![](/screenshots/cf859008-6058-4efe-b1b1-26c3d1754866.png)
divyadairyfarm.com
Open in
urlscan Pro
103.227.176.20
Malicious Activity!
Public Scan
Effective URL: https://divyadairyfarm.com/wp-includes/IDX3/
Submission: On June 19 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 5th 2023. Valid for: 3 months.
This is the only time divyadairyfarm.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 199.36.158.100 199.36.158.100 | 54113 (FASTLY) (FASTLY) | |
2 2 | 162.55.234.174 162.55.234.174 | 24940 (HETZNER-AS) (HETZNER-AS) | |
19 | 103.227.176.20 103.227.176.20 | 55293 (A2HOSTING) (A2HOSTING) | |
2 | 23.39.216.225 23.39.216.225 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 142.250.198.14 142.250.198.14 | 15169 (GOOGLE) (GOOGLE) | |
22 | 3 |
ASN16625 (AKAMAI-AS, US)
PTR: a23-39-216-225.deploy.static.akamaitechnologies.com
assets.adobedtm.com |
ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f14.1e100.net
apis.google.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
divyadairyfarm.com
divyadairyfarm.com |
581 KB |
2 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 398 |
14 KB |
2 |
visitalhoceima.ma
2 redirects
visitalhoceima.ma |
177 B |
1 |
google.com
apis.google.com — Cisco Umbrella Rank: 191 |
22 KB |
1 |
web.app
1 redirects
vef-app-3d1e3.web.app |
264 B |
22 | 5 |
Domain | Requested by | |
---|---|---|
19 | divyadairyfarm.com |
divyadairyfarm.com
|
2 | assets.adobedtm.com |
divyadairyfarm.com
|
2 | visitalhoceima.ma | 2 redirects |
1 | apis.google.com |
divyadairyfarm.com
|
1 | vef-app-3d1e3.web.app | 1 redirects |
22 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.dhl.com |
www.facebook.com |
www.youtube.com |
www.instagram.com |
www.linkedin.com |
twitter.com |
dhl.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
divyadairyfarm.com cPanel, Inc. Certification Authority |
2023-05-05 - 2023-08-03 |
3 months | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-19 - 2023-08-19 |
a year | crt.sh |
*.apis.google.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://divyadairyfarm.com/wp-includes/IDX3/
Frame ID: D7081BC305A3B8D6E0C0C5EE7ED4251A
Requests: 22 HTTP requests in this frame
Screenshot
![](/screenshots/cf859008-6058-4efe-b1b1-26c3d1754866.png)
Page Title
DHLPage URL History Show full URLs
-
https://vef-app-3d1e3.web.app/
HTTP 301
https://visitalhoceima.ma/ISO8 HTTP 301
https://visitalhoceima.ma/ISO8/ HTTP 302
https://divyadairyfarm.com/wp-includes/IDX3/ Page URL
Detected technologies
Detected patterns
- /etc\.clientlibs/
Detected patterns
- /wp-(?:content|includes)/
Detected patterns
- <meta[^>]*google-signin-client_id
- apis\.google\.com/js/platform\.js
Detected patterns
- apis\.google\.com/js/[a-z]*\.js
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: Small business & global logistics advice | Discover DHL
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: YouTube
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: dhl.com
Search URL Search Domain Scan URL
Title: Delivered
Search URL Search Domain Scan URL
Title: Privacy Notice
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://vef-app-3d1e3.web.app/
HTTP 301
https://visitalhoceima.ma/ISO8 HTTP 301
https://visitalhoceima.ma/ISO8/ HTTP 302
https://divyadairyfarm.com/wp-includes/IDX3/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
divyadairyfarm.com/wp-includes/IDX3/ Redirect Chain
|
33 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
apis.google.com/js/ |
57 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
divyadairyfarm.com/wp-includes/IDX3/sources/ |
474 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
192.png
divyadairyfarm.com/discover/etc.clientlibs/dhl/clientlibs/clientlib-site/resources/img/icons/ |
95 KB 95 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dhl-logo.png
divyadairyfarm.com/wp-includes/IDX3/sources/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
searchicon.svg
divyadairyfarm.com/wp-includes/IDX3/sources/img/ |
441 B 533 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ngg.jpg
divyadairyfarm.com/wp-includes/IDX3/sources/img/ |
356 KB 354 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkarrow.png
divyadairyfarm.com/etc.clientlibs/dhl/clientlibs/clientlib-site/resources/img/ |
64 KB 64 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
socialiconsfacebook.svg
divyadairyfarm.com/wp-includes/IDX3/sources/img/ |
394 B 474 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
socialiconsyoutube.svg
divyadairyfarm.com/wp-includes/IDX3/sources/img/ |
488 B 568 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
socialiconsinstagram.svg
divyadairyfarm.com/wp-includes/IDX3/sources/img/ |
930 B 1010 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
socialiconslinkedin.svg
divyadairyfarm.com/wp-includes/IDX3/sources/img/ |
392 B 472 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
socialiconstwitter.svg
divyadairyfarm.com/wp-includes/IDX3/sources/img/ |
537 B 617 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
externallinkicon.svg
divyadairyfarm.com/wp-includes/IDX3/sources/img/ |
215 B 293 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Delivery_W_CdBlk.woff2
divyadairyfarm.com/etc.clientlibs/dhl/clientlibs/clientlib-site/resources/fonts/delivery/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Delivery_W_Rg.woff2
divyadairyfarm.com/etc.clientlibs/dhl/clientlibs/clientlib-site/resources/fonts/delivery/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Delivery_W_CdLt.woff2
divyadairyfarm.com/etc.clientlibs/dhl/clientlibs/clientlib-site/resources/fonts/delivery/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Delivery_W_CdLt.woff
divyadairyfarm.com/etc.clientlibs/dhl/clientlibs/clientlib-site/resources/fonts/delivery/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Delivery_W_Rg.woff
divyadairyfarm.com/etc.clientlibs/dhl/clientlibs/clientlib-site/resources/fonts/delivery/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Delivery_W_CdBlk.woff
divyadairyfarm.com/etc.clientlibs/dhl/clientlibs/clientlib-site/resources/fonts/delivery/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| gapi object| ___jsl0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
apis.google.com
assets.adobedtm.com
divyadairyfarm.com
vef-app-3d1e3.web.app
visitalhoceima.ma
103.227.176.20
142.250.198.14
162.55.234.174
199.36.158.100
23.39.216.225
04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a
053dc45cfacdd996139b3fbf43c2c54edfac1debddbf318b64fcca1b1c7a5d47
0fb047407765bcc74545f49dac1dd3d026555f55f5178107c2c75676e365f466
100b98dc40358e08109ec41e378361e2d5d9207c6fb3e13b1dbad54c07b15d53
1ffb0072345926a1bbc655179487600829d223a459506159a9bb846151e139d8
270d3f818e562f9df6f9b0e378fbd6fa31a5e1b2226851a11e6f2e8fd860aff0
3420a130ddd084589ade0a424fceacc675a450a90367b40250d1e5d7cdbed94b
52a972a35bef2b710c2108737bb54a8efbaa8a5b0cf1233856669bcf57174f54
6ffbcfbabf016266f072b765f35c09e4d801c002d100f99fd44d6eab14ab1156
8c81ddcd7c1ac4413c7ec7eb9af0f017a2e6b02a824784f0b22a704878b5cfea
92a5483c45892ca5bf8e66668feb532586bf64561fcce0f279b238dc3ac49374
99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c
c103735af5c4cf66e36b888d63d75f7a95ce1db6c9fdabe73470ce4f1eee43fd
d7795b6034cbc93fc0632df895294a248644faa373ff8654553f81c137972ae8
d81d276d8f0cdfdcd0af7cfe132940ee7fe21ea808a156245c3823f5d1eff079
f852b33e7efba1eb22dac38b23d144758fd14c4e980db84a05ffa26d5d160411