mercury-scandalous-light.glitch.me
Open in
urlscan Pro
3.216.104.157
Malicious Activity!
Public Scan
Submission: On August 24 via automatic, source openphish — Scanned from DE
Summary
This is the only time mercury-scandalous-light.glitch.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 3.216.104.157 3.216.104.157 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
9 | 23.45.108.153 23.45.108.153 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
14 | 4 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-104-157.compute-1.amazonaws.com
mercury-scandalous-light.glitch.me |
ASN16625 (AKAMAI-AS, US)
PTR: a23-45-108-153.deploy.static.akamaitechnologies.com
mydhl.express.dhl |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
express.dhl
mydhl.express.dhl — Cisco Umbrella Rank: 44202 |
705 KB |
2 |
glitch.me
mercury-scandalous-light.glitch.me |
20 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 736 |
33 KB |
14 | 3 |
Domain | Requested by | |
---|---|---|
9 | mydhl.express.dhl |
mercury-scandalous-light.glitch.me
mydhl.express.dhl |
2 | mercury-scandalous-light.glitch.me |
mercury-scandalous-light.glitch.me
|
1 | code.jquery.com |
mercury-scandalous-light.glitch.me
|
14 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mydhl.express.dhl DPDHL Global TLS CA - I5 |
2023-06-22 - 2024-06-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://mercury-scandalous-light.glitch.me/
Frame ID: EF80FD5D15EA1839FAFDE19A47223DE7
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
LoginDetected technologies
Adobe Experience Manager (CMS) ExpandDetected patterns
- <div class="[^"]*parbase
- <div class="[^"]*aem-Grid
- /etc/clientlibs/
- /etc\.clientlibs/
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
mercury-scandalous-light.glitch.me/ |
19 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.1.min.js
code.jquery.com/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ewf-base.css
mydhl.express.dhl/etc/clientlibs/dhl/global/public/stylesheets/ |
251 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ewf-components.css
mydhl.express.dhl/etc/clientlibs/dhl/global/public/stylesheets/ |
226 KB 48 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ewf-cosmetic.css
mydhl.express.dhl/etc/clientlibs/dhl/global/public/stylesheets/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
mydhl.express.dhl/etc.clientlibs/clientlibs/granite/ |
289 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dhl_express_logo_transparent.png
mydhl.express.dhl/content/dam/ewf/logos/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logout-image.png
mydhl.express.dhl/content/dhl/dam/ |
125 KB 126 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MyDHL_Logo_73x38.png
mydhl.express.dhl/content/dam/ewf/logos/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
accessibility.css
mercury-scandalous-light.glitch.me/Login_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer-logo.png
mydhl.express.dhl/content/dam/ewf/logos/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us_background.jpg
mydhl.express.dhl/content/dam/ewf/country-background/us/ |
369 KB 369 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
505 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
dhl-icon.woff
mydhl.express.dhl/etc/clientlibs/dhl/global/public/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
dhl-icon.ttf
mydhl.express.dhl/etc/clientlibs/dhl/global/public/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- mydhl.express.dhl
- URL
- https://mydhl.express.dhl/etc/clientlibs/dhl/global/public/fonts/dhl-icon.woff?versionHash=ue0020142
- Domain
- mydhl.express.dhl
- URL
- https://mydhl.express.dhl/etc/clientlibs/dhl/global/public/fonts/dhl-icon.ttf?versionHash=ue0020142
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery undefined| ie9ConsoleMethods function| validateForm function| ValidateEmail object| matched object| browser0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
mercury-scandalous-light.glitch.me
mydhl.express.dhl
mydhl.express.dhl
2001:4de0:ac18::1:a:1b
23.45.108.153
3.216.104.157
0ad62234ce1eaba093267da112aba2bbedddc888dded6101ec7cf52d81176eed
0db0ea4a576ba2a3938f02f4863d509ae40487875386279f782fbaf18de72573
13599f9bdecf3f99eb5c05ef5b532d0a56f84abc0d63697a28ed69b054be7905
33a63cf332ee53d36a10004b159764e4c022483f46abdfe50e7b8bf9dabee8b4
35b8eca53271516f3d66a3dd8f89e1366edb87adad26015424148de71dfcce46
52aef0018a3fd9fc92f48bd3dd5cb9a69390ad34764ac653a249306d5dc9f694
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
b9dd2080ab9f46659b9ceb72fd93def941195e854ccfa6b5409a20c40a0425bd
baed8711f954b7a12fd77083f6bedaa1277f31e99b378ea6cda883474077355e
bec410bdccc6b1342258f0aa17fb3ddf86a362141a485a44a85b4da078804201
e4a2f7c9c80eb07517984a09b072326db6ae91f5e0742540f01903724c4ebb2f
fb529c37591d63908ad915ac9e3e1e7a95639b1b15eb080cac33f5248698131a