c-f-c.cd Open in urlscan Pro
67.222.111.194 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html
Submission: On January 25 via automatic, source openphish (January 25th 2017, 10:14:07 pm UTC)

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 34 HTTP transactions. The main IP is 67.222.111.194, located in Los Angeles, United States and belongs to IHNET - IHNetworks, LLC, US. The main domain is c-f-c.cd.

This is the only time c-f-c.cd was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
16	67.222.111.194 67.222.111.194		33494 (IHNET) (IHNET - IHNetworks)
34	2

16 67.222.111.194 (Los Angeles, United States)

ASN33494 (IHNET - IHNetworks, LLC, US)
PTR: host.mongwd.com

c-f-c.cd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	c-f-c.cd c-f-c.cd	200 KB
34	1

	Domain	Requested by
16	c-f-c.cd	c-f-c.cd
34	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html
Frame ID: 1377.1
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

34
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

200 kB
Transfer

201 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request DHL%20_%20EzyBill.html Show response c-f-c.cd/adev/img/gonow/	24 KB 24 KB	1325ms 386ms	Document text/html	67.222.111.194 IHNetworks
General Check archive.org Show headers Download Go to Full URL http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Protocol HTTP/1.1 Server 67.222.111.194 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US), Reverse DNS host.mongwd.com Software nginx/1.10.1 / Resource Hash `87a54c2601d93e36aa064d687e9b3da98029d01a743a9b4bd9e0a92e4e1a2017` Request headers Host c-f-c.cd Upgrade-Insecure-Requests 1 Connection keep-alive Pragma no-cache Accept-Encoding gzip, deflate, sdch Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Response headers Content-Length 24232 Date Wed, 25 Jan 2017 22:13:57 GMT Last-Modified Mon, 21 Dec 2015 07:36:40 GMT Server nginx/1.10.1 ETag "5ea8-527638cbd1200" Content-Type text/html Connection keep-alive Accept-Ranges bytes
GET H/1.1	200 OK	glbl_nn7.css c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	12 KB 12 KB	526ms 525ms	Stylesheet text/css	67.222.111.194 IHNetworks
General Check archive.org Show headers Download Go to Full URL http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/glbl_nn7.css Requested by Host: c-f-c.cd URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Protocol HTTP/1.1 Server 67.222.111.194 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US), Reverse DNS host.mongwd.com Software nginx/1.10.1 / Resource Hash `b98e58f0f2c62969d61ce2ec31043dacb8d378ecbbfcae138b6250d432e195dd` Request headers Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Connection keep-alive Pragma no-cache Accept-Encoding gzip, deflate, sdch Host c-f-c.cd Cache-Control no-cache Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Response headers Content-Length 11812 Date Wed, 25 Jan 2017 22:13:57 GMT Last-Modified Fri, 11 Dec 2015 09:05:44 GMT Server nginx/1.10.1 ETag "2e24-5269ba0da4a00" Content-Type text/css Connection keep-alive Accept-Ranges bytes
GET H/1.1	200 OK	prtl_std_nn7.css c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	426 B 426 B	357ms 195ms	Stylesheet text/css	67.222.111.194 IHNetworks
General Check archive.org Show headers Download Go to Full URL http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/prtl_std_nn7.css Requested by Host: c-f-c.cd URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Protocol HTTP/1.1 Server 67.222.111.194 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US), Reverse DNS host.mongwd.com Software nginx/1.10.1 / Resource Hash `8e0c1cbaa15f10cc0f5528143848b02743d0902770154ad6e8f5016507aeb39b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Pragma no-cache Accept-Encoding gzip, deflate, sdch Host c-f-c.cd Accept-Language en-US,en;q=0.8 Connection keep-alive Cache-Control no-cache Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Response headers ETag "1aa-5269ba0da4a00" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 426 Date Wed, 25 Jan 2017 22:13:57 GMT Last-Modified Fri, 11 Dec 2015 09:05:44 GMT Server nginx/1.10.1
GET H/1.1	200 OK	js13_epcf.js Show response c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	59 KB 59 KB	781ms 409ms	Script application/javascript	67.222.111.194 IHNetworks
General Check archive.org Show headers Download Go to Full URL http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/js13_epcf.js Requested by Host: c-f-c.cd URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Protocol HTTP/1.1 Server 67.222.111.194 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US), Reverse DNS host.mongwd.com Software nginx/1.10.1 / Resource Hash `fbd98c97e772456d73da56a11d6cee7044b040c5b532f6e1b0324eb6b6d13a05` Request headers Accept / Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Cache-Control no-cache Pragma no-cache Accept-Encoding gzip, deflate, sdch Host c-f-c.cd Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Connection keep-alive Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Response headers Accept-Ranges bytes Content-Length 60892 Date Wed, 25 Jan 2017 22:13:57 GMT Last-Modified Fri, 11 Dec 2015 09:05:44 GMT Server nginx/1.10.1 ETag "eddc-5269ba0da4a00" Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	ur_nn7.css c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	12 KB 12 KB	387ms 224ms	Stylesheet text/css	67.222.111.194 IHNetworks
General Check archive.org Show headers Download Go to Full URL http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/ur_nn7.css Requested by Host: c-f-c.cd URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Protocol HTTP/1.1 Server 67.222.111.194 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US), Reverse DNS host.mongwd.com Software nginx/1.10.1 / Resource Hash `b98e58f0f2c62969d61ce2ec31043dacb8d378ecbbfcae138b6250d432e195dd` Request headers Accept-Encoding gzip, deflate, sdch Host c-f-c.cd Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Connection keep-alive Pragma no-cache Cache-Control no-cache Accept text/css,/;q=0.1 Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Response headers Date Wed, 25 Jan 2017 22:13:57 GMT Last-Modified Fri, 11 Dec 2015 09:05:44 GMT Server nginx/1.10.1 ETag "2e24-5269ba0da4a00" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 11812
GET H/1.1	200 OK	logon.css c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	12 KB 12 KB	454ms 291ms	Stylesheet text/css	67.222.111.194 IHNetworks
General Check archive.org Show headers Download Go to Full URL http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/logon.css Requested by Host: c-f-c.cd URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Protocol HTTP/1.1 Server 67.222.111.194 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US), Reverse DNS host.mongwd.com Software nginx/1.10.1 / Resource Hash `b98e58f0f2c62969d61ce2ec31043dacb8d378ecbbfcae138b6250d432e195dd` Request headers Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Pragma no-cache Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Connection keep-alive Cache-Control no-cache Accept-Encoding gzip, deflate, sdch Host c-f-c.cd Accept text/css,/;q=0.1 Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Response headers Server nginx/1.10.1 ETag "2e24-5269ba0da4a00" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 11812 Date Wed, 25 Jan 2017 22:13:57 GMT Last-Modified Fri, 11 Dec 2015 09:05:44 GMT
GET H/1.1	200 OK	main2.css c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	12 KB 12 KB	587ms 235ms	Stylesheet text/css	67.222.111.194 IHNetworks
General Check archive.org Show headers Download Go to Full URL http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/main2.css Requested by Host: c-f-c.cd URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Protocol HTTP/1.1 Server 67.222.111.194 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US), Reverse DNS host.mongwd.com Software nginx/1.10.1 / Resource Hash `b98e58f0f2c62969d61ce2ec31043dacb8d378ecbbfcae138b6250d432e195dd` Request headers Accept text/css,/;q=0.1 Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Connection keep-alive Accept-Encoding gzip, deflate, sdch Host c-f-c.cd Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Pragma no-cache Cache-Control no-cache Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Response headers Server nginx/1.10.1 ETag "2e24-5269ba0da4a00" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 11812 Date Wed, 25 Jan 2017 22:13:57 GMT Last-Modified Fri, 11 Dec 2015 09:05:44 GMT
GET H/1.1	200 OK	basic.js Show response c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	739 B 739 B	869ms 500ms	Script application/javascript	67.222.111.194 IHNetworks
General Check archive.org Show headers Download Go to Full URL http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/basic.js Requested by Host: c-f-c.cd URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Protocol HTTP/1.1 Server 67.222.111.194 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US), Reverse DNS host.mongwd.com Software nginx/1.10.1 / Resource Hash `10b581df97d99590702fb323d35fffca27d03eb0b4f697274567c17229dad503` Request headers Accept-Encoding gzip, deflate, sdch Host c-f-c.cd Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Accept / Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Pragma no-cache Cache-Control no-cache Connection keep-alive Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Response headers Content-Length 739 Date Wed, 25 Jan 2017 22:13:58 GMT Last-Modified Fri, 11 Dec 2015 09:05:44 GMT Server nginx/1.10.1 ETag "2e3-5269ba0da4a00" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes
GET H/1.1	200 OK	spacer.htm c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	2 KB 2 KB	416ms 415ms	Image text/html	67.222.111.194 IHNetworks
General Check archive.org Show headers Download Go to Show image Full URL http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/spacer.htm Requested by Host: c-f-c.cd URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Protocol HTTP/1.1 Server 67.222.111.194 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US), Reverse DNS host.mongwd.com Software nginx/1.10.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Cache-Control no-cache Pragma no-cache Accept-Encoding gzip, deflate, sdch Connection keep-alive Host c-f-c.cd Accept-Language en-US,en;q=0.8 Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Response headers Date Wed, 25 Jan 2017 22:13:58 GMT Last-Modified Fri, 11 Dec 2015 09:05:44 GMT Server nginx/1.10.1 ETag "733-5269ba0da4a00" Content-Type text/html Connection keep-alive Accept-Ranges bytes Content-Length 1843
GET H/1.1	200 OK	DHL_Main.jpg c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	44 KB 44 KB	432ms 432ms	Image image/jpeg	67.222.111.194 IHNetworks
General Check archive.org Show headers Download Go to Show image Full URL http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/DHL_Main.jpg Requested by Host: c-f-c.cd URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Protocol HTTP/1.1 Server 67.222.111.194 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US), Reverse DNS host.mongwd.com Software nginx/1.10.1 / Resource Hash `b56e05bbc88b09db084778b60cfde484a6a28fb7698d6762032a693ccc9808dc` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Connection keep-alive Cache-Control no-cache Accept image/webp,image/,/;q=0.8 Referer* http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Pragma no-cache Accept-Encoding gzip, deflate, sdch Host c-f-c.cd Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Response headers Date Wed, 25 Jan 2017 22:13:58 GMT Last-Modified Fri, 11 Dec 2015 09:05:44 GMT Server nginx/1.10.1 ETag "b1eb-5269ba0da4a00" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 45547
GET H/1.1	200 OK	DHL_Express2.jpg c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	19 KB 19 KB	418ms 417ms	Image image/jpeg	67.222.111.194 IHNetworks
General Check archive.org Show headers Download Go to Show image Full URL http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/DHL_Express2.jpg Requested by Host: c-f-c.cd URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Protocol HTTP/1.1 Server 67.222.111.194 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US), Reverse DNS host.mongwd.com Software nginx/1.10.1 / Resource Hash `d340de9e66f4fb40093204b6a6164927eb8f66ae2a1a43f53c277e71e0cb3d9c` Request headers Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Connection keep-alive Cache-Control no-cache Pragma no-cache Accept-Encoding gzip, deflate, sdch Host c-f-c.cd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Accept image/webp,image/,/;q=0.8 Accept-Language* en-US,en;q=0.8 Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Response headers ETag "4a1e-5269ba0f8ce80" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 18974 Date Wed, 25 Jan 2017 22:13:59 GMT Last-Modified Fri, 11 Dec 2015 09:05:46 GMT Server nginx/1.10.1
GET H/1.1	200 OK	spacer.gif c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	43 B 43 B	164ms 164ms	Image image/gif	67.222.111.194 IHNetworks
General Check archive.org Show headers Download Go to Show image Full URL http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/spacer.gif Requested by Host: c-f-c.cd URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Protocol HTTP/1.1 Server 67.222.111.194 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US), Reverse DNS host.mongwd.com Software nginx/1.10.1 / Resource Hash `548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Accept-Language en-US,en;q=0.8 Connection keep-alive Cache-Control no-cache Host c-f-c.cd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Response headers Server nginx/1.10.1 ETag "2b-5269ba0f8ce80" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 43 Date Wed, 25 Jan 2017 22:13:58 GMT Last-Modified Fri, 11 Dec 2015 09:05:46 GMT
GET H/1.1	200 OK	TopLeftRound.jpg c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	936 B 936 B	485ms 485ms	Image image/jpeg	67.222.111.194 IHNetworks
General Check archive.org Show headers Download Go to Show image Full URL http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/TopLeftRound.jpg Requested by Host: c-f-c.cd URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Protocol HTTP/1.1 Server 67.222.111.194 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US), Reverse DNS host.mongwd.com Software nginx/1.10.1 / Resource Hash `cfbb4d2eeb70bd4f8700a1db0ba0e049d1f31796b568a8e7656547162fb1d638` Request headers Pragma no-cache Accept image/webp,image/,/;q=0.8 Accept-Encoding* gzip, deflate, sdch Host c-f-c.cd Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Connection keep-alive Cache-Control no-cache Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Response headers Accept-Ranges bytes Content-Length 936 Date Wed, 25 Jan 2017 22:13:59 GMT Last-Modified Fri, 11 Dec 2015 09:05:46 GMT Server nginx/1.10.1 ETag "3a8-5269ba0f8ce80" Content-Type image/jpeg Connection keep-alive
GET H/1.1	200 OK	TopCenterRound.jpg c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	2 KB 2 KB	230ms 229ms	Image image/jpeg	67.222.111.194 IHNetworks
General Check archive.org Show headers Download Go to Show image Full URL http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/TopCenterRound.jpg Requested by Host: c-f-c.cd URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Protocol HTTP/1.1 Server 67.222.111.194 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US), Reverse DNS host.mongwd.com Software nginx/1.10.1 / Resource Hash `6ac5fcd6635d0fb9407c44d4972c882a403aea0e50eb34ad8a6c317d65f28cad` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host c-f-c.cd Accept-Language en-US,en;q=0.8 Accept image/webp,image/,/;q=0.8 Referer* http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Connection keep-alive User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Cache-Control no-cache Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Response headers Connection keep-alive Accept-Ranges bytes Content-Length 2208 Date Wed, 25 Jan 2017 22:13:59 GMT Last-Modified Fri, 11 Dec 2015 09:05:46 GMT Server nginx/1.10.1 ETag "8a0-5269ba0f8ce80" Content-Type image/jpeg
GET H/1.1	200 OK	TopRightRound.jpg c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	948 B 948 B	296ms 296ms	Image image/jpeg	67.222.111.194 IHNetworks
General Check archive.org Show headers Download Go to Show image Full URL http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/TopRightRound.jpg Requested by Host: c-f-c.cd URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Protocol HTTP/1.1 Server 67.222.111.194 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US), Reverse DNS host.mongwd.com Software nginx/1.10.1 / Resource Hash `b9aa758a034d79076144c7ef466f78bd348447011df84756413873ddc5bb19d0` Request headers Pragma no-cache Host c-f-c.cd Accept image/webp,image/,/;q=0.8 Connection* keep-alive Cache-Control no-cache Accept-Encoding gzip, deflate, sdch Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Response headers Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 948 Date Wed, 25 Jan 2017 22:13:59 GMT Last-Modified Fri, 11 Dec 2015 09:05:46 GMT Server nginx/1.10.1 ETag "3b4-5269ba0f8ce80"
GET		LeftRound.jpg c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	0 0

GET		BD14868_.GIF c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	0 0

GET		BottomLeftRound2.jpg c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	0 0

GET		BottomCenterRound.jpg c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	0 0

GET		BottomRightRound.jpg c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	0 0

GET		TopLeftRound1.jpg c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	0 0

GET		TopCenterRound1.jpg c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	0 0

GET		TopRightRound1.jpg c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	0 0

GET		LeftRound1.jpg c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	0 0

GET		arrow_r_r_small.gif c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	0 0

GET		RightRound1.jpg c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	0 0

GET		BottomLeftRound1.jpg c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	0 0

GET		BottomCenterRound1.jpg c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	0 0

GET		BottomRightRound1.jpg c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	0 0

GET		GOGREEN_DPDHL_en_RGB.png c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	0 0

GET		corner.gif c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	0 0

GET		spacer.htm c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/	0 0

GET DATA	200 OK	truncated /	449 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `18565b6da756df2bfbe5fb647a64675ac7d0f5e1ef0910da72eb6ea125bae2f2` Request headers Response headers
GET DATA	200 OK	truncated /	449 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `18565b6da756df2bfbe5fb647a64675ac7d0f5e1ef0910da72eb6ea125bae2f2` Request headers Response headers
GET		arrow_r_r_small.gif c-f-c.cd/irj/portalapps/com.dhl.ezybill.runtime.logon/layout/	0 0

GET H/1.1	404 Not Found	favicon.ico c-f-c.cd/	451 B 451 B	326ms 163ms	Other text/html	67.222.111.194 IHNetworks
General Check archive.org Show headers Download Go to Full URL http://c-f-c.cd/favicon.ico Protocol HTTP/1.1 Server 67.222.111.194 Los Angeles, United States, ASN33494 (IHNET - IHNetworks, LLC, US), Reverse DNS host.mongwd.com Software nginx/1.10.1 / Resource Hash `beec457d6cf82f9ed0fcaa8dbe42e2b31edddb2c38128f24c22f8e49a833ce1b` Request headers Pragma no-cache Host c-f-c.cd Accept image/webp,image/,/;q=0.8 Referer* http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html Cache-Control no-cache Accept-Encoding gzip, deflate, sdch Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Connection keep-alive Referer http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Response headers Date Wed, 25 Jan 2017 22:14:00 GMT Server nginx/1.10.1 Connection keep-alive Content-Length 451 Content-Type text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c-f-c.cd
URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/LeftRound.jpg

Domain: c-f-c.cd
URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/BD14868_.GIF

Domain: c-f-c.cd
URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/BottomLeftRound2.jpg

Domain: c-f-c.cd
URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/BottomCenterRound.jpg

Domain: c-f-c.cd
URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/BottomRightRound.jpg

Domain: c-f-c.cd
URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/TopLeftRound1.jpg

Domain: c-f-c.cd
URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/TopCenterRound1.jpg

Domain: c-f-c.cd
URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/TopRightRound1.jpg

Domain: c-f-c.cd
URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/LeftRound1.jpg

Domain: c-f-c.cd
URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/arrow_r_r_small.gif

Domain: c-f-c.cd
URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/RightRound1.jpg

Domain: c-f-c.cd
URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/BottomLeftRound1.jpg

Domain: c-f-c.cd
URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/BottomCenterRound1.jpg

Domain: c-f-c.cd
URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/BottomRightRound1.jpg

Domain: c-f-c.cd
URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/GOGREEN_DPDHL_en_RGB.png

Domain: c-f-c.cd
URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/corner.gif

Domain: c-f-c.cd
URL: http://c-f-c.cd/adev/img/gonow/DHL%20_%20EzyBill_files/spacer.htm

Domain: c-f-c.cd
URL: http://c-f-c.cd/irj/portalapps/com.dhl.ezybill.runtime.logon/layout/arrow_r_r_small.gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c-f-c.cd
c-f-c.cd
67.222.111.194
10b581df97d99590702fb323d35fffca27d03eb0b4f697274567c17229dad503
18565b6da756df2bfbe5fb647a64675ac7d0f5e1ef0910da72eb6ea125bae2f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6ac5fcd6635d0fb9407c44d4972c882a403aea0e50eb34ad8a6c317d65f28cad
87a54c2601d93e36aa064d687e9b3da98029d01a743a9b4bd9e0a92e4e1a2017
8e0c1cbaa15f10cc0f5528143848b02743d0902770154ad6e8f5016507aeb39b
b56e05bbc88b09db084778b60cfde484a6a28fb7698d6762032a693ccc9808dc
b98e58f0f2c62969d61ce2ec31043dacb8d378ecbbfcae138b6250d432e195dd
b9aa758a034d79076144c7ef466f78bd348447011df84756413873ddc5bb19d0
beec457d6cf82f9ed0fcaa8dbe42e2b31edddb2c38128f24c22f8e49a833ce1b
cfbb4d2eeb70bd4f8700a1db0ba0e049d1f31796b568a8e7656547162fb1d638
d340de9e66f4fb40093204b6a6164927eb8f66ae2a1a43f53c277e71e0cb3d9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fbd98c97e772456d73da56a11d6cee7044b040c5b532f6e1b0324eb6b6d13a05

c-f-c.cd Open in urlscan Pro 67.222.111.194 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

34 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

200 kBTransfer

201 kBSize

0 Cookies

0 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

c-f-c.cd Open in urlscan Pro
67.222.111.194 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

200 kB
Transfer

201 kB
Size

0
Cookies

34 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!