19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com Open in urlscan Pro
2a00:1450:4001:801::2014 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/#patricia.lorenz%40agricorp.com
Effective URL:
https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/
Submission: On June 23 via api (June 23rd 2020, 12:09:10 pm UTC) from US

Summary HTTP 31 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 31 HTTP transactions. The main IP is 2a00:1450:4001:801::2014, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is 19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com.
TLS certificate: Issued by GTS CA 1O1 on May 26th 2020. Valid for: 3 months.

This is the only time 19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4001:801::2014	15169 (GOOGLE) (GOOGLE)
23	160.153.53.104 160.153.53.104	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	81.17.217.15 81.17.217.15	35833 (MPEXNET) (MPEXNET)
31	4

1 2a00:1450:4001:801::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 160.153.53.104 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-160-153-53-104.ip.secureserver.net

adkpd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.217.15 (Germany)

ASN35833 (MPEXNET, DE)
PTR: 3-16.deber2.movingimage24.net

www.edge-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	adkpd.com adkpd.com	356 KB
1	edge-cdn.net www.edge-cdn.net
1	appspot.com 19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com	146 KB
31	3

	Domain	Requested by
23	adkpd.com	19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com
1	www.edge-cdn.net	adkpd.com
1	19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com
31	3

This site contains links to these domains. Also see Links.

Domain
www.mydhl.dhl.com
www.dhl.com
www.dhl.de

Subject Issuer	Validity	Valid
*.appspot.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
adkpd.com ZeroSSL RSA Domain Secure Site CA	`2020-05-08` - `2020-08-06`	3 months	crt.sh
*.edge-cdn.net AlphaSSL CA - SHA256 - G2	`2019-02-11` - `2021-02-11`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/
Frame ID: E9B7E4493C3B5C00A4840392A765C190
Requests: 31 HTTP requests in this frame

Frame: https://www.edge-cdn.net/video_921234?playerskin=50107
Frame ID: 138735E1ACA2460C6AE5027DF5EF51C6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

31
Requests

81 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

502 kB
Transfer

809 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mydhl.dhl.com/mydhl/appmanager/smep/customerDesktop?_nfpb=true&_pageLabel=P400182161326899941678&_nfls=false
Title: Forgot Password or User ID?

Search URL Search Domain Scan URL

URL: https://www.mydhl.dhl.com/mydhl/appmanager/smep/customerDesktop?_nfpb=true&_pageLabel=smep_portal_page_userregistration&_nfls=false
Title: Register Now

Search URL Search Domain Scan URL

URL: http://www.dhl.com/en/express/resource_center/ecom_tools.html
Title: Find Out More

Search URL Search Domain Scan URL

URL: http://www.dhl.com/en/express/customs_support/duties_taxes.html
Title: Continue Reading

Search URL Search Domain Scan URL

URL: http://www.dhl.com/en/express/import_services.html
Title: Continue Reading

Search URL Search Domain Scan URL

URL: http://www.dhl.com/en/express/shipping/shipping_advice.html
Title: Continue Reading

Search URL Search Domain Scan URL

URL: https://www.dhl.de/en/toolbar/footer/impressum.html
Title: Masthead

Search URL Search Domain Scan URL

URL: http://www.dhl.com/en/legal.html#t_c
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: http://www.dhl.com/en/legal.html#privacy
Title: Privacy & Cookies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/	247 KB 146 KB	192ms 112ms	Document text/html	2a00:1450:4001:801::2014 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash `3fd7f58c6d6d53aa93716ebd1aff512dd15a268f2790e77579d820dd00cbc9ca` Request headers :method GET :authority 19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 content-type text/html content-encoding gzip x-cloud-trace-context 5359153c8fff035ef34d66ec78f8c05f;o=1 vary Accept-Encoding date Tue, 23 Jun 2020 12:08:52 GMT server Google Frontend cache-control private content-length 148603 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	layout.css adkpd.com//dhl/media/css/	1 KB 624 B	441ms 142ms	Stylesheet text/css	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://adkpd.com//dhl/media/css/layout.css Requested by Host: 19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com URL: https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `af7f14e6c8e65f74dac6afda27be4ce7512db2a778ec42c36f55a1ed363fc7d8` Request headers Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:52 GMT content-encoding gzip last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a036b-474-5a872b40c5b00-gzip" vary Accept-Encoding,User-Agent content-type text/css status 200 accept-ranges bytes content-length 474
GET H2	200	main.css adkpd.com//dhl/media/css/	115 KB 21 KB	445ms 148ms	Stylesheet text/css	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://adkpd.com//dhl/media/css/main.css Requested by Host: 19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com URL: https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `f6d36f724a298a0daf0656a30605bcc9122750b77df68e51945fda4b55883b78` Request headers Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:52 GMT content-encoding gzip last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a0369-1ca6d-5a872b40c5b00-gzip" vary Accept-Encoding,User-Agent content-type text/css status 200 accept-ranges bytes content-length 21381
GET H2	200	1.css adkpd.com//dhl/media/css/	0 59 B	441ms 143ms	Stylesheet text/css	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://adkpd.com//dhl/media/css/1.css Requested by Host: 19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com URL: https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:52 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a036a-0-5a872b40c5b00" vary User-Agent content-type text/css status 200 accept-ranges bytes content-length 0
GET H2	200	helpers.js Show response adkpd.com//dhl/media/js/	12 KB 3 KB	441ms 144ms	Script application/javascript	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://adkpd.com//dhl/media/js/helpers.js?ver=12839297292 Requested by Host: 19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com URL: https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `8a315a59d6f6c9a70132f3c7b6b1bd8d6b684373fa0fb0f4b7d1c7db0e4bcbe3` Request headers Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:52 GMT content-encoding gzip last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a0383-2e3b-5a872b40c5b00-gzip" vary Accept-Encoding,User-Agent content-type application/javascript status 200 accept-ranges bytes content-length 2867
GET H2	200	app.js Show response adkpd.com//dhl/media/js/	886 B 453 B	440ms 143ms	Script application/javascript	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://adkpd.com//dhl/media/js/app.js?ver=21313 Requested by Host: 19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com URL: https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `1d34f9bd52bb6d32ecd030453c8383dda96b9b096de9467436d12f9237066aaa` Request headers Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:52 GMT content-encoding gzip last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a0384-376-5a872b40c5b00-gzip" vary Accept-Encoding,User-Agent content-type application/javascript status 200 accept-ranges bytes content-length 377
GET H/1.1	200 OK	Cookie set video_921234 www.edge-cdn.net/ Frame 1387	0 0	230ms 71ms	Document text/html	81.17.217.15 MPEXNET
General Check archive.org Show headers Download Go to Full URL https://www.edge-cdn.net/video_921234?playerskin=50107 Requested by Host: adkpd.com URL: https://adkpd.com//dhl/media/js/helpers.js?ver=12839297292 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 81.17.217.15 , Germany, ASN35833 (MPEXNET, DE), Reverse DNS 3-16.deber2.movingimage24.net Software Apache / Resource Hash Request headers Host www.edge-cdn.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ Response headers Date Tue, 23 Jun 2020 12:08:53 GMT Server Apache Set-Cookie PHPSESSID=0n625s1tu4mds9uom9pqlldho7; path=/; domain=.edge-cdn.net; secure Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache P3P CP="STA" Access-Control-Allow-Origin * Vary Accept-Encoding Content-Encoding gzip Access-Control-Allow-Headers X-Requested-With Content-Length 8776 Keep-Alive timeout=3, max=100 Connection Keep-Alive Content-Type text/html;charset=UTF-8
GET H2	200	dhl_logo_transparent.png adkpd.com//dhl/media/images/	2 KB 2 KB	146ms 143ms	Image image/png	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://adkpd.com//dhl/media/images/dhl_logo_transparent.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `35b8eca53271516f3d66a3dd8f89e1366edb87adad26015424148de71dfcce46` Request headers Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:53 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a0376-794-5a872b40c5b00" content-type image/png status 200 accept-ranges bytes content-length 1940
GET H2	200	mydhl_logo_transparent.png adkpd.com//dhl/media/images/	4 KB 4 KB	144ms 143ms	Image image/png	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://adkpd.com//dhl/media/images/mydhl_logo_transparent.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `9f51d89d7ca154545b4cd1fa8973c24d5e518d31c86aacd3c4c37e7305ff52e1` Request headers Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:53 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a0371-107c-5a872b40c5b00" content-type image/png status 200 accept-ranges bytes content-length 4220
GET H2	200	form_help.png adkpd.com//dhl/media/images/	1 KB 1 KB	146ms 144ms	Image image/png	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://adkpd.com//dhl/media/images/form_help.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `77511e8beca58bc2e49bee41d5ad842b9da8c16370a36a15c2fe253b1fa79530` Request headers Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:53 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a037f-4f9-5a872b40c5b00" content-type image/png status 200 accept-ranges bytes content-length 1273
GET DATA	200 OK	truncated /	106 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `2b491e2211f7003c16a9132d78a95753e0315bf30b1977518d65e3a76dccec20` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	mydhl_benefit_1.png adkpd.com//dhl/media/images/	5 KB 5 KB	147ms 141ms	Image image/png	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://adkpd.com//dhl/media/images/mydhl_benefit_1.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `6b183a115aa27f57c515661c33997b1c96999981ac7e0534e4a46f1c19377c49` Request headers Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:53 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a0375-1485-5a872b40c5b00" content-type image/png status 200 accept-ranges bytes content-length 5253
GET H2	200	mydhl_benefit_2.png adkpd.com//dhl/media/images/	4 KB 4 KB	146ms 141ms	Image image/png	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://adkpd.com//dhl/media/images/mydhl_benefit_2.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `baffd233b0f77bcc50519a65a1e06f71ce63a8f4109581939029021878b56f59` Request headers Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:53 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a0372-10ad-5a872b40c5b00" content-type image/png status 200 accept-ranges bytes content-length 4269
GET H2	200	mydhl_benefit_3.png adkpd.com//dhl/media/images/	6 KB 6 KB	286ms 281ms	Image image/png	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://adkpd.com//dhl/media/images/mydhl_benefit_3.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `b3b3f72fefa8480eef99644b25181c2b18a91464466f24557ed598af68fee7dc` Request headers Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:53 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a0370-1970-5a872b40c5b00" content-type image/png status 200 accept-ranges bytes content-length 6512
GET H2	200	mydhl_benefit_4.png adkpd.com//dhl/media/images/	5 KB 5 KB	287ms 283ms	Image image/png	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://adkpd.com//dhl/media/images/mydhl_benefit_4.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `3dbafdfa54ef76441f3f5e406264767885421889ccab69744e3f7d4226aebe9e` Request headers Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:53 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a0379-12cd-5a872b40c5b00" content-type image/png status 200 accept-ranges bytes content-length 4813
GET H2	200	mydhl_benefit_5.png adkpd.com//dhl/media/images/	3 KB 3 KB	288ms 284ms	Image image/png	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://adkpd.com//dhl/media/images/mydhl_benefit_5.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `cba36ffea0e05b51840b73b915ec8bdc13f68e7f8ca88565fabca1baaf75a00c` Request headers Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:53 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a0377-bf6-5a872b40c5b00" content-type image/png status 200 accept-ranges bytes content-length 3062
GET H2	200	japan.jpg adkpd.com//dhl/media/images/	29 KB 29 KB	405ms 401ms	Image image/jpeg	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://adkpd.com//dhl/media/images/japan.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `7861e241a7f665796407e11dab3d0ab6f28b98d9a0b3d0e6dd47af060b446588` Request headers Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:53 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a0380-72ee-5a872b40c5b00" content-type image/jpeg status 200 accept-ranges bytes content-length 29422
GET H2	200	italy.jpg adkpd.com//dhl/media/images/	59 KB 60 KB	288ms 285ms	Image image/jpeg	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://adkpd.com//dhl/media/images/italy.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `3e0c5b3a367e631f5f94f2ef3b5c597aad9631fd4448e70910f2572c3f7783e0` Request headers Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:53 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a037e-ecf7-5a872b40c5b00" content-type image/jpeg status 200 accept-ranges bytes content-length 60663
GET H2	200	mexico_new.jpg adkpd.com//dhl/media/images/	65 KB 66 KB	531ms 528ms	Image image/jpeg	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://adkpd.com//dhl/media/images/mexico_new.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `84fe67816daf0fe8803d097119ef2cc2f0d50ef90144051becffb148646f0eb5` Request headers Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:53 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a037c-1044b-5a872b40c5b00" content-type image/jpeg status 200 accept-ranges bytes content-length 66635
GET H2	200	dp_dhl_com_transparent.png adkpd.com//dhl/media/images/	6 KB 7 KB	531ms 528ms	Image image/png	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://adkpd.com//dhl/media/images/dp_dhl_com_transparent.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `ab5f4d741318b9ef4174611a8d7ec60af9c2c619ea0784758e21231c859cdba4` Request headers Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:53 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a037b-19a0-5a872b40c5b00" content-type image/png status 200 accept-ranges bytes content-length 6560
GET H2	200	mydhl_image_western-cultural.jpg adkpd.com//dhl/media/images/	134 KB 135 KB	532ms 529ms	Image image/jpeg	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://adkpd.com//dhl/media/images/mydhl_image_western-cultural.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `9f6e2d3a6f15517380d4582c8770aee1ca0d29e53d5966aa6982c9f46a8c9efe` Request headers Referer https://19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:53 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a036e-2186e-5a872b40c5b00" content-type image/jpeg status 200 accept-ranges bytes content-length 137326
GET H2	200	bg-header.png adkpd.com//dhl/media/images/	988 B 1 KB	530ms 527ms	Image image/png	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://adkpd.com//dhl/media/images/bg-header.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `73d0a320b24bf8d072eaf30904a5b2ccf96579329e30723296d4a80a167a555d` Request headers Referer https://adkpd.com//dhl/media/css/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:53 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a036c-3dc-5a872b40c5b00" content-type image/png status 200 accept-ranges bytes content-length 988
GET H2	200	select-arrow.png adkpd.com//dhl/media/images/	1 KB 1 KB	529ms 527ms	Image image/png	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://adkpd.com//dhl/media/images/select-arrow.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `52ffe78ae85dbc710947c33c4eaec04b71ccbd9724bf91c9f89627f14f478555` Request headers Referer https://adkpd.com//dhl/media/css/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:53 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a0381-576-5a872b40c5b00" content-type image/png status 200 accept-ranges bytes content-length 1398
GET H2	200	shadow_navigation_main_bottom.png adkpd.com//dhl/media/images/	456 B 509 B	530ms 529ms	Image image/png	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://adkpd.com//dhl/media/images/shadow_navigation_main_bottom.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `5e7aa8776b6c81a885293c89911c50dfdc7967458e4734a6d322134dd8dc80ed` Request headers Referer https://adkpd.com//dhl/media/css/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:53 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a0378-1c8-5a872b40c5b00" content-type image/png status 200 accept-ranges bytes content-length 456
GET H2	200	icon-arrow-close.png adkpd.com//dhl/media/images/	1 KB 1 KB	520ms 520ms	Image image/png	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://adkpd.com//dhl/media/images/icon-arrow-close.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `aebcccf4e1b7b1f7e88b7703ba1427e8a1ccb63b8e43532d8839ab7a66e4ebe6` Request headers Referer https://adkpd.com//dhl/media/css/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:53 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a0373-4c8-5a872b40c5b00" content-type image/png status 200 accept-ranges bytes content-length 1224
GET H2	200	servicelink_separator.gif adkpd.com//dhl/media/images/	44 B 103 B	521ms 519ms	Image image/gif	160.153.53.104 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://adkpd.com//dhl/media/images/servicelink_separator.gif Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.53.104 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-160-153-53-104.ip.secureserver.net Software Apache / Resource Hash `d233657e86bcdc818edebfd01971431ddf84a891c25d936bb65a2cee694d3c9f` Request headers Referer https://adkpd.com//dhl/media/css/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Jun 2020 12:08:53 GMT last-modified Fri, 19 Jun 2020 16:51:24 GMT server Apache etag "5a0374-2c-5a872b40c5b00" content-type image/gif status 200 accept-ranges bytes content-length 44
GET		443d53e8-5a36-44d4-a132-02501f29ccb4.woff2 adkpd.com//dhl/media/fonts/	0 0

GET		23c8fd07-fd70-4f71-8660-ee48fd5cdd78.woff2 adkpd.com//dhl/media/fonts/	0 0

GET		e934c7fe-0eba-45c0-be91-b05ff19b5073.woff adkpd.com//dhl/media/fonts/	0 0

GET		758b3adb-babc-432f-8224-6d5987a29d87.woff adkpd.com//dhl/media/fonts/	0 0

GET		a4b36fb8-d470-4a09-87d7-70de08efeeaf.ttf adkpd.com//dhl/media/fonts/	0 0

GET		a0db12d8-1ce6-447c-88db-a84df4843728.ttf adkpd.com//dhl/media/fonts/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adkpd.com
URL: https://adkpd.com//dhl/media/fonts/443d53e8-5a36-44d4-a132-02501f29ccb4.woff2

Domain: adkpd.com
URL: https://adkpd.com//dhl/media/fonts/23c8fd07-fd70-4f71-8660-ee48fd5cdd78.woff2

Domain: adkpd.com
URL: https://adkpd.com//dhl/media/fonts/e934c7fe-0eba-45c0-be91-b05ff19b5073.woff

Domain: adkpd.com
URL: https://adkpd.com//dhl/media/fonts/758b3adb-babc-432f-8224-6d5987a29d87.woff

Domain: adkpd.com
URL: https://adkpd.com//dhl/media/fonts/a4b36fb8-d470-4a09-87d7-70de08efeeaf.ttf

Domain: adkpd.com
URL: https://adkpd.com//dhl/media/fonts/a0db12d8-1ce6-447c-88db-a84df4843728.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com
adkpd.com
www.edge-cdn.net
adkpd.com
160.153.53.104
2a00:1450:4001:801::2014
81.17.217.15
1d34f9bd52bb6d32ecd030453c8383dda96b9b096de9467436d12f9237066aaa
2b491e2211f7003c16a9132d78a95753e0315bf30b1977518d65e3a76dccec20
35b8eca53271516f3d66a3dd8f89e1366edb87adad26015424148de71dfcce46
3dbafdfa54ef76441f3f5e406264767885421889ccab69744e3f7d4226aebe9e
3e0c5b3a367e631f5f94f2ef3b5c597aad9631fd4448e70910f2572c3f7783e0
3fd7f58c6d6d53aa93716ebd1aff512dd15a268f2790e77579d820dd00cbc9ca
52ffe78ae85dbc710947c33c4eaec04b71ccbd9724bf91c9f89627f14f478555
5e7aa8776b6c81a885293c89911c50dfdc7967458e4734a6d322134dd8dc80ed
6b183a115aa27f57c515661c33997b1c96999981ac7e0534e4a46f1c19377c49
73d0a320b24bf8d072eaf30904a5b2ccf96579329e30723296d4a80a167a555d
77511e8beca58bc2e49bee41d5ad842b9da8c16370a36a15c2fe253b1fa79530
7861e241a7f665796407e11dab3d0ab6f28b98d9a0b3d0e6dd47af060b446588
84fe67816daf0fe8803d097119ef2cc2f0d50ef90144051becffb148646f0eb5
8a315a59d6f6c9a70132f3c7b6b1bd8d6b684373fa0fb0f4b7d1c7db0e4bcbe3
9f51d89d7ca154545b4cd1fa8973c24d5e518d31c86aacd3c4c37e7305ff52e1
9f6e2d3a6f15517380d4582c8770aee1ca0d29e53d5966aa6982c9f46a8c9efe
ab5f4d741318b9ef4174611a8d7ec60af9c2c619ea0784758e21231c859cdba4
aebcccf4e1b7b1f7e88b7703ba1427e8a1ccb63b8e43532d8839ab7a66e4ebe6
af7f14e6c8e65f74dac6afda27be4ce7512db2a778ec42c36f55a1ed363fc7d8
b3b3f72fefa8480eef99644b25181c2b18a91464466f24557ed598af68fee7dc
baffd233b0f77bcc50519a65a1e06f71ce63a8f4109581939029021878b56f59
cba36ffea0e05b51840b73b915ec8bdc13f68e7f8ca88565fabca1baaf75a00c
d233657e86bcdc818edebfd01971431ddf84a891c25d936bb65a2cee694d3c9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6d36f724a298a0daf0656a30605bcc9122750b77df68e51945fda4b55883b78

19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com Open in urlscan Pro 2a00:1450:4001:801::2014 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

31 Requests

81 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

502 kBTransfer

809 kBSize

0 Cookies

9 Outgoing links

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

35 JavaScript Global Variables

0 Cookies

Indicators

19975a2f492094b004a19cfbd1e06ee9-dot-forward-rain-274918.uk.r.appspot.com Open in urlscan Pro
2a00:1450:4001:801::2014 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

81 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

502 kB
Transfer

809 kB
Size

0
Cookies

31 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!