URL: http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734e...
Submission: On April 21 via automatic, source openphish

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 62.4.6.120, located in France and belongs to AS12876, FR. The main domain is www.apsdsoverese.it.
This is the only time www.apsdsoverese.it was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online) DHL (Transportation)

Domain & IP information

IP Address AS Autonomous System
9 62.4.6.120 12876 (AS12876)
2 216.58.214.110 15169 (GOOGLE)
1 52.23.145.93 14618 (AMAZON-AES)
12 3
Domain Requested by
9 www.apsdsoverese.it www.apsdsoverese.it
2 www.google-analytics.com www.apsdsoverese.it
1 www.1freehosting.com www.apsdsoverese.it
12 3

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Frame ID: 517DFCE2B34B057B17F665FE332E205
Requests: 12 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Page Statistics

12
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

95 kB
Transfer

121 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 10
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=913713000&utmhn=www.apsdsoverese.it&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shipment%20Tracking%20portal&utmhid=151614072&utmr=-&utmp=%2FDHL-XH%2FEditedDhIMasked%2Fpageportal1.php%3Flovegbnhheyasgbnghw%3D%26id%3Ded925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734%26session%3Ded925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734%26session2%3Ded925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734%26session3%3Ded925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&utmht=1524303515001&utmac=UA-21588661-2&utmcc=__utma%3D253577999.296749954.1524303515.1524303515.1524303515.1%3B%2B__utmz%3D253577999.1524303515.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=328661391&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=913713000&utmhn=www.apsdsoverese.it&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shipment%20Tracking%20portal&utmhid=151614072&utmr=-&utmp=%2FDHL-XH%2FEditedDhIMasked%2Fpageportal1.php%3Flovegbnhheyasgbnghw%3D%26id%3Ded925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734%26session%3Ded925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734%26session2%3Ded925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734%26session3%3Ded925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&utmht=1524303515001&utmac=UA-21588661-2&utmcc=__utma%3D253577999.296749954.1524303515.1524303515.1524303515.1%3B%2B__utmz%3D253577999.1524303515.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=328661391&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request pageportal1.php
www.apsdsoverese.it/DHL-XH/EditedDhIMasked/
5 KB
5 KB
Document
General
Full URL
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Protocol
HTTP/1.1
Server
62.4.6.120 , France, ASN12876 (AS12876, FR),
Reverse DNS
hl187.idc5.adatacenter.net
Software
Apache /
Resource Hash
f1c9c0869bf587731aaf1a6791a5a006a74688c631f21280a826a244dc2b8613

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.apsdsoverese.it
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Sat, 21 Apr 2018 09:38:34 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
MaskedPassword.js
www.apsdsoverese.it/DHL-XH/EditedDhIMasked/
17 KB
17 KB
Script
General
Full URL
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/MaskedPassword.js
Requested by
Host: www.apsdsoverese.it
URL: http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Protocol
HTTP/1.1
Server
62.4.6.120 , France, ASN12876 (AS12876, FR),
Reverse DNS
hl187.idc5.adatacenter.net
Software
Apache /
Resource Hash
2cfdb08c07395b0be65df154f068ade61c1bfad7e3e3e2d0e40b85319fa95825

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.apsdsoverese.it
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Sat, 21 Apr 2018 09:38:34 GMT
Last-Modified
Sat, 17 Feb 2018 06:45:25 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
16904
title.png
www.apsdsoverese.it/DHL-XH/EditedDhIMasked/
7 KB
7 KB
Image
General
Full URL
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/title.png
Requested by
Host: www.apsdsoverese.it
URL: http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Protocol
HTTP/1.1
Server
62.4.6.120 , France, ASN12876 (AS12876, FR),
Reverse DNS
hl187.idc5.adatacenter.net
Software
Apache /
Resource Hash
24d70d02583a5f441463bb86240488603c4974a6650aa0cce76aa4b7f5cf1d19

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.apsdsoverese.it
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Sat, 21 Apr 2018 09:38:34 GMT
Last-Modified
Sat, 17 Feb 2018 06:45:25 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7005
dhl_logo.gif
www.apsdsoverese.it/DHL-XH/EditedDhIMasked/
443 B
685 B
Image
General
Full URL
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/dhl_logo.gif
Requested by
Host: www.apsdsoverese.it
URL: http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Protocol
HTTP/1.1
Server
62.4.6.120 , France, ASN12876 (AS12876, FR),
Reverse DNS
hl187.idc5.adatacenter.net
Software
Apache /
Resource Hash
2f680b51b19fc3c5befd02bd9d0d4e88c2722a5210157e4ef68933c5ba352109

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.apsdsoverese.it
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Sat, 21 Apr 2018 09:38:34 GMT
Last-Modified
Sat, 17 Feb 2018 06:45:25 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
443
ss.png
www.apsdsoverese.it/DHL-XH/EditedDhIMasked/
2 KB
3 KB
Image
General
Full URL
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/ss.png
Requested by
Host: www.apsdsoverese.it
URL: http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Protocol
HTTP/1.1
Server
62.4.6.120 , France, ASN12876 (AS12876, FR),
Reverse DNS
hl187.idc5.adatacenter.net
Software
Apache /
Resource Hash
da2ed9ae68023ed5513766372c1a0e6657592bc5b99c786b8b55a82aab706617

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.apsdsoverese.it
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Sat, 21 Apr 2018 09:38:34 GMT
Last-Modified
Sat, 17 Feb 2018 06:45:25 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2533
ei.png
www.apsdsoverese.it/DHL-XH/EditedDhIMasked/
368 B
610 B
Image
General
Full URL
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/ei.png
Requested by
Host: www.apsdsoverese.it
URL: http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Protocol
HTTP/1.1
Server
62.4.6.120 , France, ASN12876 (AS12876, FR),
Reverse DNS
hl187.idc5.adatacenter.net
Software
Apache /
Resource Hash
aa1c0840f774f3412e8482d6cc35ac7a538366d0906ccb54a7bfd95c8b6b4163

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.apsdsoverese.it
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Sat, 21 Apr 2018 09:38:34 GMT
Last-Modified
Sat, 17 Feb 2018 06:45:25 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
368
ep.png
www.apsdsoverese.it/DHL-XH/EditedDhIMasked/
615 B
857 B
Image
General
Full URL
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/ep.png
Requested by
Host: www.apsdsoverese.it
URL: http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Protocol
HTTP/1.1
Server
62.4.6.120 , France, ASN12876 (AS12876, FR),
Reverse DNS
hl187.idc5.adatacenter.net
Software
Apache /
Resource Hash
c875e1e9cf5d7d7f977aee6ea4ade86933247f866a7e2ef01f9ea914db76bc42

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.apsdsoverese.it
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Sat, 21 Apr 2018 09:38:34 GMT
Last-Modified
Sat, 17 Feb 2018 06:45:25 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
615
poweredby.png
www.apsdsoverese.it/DHL-XH/EditedDhIMasked/
39 KB
40 KB
Image
General
Full URL
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/poweredby.png
Requested by
Host: www.apsdsoverese.it
URL: http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Protocol
HTTP/1.1
Server
62.4.6.120 , France, ASN12876 (AS12876, FR),
Reverse DNS
hl187.idc5.adatacenter.net
Software
Apache /
Resource Hash
044f1dcf5eadd4c9b2b180439a519bdf24cfa86a4e372f7ad7bce131e7ecbb09

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.apsdsoverese.it
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Sat, 21 Apr 2018 09:38:34 GMT
Last-Modified
Sat, 17 Feb 2018 06:45:25 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
40254
5_1_dhl_global_locator_all_340_187.gif
www.apsdsoverese.it/DHL-XH/EditedDhIMasked/
4 KB
4 KB
Image
General
Full URL
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/5_1_dhl_global_locator_all_340_187.gif
Requested by
Host: www.apsdsoverese.it
URL: http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Protocol
HTTP/1.1
Server
62.4.6.120 , France, ASN12876 (AS12876, FR),
Reverse DNS
hl187.idc5.adatacenter.net
Software
Apache /
Resource Hash
d87ca059e18a471de8b916dfbcdfc3ef7fda94da362b986de701006ef469a43f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.apsdsoverese.it
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Sat, 21 Apr 2018 09:38:34 GMT
Last-Modified
Sat, 17 Feb 2018 06:45:25 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4135
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: www.apsdsoverese.it
URL: http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Protocol
SPDY
Server
216.58.214.110 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 12 Apr 2018 18:13:11 GMT
server
Golfe2
age
6096
date
Sat, 21 Apr 2018 07:56:58 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
17168
expires
Sat, 21 Apr 2018 09:56:58 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
ga.js
www.1freehosting.com/cdn/
0
443 B
Script
General
Full URL
http://www.1freehosting.com/cdn/ga.js
Requested by
Host: www.apsdsoverese.it
URL: http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Protocol
HTTP/1.1
Server
52.23.145.93 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-23-145-93.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Sat, 21 Apr 2018 09:38:35 GMT
Via
1.1 vegur
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
0
X-Xss-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Thu, 09 Feb 2017 20:16:30 GMT
Server
Cowboy
Etag
W/"0-3373296270"
X-Download-Options
noopen
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
no-store, no-cache
Accept-Ranges
bytes
Expires
0
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=913713000&utmhn=www.apsdsoverese.it&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sh...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=913713000&utmhn=www.apsdsoverese.it&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=S...
35 B
101 B
Image
General
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=913713000&utmhn=www.apsdsoverese.it&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shipment%20Tracking%20portal&utmhid=151614072&utmr=-&utmp=%2FDHL-XH%2FEditedDhIMasked%2Fpageportal1.php%3Flovegbnhheyasgbnghw%3D%26id%3Ded925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734%26session%3Ded925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734%26session2%3Ded925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734%26session3%3Ded925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&utmht=1524303515001&utmac=UA-21588661-2&utmcc=__utma%3D253577999.296749954.1524303515.1524303515.1524303515.1%3B%2B__utmz%3D253577999.1524303515.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=328661391&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.apsdsoverese.it
URL: http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
Protocol
SPDY
Server
216.58.214.110 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.apsdsoverese.it/DHL-XH/EditedDhIMasked/pageportal1.php?lovegbnhheyasgbnghw=&id=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session2=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&session3=ed925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Apr 2018 09:38:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=913713000&utmhn=www.apsdsoverese.it&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shipment%20Tracking%20portal&utmhid=151614072&utmr=-&utmp=%2FDHL-XH%2FEditedDhIMasked%2Fpageportal1.php%3Flovegbnhheyasgbnghw%3D%26id%3Ded925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734%26session%3Ded925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734%26session2%3Ded925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734%26session3%3Ded925c7abe4da62e3b96182e31b74734ed925c7abe4da62e3b96182e31b74734&utmht=1524303515001&utmac=UA-21588661-2&utmcc=__utma%3D253577999.296749954.1524303515.1524303515.1524303515.1%3B%2B__utmz%3D253577999.1524303515.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=328661391&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online) DHL (Transportation)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| MaskedPassword function| validateForm object| _gaq object| _gat object| gaGlobal

5 Cookies

Domain/Path Name / Value
.www.apsdsoverese.it/ Name: __utmb
Value: 253577999.1.10.1524303515
.www.apsdsoverese.it/ Name: __utmt
Value: 1
.www.apsdsoverese.it/ Name: __utmz
Value: 253577999.1524303515.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.www.apsdsoverese.it/ Name: __utmc
Value: 253577999
.www.apsdsoverese.it/ Name: __utma
Value: 253577999.296749954.1524303515.1524303515.1524303515.1