helppackg.socialproofie.com
Open in
urlscan Pro
149.102.143.180
Malicious Activity!
Public Scan
Submission: On July 05 via api from IE — Scanned from DE
Summary
TLS certificate: Issued by R3 on July 5th 2022. Valid for: 3 months.
This is the only time helppackg.socialproofie.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 149.102.143.180 149.102.143.180 | 51167 (CONTABO) (CONTABO) | |
1 4 | 104.90.140.168 104.90.140.168 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
4 | 3 |
ASN51167 (CONTABO, DE)
PTR: germany.mywebsitepanel.com
helppackg.socialproofie.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-90-140-168.deploy.static.akamaitechnologies.com
mydhl.express.dhl |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
express.dhl
1 redirects
mydhl.express.dhl — Cisco Umbrella Rank: 36843 |
213 KB |
2 |
socialproofie.com
1 redirects
helppackg.socialproofie.com |
1 MB |
4 | 2 |
Domain | Requested by | |
---|---|---|
4 | mydhl.express.dhl |
1 redirects
helppackg.socialproofie.com
|
2 | helppackg.socialproofie.com | 1 redirects |
4 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
mydhl.express.dhl |
oso.dhl.com |
www.dhl.com |
www.facebook.com |
www.linkedin.com |
twitter.com |
www.youtube.com |
www.instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
helppackg.socialproofie.com R3 |
2022-07-05 - 2022-10-03 |
3 months | crt.sh |
mydhl.express.dhl DPDHL Global TLS CA - I5 |
2021-07-22 - 2022-07-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://helppackg.socialproofie.com/delivery/checkout
Frame ID: 9AE9A7B5EBFAB998D177961E5AF3C1BB
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
Receive a Shipment | DHL Express Shipping Labels | MyDHL+Page URL History Show full URLs
-
https://helppackg.socialproofie.com/delivery/checkout/
HTTP 301
https://helppackg.socialproofie.com/delivery/checkout Page URL
Page Statistics
24 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Receive a Shipment
Search URL Search Domain Scan URL
Title: Get a Rate and Time Quote
Search URL Search Domain Scan URL
Title: Schedule a Pickup
Search URL Search Domain Scan URL
Title: Order Supplies
Search URL Search Domain Scan URL
Title: Terms and Conditions of Carriage
Search URL Search Domain Scan URL
Title: Online T&C
Search URL Search Domain Scan URL
Title: Help and Support
Search URL Search Domain Scan URL
Title: FAQs
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Find a location
Search URL Search Domain Scan URL
Title: Terms and Conditions
Search URL Search Domain Scan URL
Title: Privacy Notice
Search URL Search Domain Scan URL
Title: Fraud Awareness
Search URL Search Domain Scan URL
Title: Important Information
Search URL Search Domain Scan URL
Title: About DHL
Search URL Search Domain Scan URL
Title: Press
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Legal Notice
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://helppackg.socialproofie.com/delivery/checkout/
HTTP 301
https://helppackg.socialproofie.com/delivery/checkout Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://mydhl.express.dhl/content/dhl/fr/en/_jcr_content/top-nav-v2/image.img.png/1614969224184.png HTTP 302
- https://mydhl.express.dhl/fr/en/_jcr_content/top-nav-v2/image.img.png/1614969224184.png
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
checkout
helppackg.socialproofie.com/delivery/ Redirect Chain
|
1 MB 1 MB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1614969224184.png
mydhl.express.dhl/fr/en/_jcr_content/top-nav-v2/image.img.png/ Redirect Chain
|
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
38 KB 38 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ewf.fr.en.populateDictionariesCallback.8943235219b76a3fd4e1075745a23bd8977a77dbda0d138e7c3689678d90f762.js
mydhl.express.dhl/etc/dhl/dictionary/ |
769 KB 208 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
regexp.populateRegexpCallback.8943235219b76a3fd4e1075745a23bd8977a77dbda0d138e7c3689678d90f762.js
mydhl.express.dhl/etc/dhl/dictionary/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| savepage_ShadowLoader2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
helppackg.socialproofie.com/ | Name: XSRF-TOKEN Value: eyJpdiI6Ilhxdy9DVVR4TFBOclFab3JVWjZjTFE9PSIsInZhbHVlIjoibFFmNktaMGJJbjRLNHhVQjAzTm1yOVF1VW5XaGhiVENYbEpaeTNodFVQNnBiSWNCWEFkS2FGZE1JUzFhMUdmdUdzWFFCdHp1U0ZUL2paQ283T0xXdlBoQkJHY3JqKzJTcmU3SVBOTWVxTzdpdW5GdnM5cWY4WE1vSjFhZzU5QzUiLCJtYWMiOiJjNTM4YWM0YTM5M2MwYWNjYTk2NTQ4NjRlNTIwMDE5Nzg0NzMxNDc1ZTg2MWI4MzU0YzA2YWI5NTIyYzA5OTViIiwidGFnIjoiIn0%3D |
|
helppackg.socialproofie.com/ | Name: dhl_phisher_session Value: eyJpdiI6ImpLMlh5Qk11aVBsUzNuWXZSQUFLaWc9PSIsInZhbHVlIjoiZCtkMVVRYUpmekZST1lCSnl0bDlQeTBUSHB0Tjl1TnBXWVdwdlNXbVZ3RlRDYVh1Q3dPcExHeVJaQWR5L0h1YlpWY25oT01kbVllWXNqaTRMQmxaVm9BZTgvbGc2a1hoZnpFTW9haENYay9TTFcwOG5KTTdhNGttL3NEbHhNb0kiLCJtYWMiOiJlZTA4ODRiM2Y3Y2U0NzRmYWFkZjcyMmVjNzI3YTE4ZGZmZDZmY2JmYWRhOGMyYjg3NGQxY2Y5MGVlYTQ4MWQyIiwidGFnIjoiIn0%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
helppackg.socialproofie.com
mydhl.express.dhl
104.90.140.168
149.102.143.180
03573f5b31967fe439adcc6dbffa62d0ee1e4225bf7744058744c7f68442eee4
3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756
5c4b801e60c49235941cfc562ed465a951c937c668db31e3c1ba152513c672d3
660a305219a1c6fc16bf2efa5c8f7732df118c16024f73e2f3407839f9ab3b53
8c763627dfd0223bb5731c0dd3e7f96606fb7f5fcac276029ea2292c34c93067
cc7bad4b75bd53e635a538cb1662dc48dac7c80e6cd8796fa6302f82f890950c