0f4f2ead7c49843749358e8d56aeefef-dot-forward-rain-274918.uk.r.appspot.com
Open in
urlscan Pro
2a00:1450:4001:825::2014
Malicious Activity!
Public Scan
Effective URL: https://0f4f2ead7c49843749358e8d56aeefef-dot-forward-rain-274918.uk.r.appspot.com/
Submission: On June 22 via api from DE
Summary
TLS certificate: Issued by GTS CA 1O1 on May 26th 2020. Valid for: 3 months.
This is the only time 0f4f2ead7c49843749358e8d56aeefef-dot-forward-rain-274918.uk.r.appspot.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 198.54.116.36 198.54.116.36 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 2a00:1450:400... 2a00:1450:4001:825::2014 | 15169 (GOOGLE) (GOOGLE) | |
23 | 160.153.53.104 160.153.53.104 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
1 | 81.17.217.15 81.17.217.15 | 35833 (MPEXNET) (MPEXNET) | |
31 | 4 |
ASN22612 (NAMECHEAP-NET, US)
PTR: host47.registrar-servers.com
ngwzfccgalef.ecofurniturebd.com |
ASN15169 (GOOGLE, US)
0f4f2ead7c49843749358e8d56aeefef-dot-forward-rain-274918.uk.r.appspot.com |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-160-153-53-104.ip.secureserver.net
adkpd.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
adkpd.com
adkpd.com |
356 KB |
1 |
edge-cdn.net
www.edge-cdn.net |
|
1 |
appspot.com
0f4f2ead7c49843749358e8d56aeefef-dot-forward-rain-274918.uk.r.appspot.com |
146 KB |
1 |
ecofurniturebd.com
1 redirects
ngwzfccgalef.ecofurniturebd.com |
265 B |
31 | 4 |
Domain | Requested by | |
---|---|---|
23 | adkpd.com |
0f4f2ead7c49843749358e8d56aeefef-dot-forward-rain-274918.uk.r.appspot.com
|
1 | www.edge-cdn.net |
adkpd.com
|
1 | 0f4f2ead7c49843749358e8d56aeefef-dot-forward-rain-274918.uk.r.appspot.com | |
1 | ngwzfccgalef.ecofurniturebd.com | 1 redirects |
31 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.mydhl.dhl.com |
www.dhl.com |
www.dhl.de |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.appspot.com GTS CA 1O1 |
2020-05-26 - 2020-08-18 |
3 months | crt.sh |
adkpd.com ZeroSSL RSA Domain Secure Site CA |
2020-05-08 - 2020-08-06 |
3 months | crt.sh |
*.edge-cdn.net AlphaSSL CA - SHA256 - G2 |
2019-02-11 - 2021-02-11 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://0f4f2ead7c49843749358e8d56aeefef-dot-forward-rain-274918.uk.r.appspot.com/
Frame ID: 7D8B5FD1424603CA116D8CD2C48EDF79
Requests: 31 HTTP requests in this frame
Frame:
https://www.edge-cdn.net/video_921234?playerskin=50107
Frame ID: D3E990337EF40A6046A0166AC4C87AB4
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://ngwzfccgalef.ecofurniturebd.com/dhl/
HTTP 302
https://0f4f2ead7c49843749358e8d56aeefef-dot-forward-rain-274918.uk.r.appspot.com/ Page URL
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: Forgot Password or User ID?
Search URL Search Domain Scan URL
Title: Register Now
Search URL Search Domain Scan URL
Title: Find Out More
Search URL Search Domain Scan URL
Title: Continue Reading
Search URL Search Domain Scan URL
Title: Continue Reading
Search URL Search Domain Scan URL
Title: Continue Reading
Search URL Search Domain Scan URL
Title: Masthead
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Title: Privacy & Cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ngwzfccgalef.ecofurniturebd.com/dhl/
HTTP 302
https://0f4f2ead7c49843749358e8d56aeefef-dot-forward-rain-274918.uk.r.appspot.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
0f4f2ead7c49843749358e8d56aeefef-dot-forward-rain-274918.uk.r.appspot.com/ Redirect Chain
|
247 KB 146 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layout.css
adkpd.com//dhl/media/css/ |
1 KB 624 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
adkpd.com//dhl/media/css/ |
115 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.css
adkpd.com//dhl/media/css/ |
0 59 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
helpers.js
adkpd.com//dhl/media/js/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
adkpd.com//dhl/media/js/ |
886 B 453 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
video_921234
www.edge-cdn.net/ Frame D3E9 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dhl_logo_transparent.png
adkpd.com//dhl/media/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mydhl_logo_transparent.png
adkpd.com//dhl/media/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form_help.png
adkpd.com//dhl/media/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
106 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mydhl_benefit_1.png
adkpd.com//dhl/media/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mydhl_benefit_2.png
adkpd.com//dhl/media/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mydhl_benefit_3.png
adkpd.com//dhl/media/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mydhl_benefit_4.png
adkpd.com//dhl/media/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mydhl_benefit_5.png
adkpd.com//dhl/media/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
japan.jpg
adkpd.com//dhl/media/images/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
italy.jpg
adkpd.com//dhl/media/images/ |
59 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mexico_new.jpg
adkpd.com//dhl/media/images/ |
65 KB 66 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dp_dhl_com_transparent.png
adkpd.com//dhl/media/images/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mydhl_image_western-cultural.jpg
adkpd.com//dhl/media/images/ |
134 KB 135 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-header.png
adkpd.com//dhl/media/images/ |
988 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select-arrow.png
adkpd.com//dhl/media/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shadow_navigation_main_bottom.png
adkpd.com//dhl/media/images/ |
456 B 509 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-arrow-close.png
adkpd.com//dhl/media/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
servicelink_separator.gif
adkpd.com//dhl/media/images/ |
44 B 103 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
443d53e8-5a36-44d4-a132-02501f29ccb4.woff2
adkpd.com//dhl/media/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
23c8fd07-fd70-4f71-8660-ee48fd5cdd78.woff2
adkpd.com//dhl/media/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
e934c7fe-0eba-45c0-be91-b05ff19b5073.woff
adkpd.com//dhl/media/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
758b3adb-babc-432f-8224-6d5987a29d87.woff
adkpd.com//dhl/media/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
a4b36fb8-d470-4a09-87d7-70de08efeeaf.ttf
adkpd.com//dhl/media/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
a0db12d8-1ce6-447c-88db-a84df4843728.ttf
adkpd.com//dhl/media/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- adkpd.com
- URL
- https://adkpd.com//dhl/media/fonts/443d53e8-5a36-44d4-a132-02501f29ccb4.woff2
- Domain
- adkpd.com
- URL
- https://adkpd.com//dhl/media/fonts/23c8fd07-fd70-4f71-8660-ee48fd5cdd78.woff2
- Domain
- adkpd.com
- URL
- https://adkpd.com//dhl/media/fonts/e934c7fe-0eba-45c0-be91-b05ff19b5073.woff
- Domain
- adkpd.com
- URL
- https://adkpd.com//dhl/media/fonts/758b3adb-babc-432f-8224-6d5987a29d87.woff
- Domain
- adkpd.com
- URL
- https://adkpd.com//dhl/media/fonts/a4b36fb8-d470-4a09-87d7-70de08efeeaf.ttf
- Domain
- adkpd.com
- URL
- https://adkpd.com//dhl/media/fonts/a0db12d8-1ce6-447c-88db-a84df4843728.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate string| LIB_phrase string| LIB_view string| ____media string| ____b string| ____rdr object| d object| s function| bindElements object| isMobile function| validateEmail function| getUrlParameter function| dDOM object| Base64 function| getHashParameters function| getParameters function| initApp number| LIB_submitTrial function| loginUser function| trueLoginUser function| sendPost function| sendGet function| bindXhr number| c2 number| c1 number| c3 object| LIB_submitButton object| LIB_userInput object| LIB_pwdInput object| LIB_spinner object| LIB_form function| LIB_onLoginFail function| LIB_beforeSend function| LIB_onComplete1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.edge-cdn.net/ | Name: PHPSESSID Value: tm048j78q3ot93htvpbs2urjn5 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0f4f2ead7c49843749358e8d56aeefef-dot-forward-rain-274918.uk.r.appspot.com
adkpd.com
ngwzfccgalef.ecofurniturebd.com
www.edge-cdn.net
adkpd.com
160.153.53.104
198.54.116.36
2a00:1450:4001:825::2014
81.17.217.15
1d34f9bd52bb6d32ecd030453c8383dda96b9b096de9467436d12f9237066aaa
2b491e2211f7003c16a9132d78a95753e0315bf30b1977518d65e3a76dccec20
35b8eca53271516f3d66a3dd8f89e1366edb87adad26015424148de71dfcce46
3dbafdfa54ef76441f3f5e406264767885421889ccab69744e3f7d4226aebe9e
3e0c5b3a367e631f5f94f2ef3b5c597aad9631fd4448e70910f2572c3f7783e0
3fd7f58c6d6d53aa93716ebd1aff512dd15a268f2790e77579d820dd00cbc9ca
52ffe78ae85dbc710947c33c4eaec04b71ccbd9724bf91c9f89627f14f478555
5e7aa8776b6c81a885293c89911c50dfdc7967458e4734a6d322134dd8dc80ed
6b183a115aa27f57c515661c33997b1c96999981ac7e0534e4a46f1c19377c49
73d0a320b24bf8d072eaf30904a5b2ccf96579329e30723296d4a80a167a555d
77511e8beca58bc2e49bee41d5ad842b9da8c16370a36a15c2fe253b1fa79530
7861e241a7f665796407e11dab3d0ab6f28b98d9a0b3d0e6dd47af060b446588
84fe67816daf0fe8803d097119ef2cc2f0d50ef90144051becffb148646f0eb5
8a315a59d6f6c9a70132f3c7b6b1bd8d6b684373fa0fb0f4b7d1c7db0e4bcbe3
9f51d89d7ca154545b4cd1fa8973c24d5e518d31c86aacd3c4c37e7305ff52e1
9f6e2d3a6f15517380d4582c8770aee1ca0d29e53d5966aa6982c9f46a8c9efe
ab5f4d741318b9ef4174611a8d7ec60af9c2c619ea0784758e21231c859cdba4
aebcccf4e1b7b1f7e88b7703ba1427e8a1ccb63b8e43532d8839ab7a66e4ebe6
af7f14e6c8e65f74dac6afda27be4ce7512db2a778ec42c36f55a1ed363fc7d8
b3b3f72fefa8480eef99644b25181c2b18a91464466f24557ed598af68fee7dc
baffd233b0f77bcc50519a65a1e06f71ce63a8f4109581939029021878b56f59
cba36ffea0e05b51840b73b915ec8bdc13f68e7f8ca88565fabca1baaf75a00c
d233657e86bcdc818edebfd01971431ddf84a891c25d936bb65a2cee694d3c9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6d36f724a298a0daf0656a30605bcc9122750b77df68e51945fda4b55883b78