dhlexlogs.ndc.cloudns.cl Open in urlscan Pro
111.90.150.76  Malicious Activity! Public Scan

19 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.php Show response dhlexlogs.ndc.cloudns.cl/df/dhlsameday/	43 KB 44 KB	855ms 619ms	Document text/html	111.90.150.76 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php Protocol HTTP/1.1 Server 111.90.150.76 , Rwanda, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS Software Apache / Resource Hash a20143f92c48a198db4ceda98de9dabd8c773db09b8f5a0e941ea0b120f6469a Request headers Host dhlexlogs.ndc.cloudns.cl Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:57:11 GMT Server Apache Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	announcement.css www.dhlsameday.com/SkyPortal/css/	535 B 1004 B	528ms 108ms	Stylesheet text/css	156.137.1.75 DHLNET
General Check archive.org Show headers Download Go to Full URL https://www.dhlsameday.com/SkyPortal/css/announcement.css Requested by Host: dhlexlogs.ndc.cloudns.cl URL: http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 156.137.1.75 Ashburn, United States, ASN2571 (DHLNET, CZ), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 35edf6d02ffd8bbf7b46e1868923a247dc5917c579336c06196df13f6179bb9f Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:57:11 GMT Last-Modified Wed, 06 Nov 2019 10:36:00 GMT Server Microsoft-IIS/8.5 ETag "0e84fb8d94d51:0" X-Frame-Options SAMEORIGIN Content-Type text/css Accept-Ranges bytes Content-Length 535
GET H/1.1	200 OK	bootstrap.css www.dhlsameday.com/SkyPortal/css/	143 KB 143 KB	537ms 117ms	Stylesheet text/css	156.137.1.75 DHLNET
General Check archive.org Show headers Download Go to Full URL https://www.dhlsameday.com/SkyPortal/css/bootstrap.css Requested by Host: dhlexlogs.ndc.cloudns.cl URL: http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 156.137.1.75 Ashburn, United States, ASN2571 (DHLNET, CZ), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:57:11 GMT Last-Modified Wed, 13 Feb 2019 14:22:50 GMT Server Microsoft-IIS/8.5 ETag "0995499a7c3d41:0" X-Frame-Options SAMEORIGIN Content-Type text/css Accept-Ranges bytes Content-Length 145933
GET H/1.1	200 OK	StyleSheet_11.css www.dhlsameday.com/SkyPortal/	50 KB 51 KB	531ms 111ms	Stylesheet text/css	156.137.1.75 DHLNET
General Check archive.org Show headers Download Go to Full URL https://www.dhlsameday.com/SkyPortal/StyleSheet_11.css Requested by Host: dhlexlogs.ndc.cloudns.cl URL: http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 156.137.1.75 Ashburn, United States, ASN2571 (DHLNET, CZ), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 372f60f07acc5f455399fa6483c34ef95e4e6558e8cc546e39788aa4a3b43a40 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:57:11 GMT Last-Modified Tue, 19 Nov 2019 16:06:30 GMT Server Microsoft-IIS/8.5 ETag "087fd4df39ed51:0" X-Frame-Options SAMEORIGIN Content-Type text/css Accept-Ranges bytes Content-Length 51310
GET H/1.1	200 OK	Spinner.css www.dhlsameday.com/SkyPortal/css/	4 KB 4 KB	527ms 108ms	Stylesheet text/css	156.137.1.75 DHLNET
General Check archive.org Show headers Download Go to Full URL https://www.dhlsameday.com/SkyPortal/css/Spinner.css Requested by Host: dhlexlogs.ndc.cloudns.cl URL: http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 156.137.1.75 Ashburn, United States, ASN2571 (DHLNET, CZ), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash c1c56cc06b8d0a39ee46d0e6c8d26f044ee0c7ae6be45879039447b24fda4254 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:57:11 GMT Last-Modified Tue, 10 Jan 2017 15:23:20 GMT Server Microsoft-IIS/8.5 ETag "0a46179556bd21:0" X-Frame-Options SAMEORIGIN Content-Type text/css Accept-Ranges bytes Content-Length 3811
GET H/1.1	200 OK	jquery%201.9.1.min.js Show response www.dhlsameday.com/SkyPortal/js/	90 KB 91 KB	531ms 111ms	Script application/javascript	156.137.1.75 DHLNET
General Check archive.org Show headers Download Go to Full URL https://www.dhlsameday.com/SkyPortal/js/jquery%201.9.1.min.js Requested by Host: dhlexlogs.ndc.cloudns.cl URL: http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 156.137.1.75 Ashburn, United States, ASN2571 (DHLNET, CZ), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:57:11 GMT Last-Modified Fri, 26 Aug 2016 19:51:48 GMT Server Microsoft-IIS/8.5 ETag "0a2e747d3ffd11:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Accept-Ranges bytes Content-Length 92629
GET H/1.1	200 OK	jquery-ui.css www.dhlsameday.com/SkyPortal/js/jquery-ui-themes-1.12.0/jquery-ui-themes-1.12.0/	36 KB 37 KB	531ms 111ms	Stylesheet text/css	156.137.1.75 DHLNET
General Check archive.org Show headers Download Go to Full URL https://www.dhlsameday.com/SkyPortal/js/jquery-ui-themes-1.12.0/jquery-ui-themes-1.12.0/jquery-ui.css Requested by Host: dhlexlogs.ndc.cloudns.cl URL: http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 156.137.1.75 Ashburn, United States, ASN2571 (DHLNET, CZ), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 7b625b05ac2bee641a43c1a4ad81cf7e307444acaa88ff00d2cf11e785675340 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:57:11 GMT Last-Modified Mon, 22 Aug 2016 09:24:24 GMT Server Microsoft-IIS/8.5 ETag "014aef856fcd11:0" X-Frame-Options SAMEORIGIN Content-Type text/css Accept-Ranges bytes Content-Length 37354
GET H/1.1	200 OK	jquery-ui.js Show response www.dhlsameday.com/SkyPortal/js/jquery-ui-1.12.0/jquery-ui-1.12.0/	508 KB 508 KB	636ms 108ms	Script application/javascript	156.137.1.75 DHLNET
General Check archive.org Show headers Download Go to Full URL https://www.dhlsameday.com/SkyPortal/js/jquery-ui-1.12.0/jquery-ui-1.12.0/jquery-ui.js Requested by Host: dhlexlogs.ndc.cloudns.cl URL: http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 156.137.1.75 Ashburn, United States, ASN2571 (DHLNET, CZ), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash d183ca03064fecca7700b311541da2f065de12776f0aadde4a5fd6b009754729 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:57:12 GMT Last-Modified Mon, 22 Aug 2016 09:24:10 GMT Server Microsoft-IIS/8.5 ETag "0d955f056fcd11:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Accept-Ranges bytes Content-Length 520098
GET H/1.1	200 OK	bootstrap.js Show response www.dhlsameday.com/SkyPortal/js/	74 KB 74 KB	636ms 109ms	Script application/javascript	156.137.1.75 DHLNET
General Check archive.org Show headers Download Go to Full URL https://www.dhlsameday.com/SkyPortal/js/bootstrap.js Requested by Host: dhlexlogs.ndc.cloudns.cl URL: http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 156.137.1.75 Ashburn, United States, ASN2571 (DHLNET, CZ), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash dbd2a35e72edc7d6bde483481a912f1c38aa57fab2747d9b071d317339ee03a2 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:57:12 GMT Last-Modified Wed, 13 Feb 2019 14:22:50 GMT Server Microsoft-IIS/8.5 ETag "0995499a7c3d41:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Accept-Ranges bytes Content-Length 75484
GET H/1.1	200 OK	bootstrap.min.js Show response www.dhlsameday.com/SkyPortal/js/	39 KB 39 KB	824ms 107ms	Script application/javascript	156.137.1.75 DHLNET
General Check archive.org Show headers Download Go to Full URL https://www.dhlsameday.com/SkyPortal/js/bootstrap.min.js Requested by Host: dhlexlogs.ndc.cloudns.cl URL: http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 156.137.1.75 Ashburn, United States, ASN2571 (DHLNET, CZ), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:57:12 GMT Last-Modified Wed, 13 Feb 2019 14:22:50 GMT Server Microsoft-IIS/8.5 ETag "0995499a7c3d41:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Accept-Ranges bytes Content-Length 39680
GET H/1.1	200 OK	DateFormatter.js Show response www.dhlsameday.com/SkyPortal/js/DateFormatter/	1 KB 1 KB	911ms 106ms	Script application/javascript	156.137.1.75 DHLNET
General Check archive.org Show headers Download Go to Full URL https://www.dhlsameday.com/SkyPortal/js/DateFormatter/DateFormatter.js Requested by Host: dhlexlogs.ndc.cloudns.cl URL: http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 156.137.1.75 Ashburn, United States, ASN2571 (DHLNET, CZ), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 01a741aad59beee48c3c61b81faba3b671130cf2439e51ec323ed4e5b0b18655 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:57:12 GMT Last-Modified Tue, 11 Oct 2016 16:26:08 GMT Server Microsoft-IIS/8.5 ETag "090b12bdc23d21:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Accept-Ranges bytes Content-Length 1070
GET H/1.1	200 OK	SmartSentry.js Show response www.dhlsameday.com/js/	612 B 1 KB	1004ms 105ms	Script application/javascript	156.137.1.75 DHLNET
General Check archive.org Show headers Download Go to Full URL https://www.dhlsameday.com/js/SmartSentry.js Requested by Host: dhlexlogs.ndc.cloudns.cl URL: http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 156.137.1.75 Ashburn, United States, ASN2571 (DHLNET, CZ), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 8084c60f76521788b0510cb30dd4b0315cde7380969f45a346a49f079c674932 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:57:12 GMT Last-Modified Sun, 29 Apr 2012 02:34:10 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "0bd918eb025cd1:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Accept-Ranges bytes Content-Length 612
GET H/1.1	200 OK	FormCheck.js Show response www.dhlsameday.com/Includes/Client/	40 KB 40 KB	1015ms 107ms	Script application/javascript	156.137.1.75 DHLNET
General Check archive.org Show headers Download Go to Full URL https://www.dhlsameday.com/Includes/Client/FormCheck.js Requested by Host: dhlexlogs.ndc.cloudns.cl URL: http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 156.137.1.75 Ashburn, United States, ASN2571 (DHLNET, CZ), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 266eefb41a7b7fac8a5c5349f0e852a5a47b589ece007ffc89228670ddc4a4b0 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:57:12 GMT Last-Modified Fri, 16 Sep 2016 16:23:12 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "058769e3610d21:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Accept-Ranges bytes Content-Length 40520
GET H/1.1	200 OK	official_dhllogo.svg www.dhlsameday.com/images/global/	2 KB 2 KB	107ms 106ms	Image image/svg+xml	156.137.1.75 DHLNET
General Check archive.org Show headers Download Go to Show image Full URL https://www.dhlsameday.com/images/global/official_dhllogo.svg Requested by Host: dhlexlogs.ndc.cloudns.cl URL: http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 156.137.1.75 Ashburn, United States, ASN2571 (DHLNET, CZ), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash aeed178a287002e32c4a7767dc24b3c732a812cdd42017835055e42db4d2eae1 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:57:12 GMT Last-Modified Thu, 04 Aug 2016 10:29:56 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "02ae6243beed11:0" X-Frame-Options SAMEORIGIN Content-Type image/svg+xml Accept-Ranges bytes Content-Length 2040
GET H/1.1	200 OK	announcement.js Show response www.dhlsameday.com/SkyPortal/js/	1 KB 2 KB	108ms 108ms	Script application/javascript	156.137.1.75 DHLNET
General Check archive.org Show headers Download Go to Full URL https://www.dhlsameday.com/SkyPortal/js/announcement.js Requested by Host: dhlexlogs.ndc.cloudns.cl URL: http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 156.137.1.75 Ashburn, United States, ASN2571 (DHLNET, CZ), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash fcdf1a26ed7a387f4cd46f36fab5ac030b0467dcc41c4c35f81fa807491ade22 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:57:12 GMT Last-Modified Thu, 05 Dec 2019 09:15:16 GMT Server Microsoft-IIS/8.5 ETag "0eabf814cabd51:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Accept-Ranges bytes Content-Length 1291
GET H/1.1	200 OK	red-loading.gif www.dhlsameday.com/images/spinner/	8 KB 8 KB	107ms 106ms	Image image/gif	156.137.1.75 DHLNET
General Check archive.org Show headers Download Go to Show image Full URL https://www.dhlsameday.com/images/spinner/red-loading.gif Requested by Host: dhlexlogs.ndc.cloudns.cl URL: http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 156.137.1.75 Ashburn, United States, ASN2571 (DHLNET, CZ), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 016006e99b285b458b39ce31990c0df3fb9abd31fc8d83cdca9d7d7ba97df07e Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:57:12 GMT Last-Modified Tue, 10 Jan 2017 13:54:40 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "0106a16496bd21:0" X-Frame-Options SAMEORIGIN Content-Type image/gif Accept-Ranges bytes Content-Length 8199
GET		dhlicons.ttf www.dhlsameday.com/SkyPortal/fonts/	0 0
GET		Delivery_W_Rg.woff www.dhlsameday.com/SkyPortal/fonts/WOFF/	0 0
GET H2	200	analytics.js Show response www.google-analytics.com/	45 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: dhlexlogs.ndc.cloudns.cl URL: http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 04 Jun 2020 23:38:14 GMT server Golfe2 age 3655 date Tue, 14 Jul 2020 18:56:18 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18469 expires Tue, 14 Jul 2020 20:56:18 GMT
GET H/1.1	200 OK	ui-icons_444444_256x240.png www.dhlsameday.com/SkyPortal/js/jquery-ui-themes-1.12.0/jquery-ui-themes-1.12.0/images/	7 KB 7 KB	108ms 108ms	Image image/png	156.137.1.75 DHLNET
General Check archive.org Show headers Download Go to Show image Full URL https://www.dhlsameday.com/SkyPortal/js/jquery-ui-themes-1.12.0/jquery-ui-themes-1.12.0/images/ui-icons_444444_256x240.png Requested by Host: www.dhlsameday.com URL: https://www.dhlsameday.com/SkyPortal/js/jquery%201.9.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 156.137.1.75 Ashburn, United States, ASN2571 (DHLNET, CZ), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 71e4f2148b419fa6e50d11090df3ab260b8ca4b17902bbaa4dedf6853a423004 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.dhlsameday.com/SkyPortal/js/jquery-ui-themes-1.12.0/jquery-ui-themes-1.12.0/jquery-ui.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:57:13 GMT Last-Modified Mon, 22 Aug 2016 09:24:24 GMT Server Microsoft-IIS/8.5 ETag "014aef856fcd11:0" X-Frame-Options SAMEORIGIN Content-Type image/png Accept-Ranges bytes Content-Length 7090
GET H2	200	collect www.google-analytics.com/r/	35 B 104 B	14ms 14ms	Image image/gif	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1851829123&t=pageview&_s=1&dl=http%3A%2F%2Fdhlexlogs.ndc.cloudns.cl%2Fdf%2Fdhlsameday%2Findex.php&ul=en-us&de=UTF-8&dt=DHL%20Same%20Day&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1509881815&gjid=1857540529&cid=2108730169.1594756633&tid=UA-86459595-1&_gid=1379498777.1594756633&_r=1&z=755658210 Requested by Host: dhlexlogs.ndc.cloudns.cl URL: http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 14 Jul 2020 19:57:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		dhlicons.woff www.dhlsameday.com/SkyPortal/fonts/	0 0
GET		Delivery_W_Rg.woff2 www.dhlsameday.com/SkyPortal/fonts/WOFF2/	0 0
GET H/1.1	404 Not Found	Announcement.json Show response dhlexlogs.ndc.cloudns.cl/df/dhlsameday/json/	315 B 515 B	265ms 264ms	XHR text/html	111.90.150.76 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/json/Announcement.json?_=1594756632635 Requested by Host: www.dhlsameday.com URL: https://www.dhlsameday.com/SkyPortal/js/jquery%201.9.1.min.js Protocol HTTP/1.1 Server 111.90.150.76 , Rwanda, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer http://dhlexlogs.ndc.cloudns.cl/df/dhlsameday/index.php X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:57:14 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.dhlsameday.com

URL

https://www.dhlsameday.com/SkyPortal/fonts/dhlicons.ttf

Domain

www.dhlsameday.com

URL

https://www.dhlsameday.com/SkyPortal/fonts/WOFF/Delivery_W_Rg.woff

Domain

www.dhlsameday.com

URL

https://www.dhlsameday.com/SkyPortal/fonts/dhlicons.woff

Domain

www.dhlsameday.com

URL

https://www.dhlsameday.com/SkyPortal/fonts/WOFF2/Delivery_W_Rg.woff2

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQuery1910973801500039928 boolean| isShift string| seperator function| DateFormat function| ValidateDate object| theForm function| __doPostBack boolean| defaultEmptyOK string| previous function| checkel function| highlight function| strip function| reformat function| getFilteredChar function| getPasteFiltered function| getInputNumber function| getInputAlpha function| getMaxInput function| getLowerCase function| getUpperCase function| getInputTime function| getInputDate function| isLeapYear function| clearIncompleteDate function| isChecked function| isFull function| isEmpty function| jumpNext function| containsElement function| isTime function| isDate function| isNumeric function| isSSN function| isPhone function| isZip function| isDigit function| isRange function| isEmail function| formatPhone function| formatSSN function| formatZip function| formatDate function| formatNumber function| checkDate function| checkTime function| checkPhone function| checkSSN function| checkEmail function| checkEmails function| checkZip function| checkNumber function| checkLength function| checkPattern function| checkRequired function| checkUrl function| getCaption function| isRequired function| setNewDateRange function| getSubControl function| isSameControl function| checkRange function| checkMaxCount function| checkRetype function| AllowTabCharacter function| mask function| setMaskPos function| checkMask object| obj string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cloudns.cl/	1970-01-19 11:00:43	Name: _gid Value: GA1.2.1379498777.1594756633
			.cloudns.cl/	1970-01-19 10:59:16	Name: _gat Value: 1
			.cloudns.cl/	1970-01-20 04:30:28	Name: _ga Value: GA1.2.2108730169.1594756633

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dhlexlogs.ndc.cloudns.cl
www.dhlsameday.com
www.google-analytics.com
www.dhlsameday.com
111.90.150.76
156.137.1.75
2a00:1450:4001:806::200e
016006e99b285b458b39ce31990c0df3fb9abd31fc8d83cdca9d7d7ba97df07e
01a741aad59beee48c3c61b81faba3b671130cf2439e51ec323ed4e5b0b18655
266eefb41a7b7fac8a5c5349f0e852a5a47b589ece007ffc89228670ddc4a4b0
35edf6d02ffd8bbf7b46e1868923a247dc5917c579336c06196df13f6179bb9f
372f60f07acc5f455399fa6483c34ef95e4e6558e8cc546e39788aa4a3b43a40
71e4f2148b419fa6e50d11090df3ab260b8ca4b17902bbaa4dedf6853a423004
7b625b05ac2bee641a43c1a4ad81cf7e307444acaa88ff00d2cf11e785675340
8084c60f76521788b0510cb30dd4b0315cde7380969f45a346a49f079c674932
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a20143f92c48a198db4ceda98de9dabd8c773db09b8f5a0e941ea0b120f6469a
aeed178a287002e32c4a7767dc24b3c732a812cdd42017835055e42db4d2eae1
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1c56cc06b8d0a39ee46d0e6c8d26f044ee0c7ae6be45879039447b24fda4254
d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a
d183ca03064fecca7700b311541da2f065de12776f0aadde4a5fd6b009754729
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dbd2a35e72edc7d6bde483481a912f1c38aa57fab2747d9b071d317339ee03a2
fcdf1a26ed7a387f4cd46f36fab5ac030b0467dcc41c4c35f81fa807491ade22
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955