delivery-globaldhlauth.github.io
Open in
urlscan Pro
2606:50c0:8001::153
Malicious Activity!
Public Scan
Submission: On July 26 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 21st 2023. Valid for: a year.
This is the only time delivery-globaldhlauth.github.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 2606:50c0:800... 2606:50c0:8001::153 | 54113 (FASTLY) (FASTLY) | |
15 | 156.137.1.75 156.137.1.75 | 2571 (DHLNET) (DHLNET) | |
2 | 2a00:1450:400... 2a00:1450:4001:829::200e | 15169 (GOOGLE) (GOOGLE) | |
7 | 2a00:1450:400... 2a00:1450:4001:80f::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
31 | 6 |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
dhlsameday.com
www.dhlsameday.com |
1 MB |
7 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 72 |
78 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 59 region1.google-analytics.com — Cisco Umbrella Rank: 1851 |
21 KB |
3 |
github.io
1 redirects
delivery-globaldhlauth.github.io |
13 KB |
31 | 4 |
Domain | Requested by | |
---|---|---|
15 | www.dhlsameday.com |
delivery-globaldhlauth.github.io
www.dhlsameday.com |
7 | www.googletagmanager.com |
www.google-analytics.com
|
3 | delivery-globaldhlauth.github.io |
1 redirects
www.dhlsameday.com
|
2 | www.google-analytics.com |
delivery-globaldhlauth.github.io
www.google-analytics.com |
1 | region1.google-analytics.com |
www.googletagmanager.com
|
31 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.dhlsameday.com |
www.dpwn.de |
www.dhl.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.github.io DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-21 - 2024-03-20 |
a year | crt.sh |
dhlsameday.com DPDHL Global TLS CA - I5 |
2022-08-11 - 2023-08-11 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://delivery-globaldhlauth.github.io/samedaydelivery/
Frame ID: 791C417F843E5C9207D6D4CBF78CBCCE
Requests: 31 HTTP requests in this frame
Screenshot
Page Title
DHL Same DayPage URL History Show full URLs
-
https://delivery-globaldhlauth.github.io/samedaydelivery
HTTP 301
https://delivery-globaldhlauth.github.io/samedaydelivery/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Microsoft ASP.NET (Web Frameworks) Expand
Detected patterns
- <input[^>]+name="__VIEWSTATE
GitHub Pages (CDN) Expand
Detected patterns
- ^https?://[^/]+\.github\.io
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)/jquery-ui(?:\.min)?\.js
- jquery-ui.*\.js
Page Statistics
19 Outgoing links
These are links going to different origins than the main page.
Title: DHL Same Day Jetline
Search URL Search Domain Scan URL
Title: DHL Same Day Speedline
Search URL Search Domain Scan URL
Title: DHL Same Day Sprintline
Search URL Search Domain Scan URL
Title: Tracking
Search URL Search Domain Scan URL
Title: Customer Login
Search URL Search Domain Scan URL
Title: Quotation Request
Search URL Search Domain Scan URL
Title: Customer Service
Search URL Search Domain Scan URL
Title: Packaging Tips
Search URL Search Domain Scan URL
Title: Safety and Security
Search URL Search Domain Scan URL
Title: Terms and Conditions
Search URL Search Domain Scan URL
Title: Barcode Label Generator
Search URL Search Domain Scan URL
Title: Our Competitive Advantage
Search URL Search Domain Scan URL
Title: Industries We Serve
Search URL Search Domain Scan URL
Title: Contact Customer Service
Search URL Search Domain Scan URL
Title: View Short Video
Search URL Search Domain Scan URL
Title: Agent Login
Search URL Search Domain Scan URL
Title: New Agent
Search URL Search Domain Scan URL
Title: Deutsche Post DHL Group
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://delivery-globaldhlauth.github.io/samedaydelivery
HTTP 301
https://delivery-globaldhlauth.github.io/samedaydelivery/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
delivery-globaldhlauth.github.io/samedaydelivery/ Redirect Chain
|
43 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
announcement.css
www.dhlsameday.com/SkyPortal/css/ |
535 B 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
www.dhlsameday.com/SkyPortal/css/ |
149 KB 150 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
StyleSheet_11.css
www.dhlsameday.com/SkyPortal/ |
50 KB 51 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Spinner.css
www.dhlsameday.com/SkyPortal/css/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery%201.9.1.min.js
www.dhlsameday.com/SkyPortal/js/ |
90 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.css
www.dhlsameday.com/SkyPortal/js/jquery-ui-themes-1.12.0/jquery-ui-themes-1.12.0/ |
38 KB 39 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.js
www.dhlsameday.com/SkyPortal/js/jquery-ui-1.12.0/jquery-ui-1.12.0/ |
526 KB 527 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.js
www.dhlsameday.com/SkyPortal/js/ |
76 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
www.dhlsameday.com/SkyPortal/js/ |
39 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DateFormatter.js
www.dhlsameday.com/SkyPortal/js/DateFormatter/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SmartSentry.js
www.dhlsameday.com/js/ |
612 B 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FormCheck.js
www.dhlsameday.com/Includes/Client/ |
49 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
official_dhllogo.svg
www.dhlsameday.com/images/global/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
announcement.js
www.dhlsameday.com/SkyPortal/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
red-loading.gif
www.dhlsameday.com/images/spinner/ |
8 KB 9 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
dhlicons.ttf
www.dhlsameday.com/SkyPortal/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Delivery_W_Rg.woff
www.dhlsameday.com/SkyPortal/fonts/WOFF/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
dhlicons.woff
www.dhlsameday.com/SkyPortal/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Delivery_W_Rg.woff2
www.dhlsameday.com/SkyPortal/fonts/WOFF2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
15 B 233 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Announcement.json
delivery-globaldhlauth.github.io/samedaydelivery/json/ |
9 KB 5 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
219 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a
www.googletagmanager.com/ |
0 59 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
td
www.googletagmanager.com/ |
0 128 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a
www.googletagmanager.com/ |
0 49 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a
www.googletagmanager.com/ |
0 49 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a
www.googletagmanager.com/ |
0 49 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 266 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a
www.googletagmanager.com/ |
0 11 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.dhlsameday.com
- URL
- https://www.dhlsameday.com/SkyPortal/fonts/dhlicons.ttf
- Domain
- www.dhlsameday.com
- URL
- https://www.dhlsameday.com/SkyPortal/fonts/WOFF/Delivery_W_Rg.woff
- Domain
- www.dhlsameday.com
- URL
- https://www.dhlsameday.com/SkyPortal/fonts/dhlicons.woff
- Domain
- www.dhlsameday.com
- URL
- https://www.dhlsameday.com/SkyPortal/fonts/WOFF2/Delivery_W_Rg.woff2
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)79 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| jQuery1910399384163304598 boolean| isShift string| seperator function| DateFormat function| ValidateDate object| theForm function| __doPostBack boolean| defaultEmptyOK string| previous function| checkel function| highlight function| strip function| reformat function| getFilteredChar function| getPasteFiltered function| getInputNumber function| getInputAlpha function| getMaxInput function| getLowerCase function| getUpperCase function| getInputTime function| getInputTimeWithRange function| getInputDate function| isLeapYear function| clearIncompleteDate function| isChecked function| isFull function| isEmpty function| jumpNext function| containsElement function| isTime function| isDate function| isNumeric function| isSSN function| isPhone function| isZip function| isDigit function| isRange function| isEmail function| formatPhone function| formatSSN function| formatZip function| formatDate function| formatNumber function| checkDate function| checkTime function| checkPhone function| checkSSN function| checkEmail function| checkEmails function| checkZip function| checkNumber function| checkLength function| checkPattern function| checkRequired function| checkUrl function| getCaption function| isRequired function| setNewDateRange function| getSubControl function| isSameControl function| checkRange function| checkMaxCount function| checkRetype function| AllowTabCharacter function| mask function| setMaskPos function| checkMask object| obj string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.delivery-globaldhlauth.github.io/ | Name: _ga Value: GA1.3.49990761.1690403227 |
|
.delivery-globaldhlauth.github.io/ | Name: _gid Value: GA1.3.1801479100.1690403227 |
|
.delivery-globaldhlauth.github.io/ | Name: _gat Value: 1 |
|
.delivery-globaldhlauth.github.io/ | Name: _ga_LEMLJ99F1P Value: GS1.3.1690403226.1.0.1690403226.0.0.0 |
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556952 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
delivery-globaldhlauth.github.io
region1.google-analytics.com
www.dhlsameday.com
www.google-analytics.com
www.googletagmanager.com
www.dhlsameday.com
156.137.1.75
2001:4860:4802:32::36
2606:50c0:8001::153
2a00:1450:4001:80f::2008
2a00:1450:4001:829::200e
016006e99b285b458b39ce31990c0df3fb9abd31fc8d83cdca9d7d7ba97df07e
01a741aad59beee48c3c61b81faba3b671130cf2439e51ec323ed4e5b0b18655
1d997565c484c04e02faa468e029e0595b5ebabd9b3998413860962e0759b582
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
296e69303e541e32ce9c0f00a95ad64b18a19449c5c11c51bf93ce60102fe8f3
35edf6d02ffd8bbf7b46e1868923a247dc5917c579336c06196df13f6179bb9f
372f60f07acc5f455399fa6483c34ef95e4e6558e8cc546e39788aa4a3b43a40
3ba8cff7dab777862145e49459a54cafa188ee1a821070c64a0863d244a629c7
4a4537887a7c799a571bcf30fbbd8358181f01e297455675308219eace433538
4f9ef836f25359cf8f6a7f210269d75dcd1e6458aa291a7bc50deccf942214e9
69c89e46ea24222f963f631aa57476630f2cd8e6431a71b50ac3089a91bcbda8
8084c60f76521788b0510cb30dd4b0315cde7380969f45a346a49f079c674932
a915d483b99af421f4813e6b60599b4e39faff120e54b5e9838386d4ae1a4c60
aeed178a287002e32c4a7767dc24b3c732a812cdd42017835055e42db4d2eae1
b620507312c5e97566a3c6cfaf99144fefc18a0da7d941401dfa0f5f58fb0368
c1c56cc06b8d0a39ee46d0e6c8d26f044ee0c7ae6be45879039447b24fda4254
c754bf6b2e67654db437d0cdee50cce83c4f9be255d4577b7e8fa42e6802deaf
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed6193e227b76555f03c5784c7dc2490684afa097e9a0bac7f2e21e430b08140
f4667d613474f0e65504357e1902b856679af312454b53f1fb1cb4472577d8d5