f4072ed3d6f33d89089a848ab0b2a0ba07a2d866ec309f

Request headers

Referer
http://webaccess.duckdns.org/dhl/Files/video_921234.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A5AF
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3011fd16e43cd860b9782c4eafe77c1cc40da2e0f6e2e5ea547d98d6efac879

Request headers

Referer
http://webaccess.duckdns.org/dhl/Files/video_921234.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A5AF
155 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

Referer
http://webaccess.duckdns.org/dhl/Files/video_921234.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
a0db12d8-1ce6-447c-88db-a84df4843728.ttf
www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/
0
0

a4b36fb8-d470-4a09-87d7-70de08efeeaf.ttf
www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
webaccess.duckdns.org
URL
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Domain
webaccess.duckdns.org
URL
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Domain
webaccess.duckdns.org
URL
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Domain
webaccess.duckdns.org
URL
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Domain
webaccess.duckdns.org
URL
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Domain
webaccess.duckdns.org
URL
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Domain
www.mydhl.dhl.com
URL
https://www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/443d53e8-5a36-44d4-a132-02501f29ccb4.woff2
Domain
www.mydhl.dhl.com
URL
https://www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/23c8fd07-fd70-4f71-8660-ee48fd5cdd78.woff2
Domain
www.mydhl.dhl.com
URL
https://www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/758b3adb-babc-432f-8224-6d5987a29d87.woff
Domain
www.mydhl.dhl.com
URL
https://www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/e934c7fe-0eba-45c0-be91-b05ff19b5073.woff
Domain
www.mydhl.dhl.com
URL
https://www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/a0db12d8-1ce6-447c-88db-a84df4843728.ttf
Domain
www.mydhl.dhl.com
URL
https://www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/a4b36fb8-d470-4a09-87d7-70de08efeeaf.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| currentLanguage string| calendarLanguage string| contextPath string| btnConfirmOk string| btnConfirmCancel string| linkMore string| linkLess string| dateFormatPattern function| validate object| _gaq object| _gat object| gaGlobal

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fast.fonts.net
webaccess.duckdns.org
www.google-analytics.com
www.mydhl.dhl.com
webaccess.duckdns.org
www.mydhl.dhl.com
23.5.106.24
2606:2800:234:660:118e:28f:1d8a:2522
2a00:1450:4001:814::200e
89.47.165.229
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
35895b6702bba5a85fc6ff7fc7a3ffd3cec3ba5e690fb04034f42783f442f4c0
35b8eca53271516f3d66a3dd8f89e1366edb87adad26015424148de71dfcce46
38c387b0151772ae21faabbfed1281b46163aa484168d870440f82b64e736063
3dbafdfa54ef76441f3f5e406264767885421889ccab69744e3f7d4226aebe9e
516ced1cfe81b07e87c82fa922a5ddfc8e342ce9b7ce68fc3ad2961a29ebd264
699de9e57efe89a85eecce10924c6f5c50467fab484cf7cb4120f932f9cdc259
69f3cd5711722de0b3ce814b2b51d01f60b0c270042659e9972c2b34265ad773
6b183a115aa27f57c515661c33997b1c96999981ac7e0534e4a46f1c19377c49
77511e8beca58bc2e49bee41d5ad842b9da8c16370a36a15c2fe253b1fa79530
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
986aa7c523d0f7fe49d00c04ee4772f941d52fd40964e072b646550cdb7b48e1
9c446e64024c9d742c0ae84e90d2e6238b73030435bc40704f9674901d439ce9
9f6e2d3a6f15517380d4582c8770aee1ca0d29e53d5966aa6982c9f46a8c9efe
af7f14e6c8e65f74dac6afda27be4ce7512db2a778ec42c36f55a1ed363fc7d8
b3011fd16e43cd860b9782c4eafe77c1cc40da2e0f6e2e5ea547d98d6efac879
b3b3f72fefa8480eef99644b25181c2b18a91464466f24557ed598af68fee7dc
b76821127423f9469cced9162d607ca799e63694ba7a851896c0a96a34ab2927
baffd233b0f77bcc50519a65a1e06f71ce63a8f4109581939029021878b56f59
cba36ffea0e05b51840b73b915ec8bdc13f68e7f8ca88565fabca1baaf75a00c
e0556ca17eba8429f9d2d2b3997ff5d5386e350b3feed19347667de553a05110
e306705c996676db01f4072ed3d6f33d89089a848ab0b2a0ba07a2d866ec309f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855