dhlexlogs.ndc.cloudns.cl
Open in
urlscan Pro
111.90.150.76
Malicious Activity!
Public Scan
Submission: On July 14 via automatic, source phishtank
Summary
This is the only time dhlexlogs.ndc.cloudns.cl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 111.90.150.76 111.90.150.76 | 45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd) | |
16 | 156.137.1.75 156.137.1.75 | 2571 (DHLNET) (DHLNET) | |
2 | 2a00:1450:400... 2a00:1450:4001:806::200e | 15169 (GOOGLE) (GOOGLE) | |
24 | 4 |
ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
dhlexlogs.ndc.cloudns.cl |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
dhlsameday.com
www.dhlsameday.com |
1010 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
2 |
cloudns.cl
dhlexlogs.ndc.cloudns.cl |
44 KB |
24 | 3 |
Domain | Requested by | |
---|---|---|
16 | www.dhlsameday.com |
dhlexlogs.ndc.cloudns.cl
www.dhlsameday.com |
2 | www.google-analytics.com |
dhlexlogs.ndc.cloudns.cl
|
2 | dhlexlogs.ndc.cloudns.cl |
www.dhlsameday.com
|
24 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.dhlsameday.com |
www.dpwn.de |
www.dhl.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
dhlsameday.com DPDHL Global TLS CA - I4 |
2019-10-01 - 2021-09-30 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php
Frame ID: 3482CE6AD7DB0616CD8CDDA639BE4F9F
Requests: 24 HTTP requests in this frame
19 Outgoing links
These are links going to different origins than the main page.
Title: DHL Same Day Jetline
Search URL Search Domain Scan URL
Title: DHL Same Day Speedline
Search URL Search Domain Scan URL
Title: DHL Same Day Sprintline
Search URL Search Domain Scan URL
Title: Tracking
Search URL Search Domain Scan URL
Title: Customer Login
Search URL Search Domain Scan URL
Title: Quotation Request
Search URL Search Domain Scan URL
Title: Customer Service
Search URL Search Domain Scan URL
Title: Packaging Tips
Search URL Search Domain Scan URL
Title: Safety and Security
Search URL Search Domain Scan URL
Title: Terms and Conditions
Search URL Search Domain Scan URL
Title: Barcode Label Generator
Search URL Search Domain Scan URL
Title: Our Competitive Advantage
Search URL Search Domain Scan URL
Title: Industries We Serve
Search URL Search Domain Scan URL
Title: Contact Customer Service
Search URL Search Domain Scan URL
Title: View Short Video
Search URL Search Domain Scan URL
Title: Agent Login
Search URL Search Domain Scan URL
Title: New Agent
Search URL Search Domain Scan URL
Title: Deutsche Post DHL Group
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.php
dhlexlogs.ndc.cloudns.cl/df/dhlsameday/ |
43 KB 44 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
announcement.css
www.dhlsameday.com/SkyPortal/css/ |
535 B 1004 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
www.dhlsameday.com/SkyPortal/css/ |
143 KB 143 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
StyleSheet_11.css
www.dhlsameday.com/SkyPortal/ |
50 KB 51 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Spinner.css
www.dhlsameday.com/SkyPortal/css/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery%201.9.1.min.js
www.dhlsameday.com/SkyPortal/js/ |
90 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.css
www.dhlsameday.com/SkyPortal/js/jquery-ui-themes-1.12.0/jquery-ui-themes-1.12.0/ |
36 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.js
www.dhlsameday.com/SkyPortal/js/jquery-ui-1.12.0/jquery-ui-1.12.0/ |
508 KB 508 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.js
www.dhlsameday.com/SkyPortal/js/ |
74 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
www.dhlsameday.com/SkyPortal/js/ |
39 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DateFormatter.js
www.dhlsameday.com/SkyPortal/js/DateFormatter/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SmartSentry.js
www.dhlsameday.com/js/ |
612 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FormCheck.js
www.dhlsameday.com/Includes/Client/ |
40 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
official_dhllogo.svg
www.dhlsameday.com/images/global/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
announcement.js
www.dhlsameday.com/SkyPortal/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
red-loading.gif
www.dhlsameday.com/images/spinner/ |
8 KB 8 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
dhlicons.ttf
www.dhlsameday.com/SkyPortal/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Delivery_W_Rg.woff
www.dhlsameday.com/SkyPortal/fonts/WOFF/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ui-icons_444444_256x240.png
www.dhlsameday.com/SkyPortal/js/jquery-ui-themes-1.12.0/jquery-ui-themes-1.12.0/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 104 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
dhlicons.woff
www.dhlsameday.com/SkyPortal/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Delivery_W_Rg.woff2
www.dhlsameday.com/SkyPortal/fonts/WOFF2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Announcement.json
dhlexlogs.ndc.cloudns.cl/df/dhlsameday/json/ |
315 B 515 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.dhlsameday.com
- URL
- https://www.dhlsameday.com/SkyPortal/fonts/dhlicons.ttf
- Domain
- www.dhlsameday.com
- URL
- https://www.dhlsameday.com/SkyPortal/fonts/WOFF/Delivery_W_Rg.woff
- Domain
- www.dhlsameday.com
- URL
- https://www.dhlsameday.com/SkyPortal/fonts/dhlicons.woff
- Domain
- www.dhlsameday.com
- URL
- https://www.dhlsameday.com/SkyPortal/fonts/WOFF2/Delivery_W_Rg.woff2
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)76 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| jQuery1910973801500039928 boolean| isShift string| seperator function| DateFormat function| ValidateDate object| theForm function| __doPostBack boolean| defaultEmptyOK string| previous function| checkel function| highlight function| strip function| reformat function| getFilteredChar function| getPasteFiltered function| getInputNumber function| getInputAlpha function| getMaxInput function| getLowerCase function| getUpperCase function| getInputTime function| getInputDate function| isLeapYear function| clearIncompleteDate function| isChecked function| isFull function| isEmpty function| jumpNext function| containsElement function| isTime function| isDate function| isNumeric function| isSSN function| isPhone function| isZip function| isDigit function| isRange function| isEmail function| formatPhone function| formatSSN function| formatZip function| formatDate function| formatNumber function| checkDate function| checkTime function| checkPhone function| checkSSN function| checkEmail function| checkEmails function| checkZip function| checkNumber function| checkLength function| checkPattern function| checkRequired function| checkUrl function| getCaption function| isRequired function| setNewDateRange function| getSubControl function| isSameControl function| checkRange function| checkMaxCount function| checkRetype function| AllowTabCharacter function| mask function| setMaskPos function| checkMask object| obj string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.cloudns.cl/ | Name: _gid Value: GA1.2.1379498777.1594756633 |
|
.cloudns.cl/ | Name: _gat Value: 1 |
|
.cloudns.cl/ | Name: _ga Value: GA1.2.2108730169.1594756633 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dhlexlogs.ndc.cloudns.cl
www.dhlsameday.com
www.google-analytics.com
www.dhlsameday.com
111.90.150.76
156.137.1.75
2a00:1450:4001:806::200e
016006e99b285b458b39ce31990c0df3fb9abd31fc8d83cdca9d7d7ba97df07e
01a741aad59beee48c3c61b81faba3b671130cf2439e51ec323ed4e5b0b18655
266eefb41a7b7fac8a5c5349f0e852a5a47b589ece007ffc89228670ddc4a4b0
35edf6d02ffd8bbf7b46e1868923a247dc5917c579336c06196df13f6179bb9f
372f60f07acc5f455399fa6483c34ef95e4e6558e8cc546e39788aa4a3b43a40
71e4f2148b419fa6e50d11090df3ab260b8ca4b17902bbaa4dedf6853a423004
7b625b05ac2bee641a43c1a4ad81cf7e307444acaa88ff00d2cf11e785675340
8084c60f76521788b0510cb30dd4b0315cde7380969f45a346a49f079c674932
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a20143f92c48a198db4ceda98de9dabd8c773db09b8f5a0e941ea0b120f6469a
aeed178a287002e32c4a7767dc24b3c732a812cdd42017835055e42db4d2eae1
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1c56cc06b8d0a39ee46d0e6c8d26f044ee0c7ae6be45879039447b24fda4254
d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a
d183ca03064fecca7700b311541da2f065de12776f0aadde4a5fd6b009754729
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dbd2a35e72edc7d6bde483481a912f1c38aa57fab2747d9b071d317339ee03a2
fcdf1a26ed7a387f4cd46f36fab5ac030b0467dcc41c4c35f81fa807491ade22
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955