kdrplt.com Open in urlscan Pro
188.132.219.66 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://kdrplt.com/image/kai/?user=cv@huawei.com
Submission: On August 20 via automatic, source phishtank (August 20th 2017, 10:51:40 am UTC)

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 188.132.219.66, located in Turkey and belongs to EQUINIX-TURKEY-INTERNET-HIZMETLERI-ANONIM-SIRKETI Equinix Turkey, TR. The main domain is kdrplt.com.

This is the only time kdrplt.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1	188.132.219.66 188.132.219.66	42910 (EQUINIX-T...) (EQUINIX-TURKEY-INTERNET-HIZMETLERI-ANONIM-SIRKETI Equinix Turkey)
15	23.35.98.71 23.35.98.71	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2

1 188.132.219.66 (Turkey)

ASN42910 (EQUINIX-TURKEY-INTERNET-HIZMETLERI-ANONIM-SIRKETI Equinix Turkey, TR)
PTR: web.kutahyaseramik.com.tr

kdrplt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.35.98.71 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-35-98-71.deploy.static.akamaitechnologies.com

myaccount.dhl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	dhl.com myaccount.dhl.com	483 KB
1	kdrplt.com kdrplt.com	53 KB
16	2

	Domain	Requested by
15	myaccount.dhl.com	kdrplt.com
1	kdrplt.com
16	2

This site contains no links.

Subject Issuer	Validity	Valid
www.mydhl.com Symantec Class 3 Secure Server CA - G4	`2017-06-24` - `2017-09-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://kdrplt.com/image/kai/?user=cv@huawei.com
Frame ID: 24950.1
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

16
Requests

94 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

536 kB
Transfer

588 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response kdrplt.com/image/kai/	53 KB 53 KB	140ms 76ms	Document text/html	188.132.219.66 EQUINIX-TURKEY-IN...
General Check archive.org Show headers Download Go to Full URL http://kdrplt.com/image/kai/?user=cv@huawei.com Protocol HTTP/1.1 Server 188.132.219.66 , Turkey, ASN42910 (EQUINIX-TURKEY-INTERNET-HIZMETLERI-ANONIM-SIRKETI Equinix Turkey, TR), Reverse DNS web.kutahyaseramik.com.tr Software Apache / PHP/5.4.45 Resource Hash `6b41db70dc4edefc27db21abf0fd7972213f27004262060a8dde7193c5f28f22` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Sun, 20 Aug 2017 10:51:27 GMT Server Apache Connection Keep-Alive X-Powered-By PHP/5.4.45 Transfer-Encoding chunked Keep-Alive timeout=3, max=100 Content-Type text/html
GET H/1.1	200 OK	StyleSheet_moz.css myaccount.dhl.com/MyAccount/common/	25 KB 3 KB	229ms 10ms	Stylesheet text/css	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/common/StyleSheet_moz.css?v=1 Requested by Host: kdrplt.com URL: http://kdrplt.com/image/kai/?user=cv@huawei.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `0a3dcd648d404a770cb46cf789c782ab39b3ef5c34ed00f8d96ade81bda2f915` Request headers Referer http://kdrplt.com/image/kai/?user=cv@huawei.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Sun, 20 Aug 2017 10:51:30 GMT Content-Encoding gzip Last-Modified Thu, 08 Dec 2016 04:16:06 GMT X-Powered-By Servlet/3.0 JSP/2.2 Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 3180
GET H/1.1	200 OK	general_moz.css myaccount.dhl.com/MyAccount/common/	2 KB 659 B	229ms 9ms	Stylesheet text/css	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/common/general_moz.css?v=1 Requested by Host: kdrplt.com URL: http://kdrplt.com/image/kai/?user=cv@huawei.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `388553a94055421b4986ea5dd5d5fafd214356aaf5efc6d9cbaef28469547b56` Request headers Referer http://kdrplt.com/image/kai/?user=cv@huawei.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Sun, 20 Aug 2017 10:51:30 GMT Content-Encoding gzip Last-Modified Thu, 08 Dec 2016 04:16:06 GMT X-Powered-By Servlet/3.0 JSP/2.2 Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 659
GET H/1.1	200 OK	jquery.min.js Show response myaccount.dhl.com/MyAccount/js/	93 KB 93 KB	229ms 9ms	Script text/plain	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/js/jquery.min.js?v=1 Requested by Host: kdrplt.com URL: http://kdrplt.com/image/kai/?user=cv@huawei.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `e441bb2cea80ca356c69595682c3b7d76c341566b5f851b352434e9eaadf136b` Request headers Referer http://kdrplt.com/image/kai/?user=cv@huawei.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Sun, 20 Aug 2017 10:51:30 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 94840
GET H/1.1	200 OK	jquery-ui.css myaccount.dhl.com/MyAccount/js/	33 KB 6 KB	228ms 8ms	Stylesheet text/css	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/js/jquery-ui.css?v=1 Requested by Host: kdrplt.com URL: http://kdrplt.com/image/kai/?user=cv@huawei.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `78a0d18cbe050a7e43989fd47936c3d4ffc721dd263ceeb32b67d4f2a171a959` Request headers Referer http://kdrplt.com/image/kai/?user=cv@huawei.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Sun, 20 Aug 2017 10:51:30 GMT Content-Encoding gzip Last-Modified Thu, 08 Dec 2016 04:16:06 GMT X-Powered-By Servlet/3.0 JSP/2.2 Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 6065
GET H/1.1	200 OK	jquery-ui.js Show response myaccount.dhl.com/MyAccount/js/	202 KB 202 KB	235ms 8ms	Script text/plain	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/js/jquery-ui.js?v=1 Requested by Host: kdrplt.com URL: http://kdrplt.com/image/kai/?user=cv@huawei.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `da8edc2a2b29e48e48480a779d36a1eeef6ad155120bdd1b7eb36d4d8fadd32b` Request headers Referer http://kdrplt.com/image/kai/?user=cv@huawei.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Sun, 20 Aug 2017 10:51:30 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 206923
GET H/1.1	200 OK	jquery.tablesorter.min.js Show response myaccount.dhl.com/MyAccount/js/tablesorter/	16 KB 16 KB	237ms 8ms	Script text/plain	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/js/tablesorter/jquery.tablesorter.min.js Requested by Host: kdrplt.com URL: http://kdrplt.com/image/kai/?user=cv@huawei.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `b90279154254e108748dc80dd226eab336e2c320e4a40569952b46dc5d785536` Request headers Referer http://kdrplt.com/image/kai/?user=cv@huawei.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Sun, 20 Aug 2017 10:51:30 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 16520
GET H/1.1	200 OK	picnet.table.filter.min.js Show response myaccount.dhl.com/MyAccount/js/tablefilter/	109 KB 109 KB	238ms 8ms	Script text/plain	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/js/tablefilter/picnet.table.filter.min.js Requested by Host: kdrplt.com URL: http://kdrplt.com/image/kai/?user=cv@huawei.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `323f393a6db534cf6f74b76905004a4233b97f8a2a03e60df646785212680860` Request headers Referer http://kdrplt.com/image/kai/?user=cv@huawei.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Sun, 20 Aug 2017 10:51:30 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 111264
GET H/1.1	200 OK	jquery.bt.min.js Show response myaccount.dhl.com/MyAccount/js/	22 KB 22 KB	237ms 8ms	Script text/plain	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/js/jquery.bt.min.js?v=1 Requested by Host: kdrplt.com URL: http://kdrplt.com/image/kai/?user=cv@huawei.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `e71cf67aa5f4a9c9bddd2d49c61379f92c13a76cc42762e2c559c820743dc63b` Request headers Referer http://kdrplt.com/image/kai/?user=cv@huawei.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Sun, 20 Aug 2017 10:51:30 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 22713
GET H/1.1	200 OK	jHtmlArea-0.7.5.min.js Show response myaccount.dhl.com/MyAccount/js/jhtmlarea/scripts/	9 KB 9 KB	238ms 9ms	Script text/plain	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/js/jhtmlarea/scripts/jHtmlArea-0.7.5.min.js Requested by Host: kdrplt.com URL: http://kdrplt.com/image/kai/?user=cv@huawei.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `033c1011f0d6cabb9ff022af56aa012f12126eabff2d474133d46bf339210307` Request headers Referer http://kdrplt.com/image/kai/?user=cv@huawei.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Sun, 20 Aug 2017 10:51:30 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 9357
GET H/1.1	200 OK	jHtmlArea.css myaccount.dhl.com/MyAccount/js/jhtmlarea/style/	4 KB 746 B	226ms 7ms	Stylesheet text/css	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/js/jhtmlarea/style/jHtmlArea.css Requested by Host: kdrplt.com URL: http://kdrplt.com/image/kai/?user=cv@huawei.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `59ac22622fb7779311f782ac310534c6ed3c874070cabefb779235cc79ae9206` Request headers Referer http://kdrplt.com/image/kai/?user=cv@huawei.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Sun, 20 Aug 2017 10:51:30 GMT Content-Encoding gzip Last-Modified Thu, 08 Dec 2016 04:16:06 GMT X-Powered-By Servlet/3.0 JSP/2.2 Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 746
GET H/1.1	200 OK	jHtmlArea.Editor.css myaccount.dhl.com/MyAccount/js/jhtmlarea/style/	70 B 70 B	228ms 9ms	Stylesheet text/css	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/js/jhtmlarea/style/jHtmlArea.Editor.css Requested by Host: kdrplt.com URL: http://kdrplt.com/image/kai/?user=cv@huawei.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `be9c9617aa65450832003b333e796157e1d78e59064b2e84a16eefb138ddbfb5` Request headers Referer http://kdrplt.com/image/kai/?user=cv@huawei.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Sun, 20 Aug 2017 10:51:30 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 70 Content-Type text/css
GET H/1.1	200 OK	arrow_r_r_small.gif myaccount.dhl.com/MyAccount/images/	57 B 57 B	8ms 8ms	Image image/gif	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://myaccount.dhl.com/MyAccount/images/arrow_r_r_small.gif Requested by Host: kdrplt.com URL: http://kdrplt.com/image/kai/?user=cv@huawei.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `1e54b2ca043587b99e9ccb869d88d3b90ddaec68940fda348df75e6e4e312990` Request headers Referer http://kdrplt.com/image/kai/?user=cv@huawei.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Sun, 20 Aug 2017 10:51:30 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 57 Content-Type image/gif
GET H/1.1	200 OK	DHLlogo.gif myaccount.dhl.com/MyAccount/images/	840 B 840 B	7ms 7ms	Image image/gif	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://myaccount.dhl.com/MyAccount/images/DHLlogo.gif Requested by Host: kdrplt.com URL: http://kdrplt.com/image/kai/?user=cv@huawei.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `688876df3eceada75deffe7e228f5a0c360c00656b064bb83c87439b55ba066f` Request headers Referer http://kdrplt.com/image/kai/?user=cv@huawei.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Sun, 20 Aug 2017 10:51:30 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 840 Content-Type image/gif
GET H/1.1	200 OK	Middle.JPG myaccount.dhl.com/MyAccount/images/	20 KB 20 KB	9ms 9ms	Image image/jpeg	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://myaccount.dhl.com/MyAccount/images/Middle.JPG Requested by Host: kdrplt.com URL: http://kdrplt.com/image/kai/?user=cv@huawei.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `3dbe0f4a2bf44be87ce4f5a8758e5b49147753067239a79f7f444ede4fb35bd4` Request headers Referer http://kdrplt.com/image/kai/?user=cv@huawei.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Sun, 20 Aug 2017 10:51:30 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 20150 Content-Type image/jpeg
GET H/1.1	200 OK	DPLogo.gif myaccount.dhl.com/MyAccount/images/	863 B 863 B	7ms 7ms	Image image/gif	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://myaccount.dhl.com/MyAccount/images/DPLogo.gif Requested by Host: kdrplt.com URL: http://kdrplt.com/image/kai/?user=cv@huawei.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `e5c46702fb8d25395448448f0e6c75401fc73e0b654762a8c08cc27ea5514bec` Request headers Referer http://kdrplt.com/image/kai/?user=cv@huawei.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Sun, 20 Aug 2017 10:51:30 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 863 Content-Type image/gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

kdrplt.com
myaccount.dhl.com
188.132.219.66
23.35.98.71
033c1011f0d6cabb9ff022af56aa012f12126eabff2d474133d46bf339210307
0a3dcd648d404a770cb46cf789c782ab39b3ef5c34ed00f8d96ade81bda2f915
1e54b2ca043587b99e9ccb869d88d3b90ddaec68940fda348df75e6e4e312990
323f393a6db534cf6f74b76905004a4233b97f8a2a03e60df646785212680860
388553a94055421b4986ea5dd5d5fafd214356aaf5efc6d9cbaef28469547b56
3dbe0f4a2bf44be87ce4f5a8758e5b49147753067239a79f7f444ede4fb35bd4
59ac22622fb7779311f782ac310534c6ed3c874070cabefb779235cc79ae9206
688876df3eceada75deffe7e228f5a0c360c00656b064bb83c87439b55ba066f
6b41db70dc4edefc27db21abf0fd7972213f27004262060a8dde7193c5f28f22
78a0d18cbe050a7e43989fd47936c3d4ffc721dd263ceeb32b67d4f2a171a959
b90279154254e108748dc80dd226eab336e2c320e4a40569952b46dc5d785536
be9c9617aa65450832003b333e796157e1d78e59064b2e84a16eefb138ddbfb5
da8edc2a2b29e48e48480a779d36a1eeef6ad155120bdd1b7eb36d4d8fadd32b
e441bb2cea80ca356c69595682c3b7d76c341566b5f851b352434e9eaadf136b
e5c46702fb8d25395448448f0e6c75401fc73e0b654762a8c08cc27ea5514bec
e71cf67aa5f4a9c9bddd2d49c61379f92c13a76cc42762e2c559c820743dc63b

kdrplt.com Open in urlscan Pro 188.132.219.66 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

16 Requests

94 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

536 kBTransfer

588 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

kdrplt.com Open in urlscan Pro
188.132.219.66 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

536 kB
Transfer

588 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!