ydvalvezs.com
Open in
urlscan Pro
95.174.65.242
Malicious Activity!
Public Scan
Submission: On December 18 via manual from GB
Summary
This is the only time ydvalvezs.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 95.174.65.242 95.174.65.242 | 9009 (M247) (M247) | |
16 | 156.137.1.75 156.137.1.75 | 2571 (DHLNET) (DHLNET - DHL Information Services (Europe) s.r.o) | |
2 | 2a00:1450:400... 2a00:1450:4001:81e::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
25 | 4 |
ASN2571 (DHLNET - DHL Information Services (Europe) s.r.o, CZ)
www.dhlsameday.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
dhlsameday.com
www.dhlsameday.com |
1002 KB |
3 |
ydvalvezs.com
1 redirects
ydvalvezs.com |
44 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
25 | 3 |
Domain | Requested by | |
---|---|---|
16 | www.dhlsameday.com |
ydvalvezs.com
www.dhlsameday.com |
3 | ydvalvezs.com |
1 redirects
www.dhlsameday.com
|
2 | www.google-analytics.com |
ydvalvezs.com
|
25 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.dhlsameday.com |
www.dpwn.de |
www.dhl.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
dhlsameday.com DPDHL Global TLS CA - I4 |
2019-10-01 - 2021-09-30 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://ydvalvezs.com/log/dhlsameday/
Frame ID: E1BD48D3FE46ED180529FE27B902143A
Requests: 25 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://ydvalvezs.com/log/dhlsameday
HTTP 301
http://ydvalvezs.com/log/dhlsameday/ Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- html /<input[^>]+name="__VIEWSTATE/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Microsoft ASP.NET (Web Frameworks) Expand
Detected patterns
- html /<input[^>]+name="__VIEWSTATE/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
IIS (Web Servers) Expand
Detected patterns
- html /<input[^>]+name="__VIEWSTATE/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
- script /jquery-ui.*\.js/i
Page Statistics
19 Outgoing links
These are links going to different origins than the main page.
Title: DHL Same Day Jetline
Search URL Search Domain Scan URL
Title: DHL Same Day Speedline
Search URL Search Domain Scan URL
Title: DHL Same Day Sprintline
Search URL Search Domain Scan URL
Title: Tracking
Search URL Search Domain Scan URL
Title: Customer Login
Search URL Search Domain Scan URL
Title: Quotation Request
Search URL Search Domain Scan URL
Title: Customer Service
Search URL Search Domain Scan URL
Title: Packaging Tips
Search URL Search Domain Scan URL
Title: Safety and Security
Search URL Search Domain Scan URL
Title: Terms and Conditions
Search URL Search Domain Scan URL
Title: Barcode Label Generator
Search URL Search Domain Scan URL
Title: Our Competitive Advantage
Search URL Search Domain Scan URL
Title: Industries We Serve
Search URL Search Domain Scan URL
Title: Contact Customer Service
Search URL Search Domain Scan URL
Title: View Short Video
Search URL Search Domain Scan URL
Title: Agent Login
Search URL Search Domain Scan URL
Title: New Agent
Search URL Search Domain Scan URL
Title: Deutsche Post DHL Group
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ydvalvezs.com/log/dhlsameday
HTTP 301
http://ydvalvezs.com/log/dhlsameday/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
ydvalvezs.com/log/dhlsameday/ Redirect Chain
|
43 KB 44 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
announcement.css
www.dhlsameday.com/SkyPortal/css/ |
542 B 1012 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
www.dhlsameday.com/SkyPortal/css/ |
143 KB 144 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
StyleSheet_11.css
www.dhlsameday.com/SkyPortal/ |
50 KB 51 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Spinner.css
www.dhlsameday.com/SkyPortal/css/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery%201.9.1.min.js
www.dhlsameday.com/SkyPortal/js/ |
90 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.css
www.dhlsameday.com/SkyPortal/js/jquery-ui-themes-1.12.0/jquery-ui-themes-1.12.0/ |
36 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.js
www.dhlsameday.com/SkyPortal/js/jquery-ui-1.12.0/jquery-ui-1.12.0/ |
508 KB 508 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.js
www.dhlsameday.com/SkyPortal/js/ |
67 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
www.dhlsameday.com/SkyPortal/js/ |
36 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DateFormatter.js
www.dhlsameday.com/SkyPortal/js/DateFormatter/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SmartSentry.js
www.dhlsameday.com/js/ |
612 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FormCheck.js
www.dhlsameday.com/Includes/Client/ |
40 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
official_dhllogo.svg
www.dhlsameday.com/images/global/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
announcement.js
www.dhlsameday.com/SkyPortal/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
red-loading.gif
www.dhlsameday.com/images/spinner/ |
8 KB 8 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
dhlicons.ttf
www.dhlsameday.com/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
a4b36fb8-d470-4a09-87d7-70de08efeeaf.ttf
www.dhlsameday.com/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ui-icons_444444_256x240.png
www.dhlsameday.com/SkyPortal/js/jquery-ui-themes-1.12.0/jquery-ui-themes-1.12.0/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 111 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
dhlicons.woff
www.dhlsameday.com/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
a4b36fb8-d470-4a09-87d7-70de08efeeaf.woff
www.dhlsameday.com/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
a4b36fb8-d470-4a09-87d7-70de08efeeaf.woff2
www.dhlsameday.com/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Announcement.json
ydvalvezs.com/log/dhlsameday/json/ |
315 B 515 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.dhlsameday.com
- URL
- https://www.dhlsameday.com/fonts/dhlicons.ttf
- Domain
- www.dhlsameday.com
- URL
- https://www.dhlsameday.com/fonts/a4b36fb8-d470-4a09-87d7-70de08efeeaf.ttf
- Domain
- www.dhlsameday.com
- URL
- https://www.dhlsameday.com/fonts/dhlicons.woff
- Domain
- www.dhlsameday.com
- URL
- https://www.dhlsameday.com/fonts/a4b36fb8-d470-4a09-87d7-70de08efeeaf.woff
- Domain
- www.dhlsameday.com
- URL
- https://www.dhlsameday.com/fonts/a4b36fb8-d470-4a09-87d7-70de08efeeaf.woff2
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)78 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| jQuery19102516195215080399 boolean| isShift string| seperator function| DateFormat function| ValidateDate object| theForm function| __doPostBack boolean| defaultEmptyOK string| previous function| checkel function| highlight function| strip function| reformat function| getFilteredChar function| getPasteFiltered function| getInputNumber function| getInputAlpha function| getMaxInput function| getLowerCase function| getUpperCase function| getInputTime function| getInputDate function| isLeapYear function| clearIncompleteDate function| isChecked function| isFull function| isEmpty function| jumpNext function| containsElement function| isTime function| isDate function| isNumeric function| isSSN function| isPhone function| isZip function| isDigit function| isRange function| isEmail function| formatPhone function| formatSSN function| formatZip function| formatDate function| formatNumber function| checkDate function| checkTime function| checkPhone function| checkSSN function| checkEmail function| checkEmails function| checkZip function| checkNumber function| checkLength function| checkPattern function| checkRequired function| checkUrl function| getCaption function| isRequired function| setNewDateRange function| getSubControl function| isSameControl function| checkRange function| checkMaxCount function| checkRetype function| AllowTabCharacter function| mask function| setMaskPos function| checkMask object| obj string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ydvalvezs.com/ | Name: _gid Value: GA1.2.173123298.1576677817 |
|
.ydvalvezs.com/ | Name: _gat Value: 1 |
|
.ydvalvezs.com/ | Name: _ga Value: GA1.2.1144448270.1576677817 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.dhlsameday.com
www.google-analytics.com
ydvalvezs.com
www.dhlsameday.com
156.137.1.75
2a00:1450:4001:81e::200e
95.174.65.242
016006e99b285b458b39ce31990c0df3fb9abd31fc8d83cdca9d7d7ba97df07e
01a741aad59beee48c3c61b81faba3b671130cf2439e51ec323ed4e5b0b18655
10973b29fe11aa66c8b3c4be03d536074d09ddc647089268e4d12229801ac7ca
11efcc19df69b86fe7db28fb870f9b8d464fe2900db5f5a1754872ef1c6200ed
266eefb41a7b7fac8a5c5349f0e852a5a47b589ece007ffc89228670ddc4a4b0
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
71e4f2148b419fa6e50d11090df3ab260b8ca4b17902bbaa4dedf6853a423004
7b625b05ac2bee641a43c1a4ad81cf7e307444acaa88ff00d2cf11e785675340
8084c60f76521788b0510cb30dd4b0315cde7380969f45a346a49f079c674932
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a20143f92c48a198db4ceda98de9dabd8c773db09b8f5a0e941ea0b120f6469a
aea01661dd4d983009f546236a40e8d5b39824af3ebef11d7eb9e470009c1347
aeed178a287002e32c4a7767dc24b3c732a812cdd42017835055e42db4d2eae1
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1c56cc06b8d0a39ee46d0e6c8d26f044ee0c7ae6be45879039447b24fda4254
d183ca03064fecca7700b311541da2f065de12776f0aadde4a5fd6b009754729
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
defc39740ac1859d8e2785ed473208409627e87addd5f78f2deaacb93a12d51d
fcdf1a26ed7a387f4cd46f36fab5ac030b0467dcc41c4c35f81fa807491ade22