![](/screenshots/ddb1b87c-2606-47c1-8783-3b15ef63583a.png)
dpd-parceltracking-status.com
Open in
urlscan Pro
104.21.20.121
Malicious Activity!
Public Scan
Submission: On September 25 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 25th 2021. Valid for: a year.
This is the only time dpd-parceltracking-status.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DPD (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 104.21.20.121 104.21.20.121 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 142.250.184.232 142.250.184.232 | 15169 (GOOGLE) (GOOGLE) | |
14 | 2.16.186.186 2.16.186.186 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 13.225.78.82 13.225.78.82 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 104.21.78.7 104.21.78.7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.18.11.207 104.18.11.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.250.185.170 142.250.185.170 | 15169 (GOOGLE) (GOOGLE) | |
2 | 151.101.114.109 151.101.114.109 | 54113 (FASTLY) (FASTLY) | |
1 | 142.250.184.206 142.250.184.206 | 15169 (GOOGLE) (GOOGLE) | |
37 | 10 |
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net
www.googletagmanager.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-186.deploy.static.akamaitechnologies.com
drivers.dpd.co.uk |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-82.fra2.r.cloudfront.net
negbar.ad-blocker.org |
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
dpd.co.uk
drivers.dpd.co.uk |
714 KB |
10 |
dpd-parceltracking-status.com
dpd-parceltracking-status.com |
3 KB |
2 |
vimeocdn.com
extend.vimeocdn.com |
12 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
88 KB |
1 |
google-analytics.com
www.google-analytics.com |
377 B |
1 |
googleapis.com
fonts.googleapis.com |
840 B |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
6 KB |
1 |
fontawesome.com
use.fontawesome.com |
13 KB |
1 |
ad-blocker.org
negbar.ad-blocker.org |
351 B |
37 | 9 |
Domain | Requested by | |
---|---|---|
14 | drivers.dpd.co.uk |
dpd-parceltracking-status.com
drivers.dpd.co.uk |
10 | dpd-parceltracking-status.com |
dpd-parceltracking-status.com
|
2 | extend.vimeocdn.com |
dpd-parceltracking-status.com
www.googletagmanager.com |
2 | www.googletagmanager.com |
dpd-parceltracking-status.com
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | fonts.googleapis.com |
dpd-parceltracking-status.com
|
1 | maxcdn.bootstrapcdn.com |
dpd-parceltracking-status.com
|
1 | use.fontawesome.com |
dpd-parceltracking-status.com
|
1 | negbar.ad-blocker.org |
dpd-parceltracking-status.com
|
37 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-25 - 2022-09-24 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
dpdgroup.co.uk R3 |
2021-09-08 - 2021-12-07 |
3 months | crt.sh |
*.ad-blocker.org Amazon |
2021-06-13 - 2022-07-12 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2020 |
2021-05-18 - 2022-06-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://dpd-parceltracking-status.com/
Frame ID: 9B711000D8804EEC5F6D7D776E85C82B
Requests: 37 HTTP requests in this frame
Screenshot
![](/screenshots/ddb1b87c-2606-47c1-8783-3b15ef63583a.png)
Page Title
LoginDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/ZURB Foundation.png)
Detected patterns
- <link[^>]+foundation[^>"]+css
- <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns
Detected patterns
- \bangular.{0,32}\.js
![](/vendor/wappa/icons/RxJS.png)
Detected patterns
- rx(?:\.\w+)?(?:\.compat|\.global)?(?:\.min)?\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
![](/vendor/wappa/icons/Lo-dash.png)
Detected patterns
- lodash.*\.js
Detected patterns
- moment(?:\.min)?\.js
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
- jquery[.-]([\d.]*\d)[^/]*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
dpd-parceltracking-status.com/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
97 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
125 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
es6-promise.js
drivers.dpd.co.uk/js/ |
18 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
es6-shim.min.js
drivers.dpd.co.uk/js/ |
47 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular2-polyfills.js
drivers.dpd.co.uk/js/ |
230 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Rx.umd.js
drivers.dpd.co.uk/js/ |
395 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular2-all.umd.js
drivers.dpd.co.uk/js/ |
2 MB 271 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shims_for_IE.js
drivers.dpd.co.uk/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moment.js
drivers.dpd.co.uk/js/ |
147 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lodash.js
drivers.dpd.co.uk/js/ |
528 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foundation-icons.css
drivers.dpd.co.uk/dpdgroup-css/asset_files/icon/foundation-icons/ |
19 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layout.css
drivers.dpd.co.uk/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dpdgroup-login.css
drivers.dpd.co.uk/ang-component/webcomponents2/ |
136 KB 137 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
drivers.dpd.co.uk/js/ |
560 B 596 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getWebComponents.js
drivers.dpd.co.uk/ang-component/webcomponents2/ |
143 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
dpd-parceltracking-status.com/ang-component/webcomponents2/node_modules/jquery/dist/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adblocker-chromeglobalinjectjs.js
negbar.ad-blocker.org/chrome/ |
3 B 351 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.component.js
dpd-parceltracking-status.com/ang-component/webcomponents2/dist/components/basic/login/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.8.1/css/ |
54 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ |
21 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
664 B 840 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DPDG_logo_320.png
drivers.dpd.co.uk/dpdgroup-css/asset_files/img/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-3.5.1.slim.min.js
dpd-parceltracking-status.com/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
popper.min.js
dpd-parceltracking-status.com/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
dpd-parceltracking-status.com/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ie8.js
dpd-parceltracking-status.com/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
google_analytics.js
dpd-parceltracking-status.com/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10368659.js
extend.vimeocdn.com/ga/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 377 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
plutosansdpdlight-web.woff
drivers.dpd.co.uk/static/css/plutosansdpd/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
foundation-icons.woff
drivers.dpd.co.uk/dpdgroup-css/asset_files/icon/foundation-icons/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
plutosansdpdlight-web.ttf
drivers.dpd.co.uk/static/css/plutosansdpd/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
foundation-icons.ttf
drivers.dpd.co.uk/dpdgroup-css/asset_files/icon/foundation-icons/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ie8.js
dpd-parceltracking-status.com/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
google_analytics.js
dpd-parceltracking-status.com/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10368659.js
extend.vimeocdn.com/ga/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- drivers.dpd.co.uk
- URL
- https://drivers.dpd.co.uk/static/css/plutosansdpd/plutosansdpdlight-web.woff
- Domain
- drivers.dpd.co.uk
- URL
- https://drivers.dpd.co.uk/dpdgroup-css/asset_files/icon/foundation-icons/foundation-icons.woff
- Domain
- drivers.dpd.co.uk
- URL
- https://drivers.dpd.co.uk/static/css/plutosansdpd/plutosansdpdlight-web.ttf
- Domain
- drivers.dpd.co.uk
- URL
- https://drivers.dpd.co.uk/dpdgroup-css/asset_files/icon/foundation-icons/foundation-icons.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DPD (Transportation)24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| gaGlobal object| ES6Promise object| returnExports function| Zone object| zone object| Rx function| assert object| ng function| URLPolyfill function| moment function| _ object| dpdGroupApp object| dpdWebComponentsModule object| Vimeo function| __vimeoRefresh function| onYouTubeIframeAPIReady function| _zone$addEventListener function| _zone$removeEventListener3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dpd-parceltracking-status.com/ | Name: PHPSESSID Value: b73cb2fe05a1c77105e3dfe3ef0c382f |
|
.dpd-parceltracking-status.com/ | Name: _ga Value: GA1.1.209206028.1632565493 |
|
.dpd-parceltracking-status.com/ | Name: _ga_5WL02DKNK5 Value: GS1.1.1632565492.1.0.1632565493.0 |
17 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dpd-parceltracking-status.com
drivers.dpd.co.uk
extend.vimeocdn.com
fonts.googleapis.com
maxcdn.bootstrapcdn.com
negbar.ad-blocker.org
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
drivers.dpd.co.uk
104.18.11.207
104.21.20.121
104.21.78.7
13.225.78.82
142.250.184.206
142.250.184.232
142.250.185.170
151.101.114.109
2.16.186.186
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
172ea6aa19e8c12cb218da22cad544e5acd4d220b6ea4ce266e5af5f0cdd8846
1b95ffa3c850559f5d246df1dad131902593bb4a6d96c2997a700a1bc7d38afb
1fd8c0cfffd02e40cecbf9f313d1b86988a342d90bb7d16f1a67544f0064ea0b
253f3081f7d0971b1be59b6ef4ed79ea4f8c4efa133e7defcbd7e19aae35901f
346e3573e7abe713a6c541a31984a37bf07d5527cb43e0f73ac078ed7954d6a9
5e2e44f377eeb8134495c72a9e13daa57be67338cdfe0833fc49bec825a31a50
60566ad9a385af92d83b54142e073c86ed2d9c01c4b303c32aee793466ad2d98
6baf1f9bbb6542095f6c68d56f619253b229dc300669d110c46b473179373465
71160cdda04762147f200673de4fdd9e120fdb69b2d4fe06bce3cea06f042bce
847825a0827e1c7609366e483e54d8d8566674ce5934ea391f2b48d84bbfe40b
933bfeafa74baa6cfb898b91d8e7705209785f9455b2810d0738a0745e5cc6d5
a6fd7482cb9f3aed074fbdb7d22c3ea1d8601f694f72cef50c9ed08475654a5c
a8b4c7cc996b1f5a6181dae27f248ecd5386e5fc2109b407bcf286f8e610be70
a927eb2caacdc72f62d6b85920554cdbc96b3fb12c39e2cb70d78598cff7f0e6
aabf685eb75d9780ed6d393961f91ee7cdd498dd1417f1cecba34c6fc99ad8f2
b3f2a7d0562fff82dc1703b58d55fe7cf721c9c9f0ca43af4221bb6d7536ad62
d4e4598ec058ed7aa55cd94384d80b7c9e0eb437de6b72b37f81e4c754fa71f3
e2223bf811286a930e4b395169bc2376e26d8daf4ea867d4558264f15db3f38d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32