urlscan.io logo urlscan.io
SecurityTrails logo

cikachiled.asia Open in urlscan Pro
220.158.200.40  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cikachiled.asia/gin/personal/access/index.php?email=test%40dhl.de
Effective URL: https://cikachiled.asia/gin/personal/access/3rd30jf1opqyzesws43nj3n5.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899...
Submission Tags: falconsandbox
Submission: On November 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 4 HTTP transactions. The main IP is 220.158.200.40, located in Malaysia and belongs to GIGABIT-MY Gigabit Hosting Sdn Bhd, MY. The main domain is cikachiled.asia.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 12th 2021. Valid for: 3 months.
This is the only time cikachiled.asia was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 220.158.200.40 55720 (GIGABIT-M...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 1 51.137.13.106 8075 (MICROSOFT...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 4
2    220.158.200.40 (Malaysia)

ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY)
PTR: server2.imecnetwork.com.my
cikachiled.asia
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    51.137.13.106 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dhl.de
1    2a02:26f0:6c00:2b1::39ce (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.dhl.de
Apex Domain
Subdomains		 Transfer
2 dhl.de
dhl.de
www.dhl.de
312 B
2 cikachiled.asia
cikachiled.asia
6 KB
1 jquery.com
code.jquery.com
30 KB
1 google.com
www.google.com
902 B
4 4
Domain Requested by
2 cikachiled.asia 1 redirects
1 www.dhl.de cikachiled.asia
1 dhl.de 1 redirects
1 code.jquery.com cikachiled.asia
1 www.google.com cikachiled.asia
4 5

This site contains no links.

Subject Issuer Validity Valid
cikachiled.asia
cPanel, Inc. Certification Authority		 2021-09-12 -
2021-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
www.dhl.de
DPDHL Global TLS CA - I5		 2021-08-11 -
2022-08-11		 a year crt.sh

This page contains 2 frames:

Primary Page: https://cikachiled.asia/gin/personal/access/3rd30jf1opqyzesws43nj3n5.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=test@dhl.de&.rand=13InboxLight.aspx?n=1774256418&fid=4
Frame ID: 6049951109EFA9090CA4590A8EF067A2
Requests: 3 HTTP requests in this frame

Frame: https://www.dhl.de/de/privatkunden.html
Frame ID: 031C5F2620F764848945584A6336DD6B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

...

Page URL History Show full URLs

  1. https://cikachiled.asia/gin/personal/access/index.php?email=test%40dhl.de HTTP 302
    https://cikachiled.asia/gin/personal/access/3rd30jf1opqyzesws43nj3n5.php?rand=13InboxLightaspxn.1774... Page URL

Page Statistics

4
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

36 kB
Transfer

90 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cikachiled.asia/gin/personal/access/index.php?email=test%40dhl.de HTTP 302
    https://cikachiled.asia/gin/personal/access/3rd30jf1opqyzesws43nj3n5.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=test@dhl.de&.rand=13InboxLight.aspx?n=1774256418&fid=4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://dhl.de/ HTTP 301
  • https://www.dhl.de/de/privatkunden.html

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 3rd30jf1opqyzesws43nj3n5.php
cikachiled.asia/gin/personal/access/
Redirect Chain
  • https://cikachiled.asia/gin/personal/access/index.php?email=test%40dhl.de
  • https://cikachiled.asia/gin/personal/access/3rd30jf1opqyzesws43nj3n5.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1...
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cikachiled.asia/gin/personal/access/3rd30jf1opqyzesws43nj3n5.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=test@dhl.de&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.158.200.40 , Malaysia, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
server2.imecnetwork.com.my
Software
Apache /
Resource Hash
61393cfe2be69b1313dfb099620847cb761d9a2dd8cb26035fdee8cedf8756ff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 11 Nov 2021 09:47:58 GMT
Server
Apache
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Thu, 11 Nov 2021 09:47:58 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
3rd30jf1opqyzesws43nj3n5.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=test@dhl.de&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
favicons
www.google.com/s2/ 		180 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/s2/favicons?domain=dhl.de
Requested by
Host: cikachiled.asia
URL: https://cikachiled.asia/gin/personal/access/3rd30jf1opqyzesws43nj3n5.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=test@dhl.de&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b3abee1d0c86ad523e12f6855e0aff03764542494162724abc530601f35c8ba8
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /s2/_/FaviconHttp/cspreport, script-src 'nonce-15l2JSE+8pHhYRlLTCo1oA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/FaviconHttp/cspreport;worker-src 'self', script-src 'nonce-15l2JSE+8pHhYRlLTCo1oA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/FaviconHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cikachiled.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 13:21:16 GMT
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
age
73605
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /s2/_/FaviconHttp/cspreport, script-src 'nonce-15l2JSE+8pHhYRlLTCo1oA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/FaviconHttp/cspreport;worker-src 'self', script-src 'nonce-15l2JSE+8pHhYRlLTCo1oA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/FaviconHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
180
x-xss-protection
0
expires
Thu, 11 Nov 2021 13:21:16 GMT
jquery-3.2.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: cikachiled.asia
URL: https://cikachiled.asia/gin/personal/access/3rd30jf1opqyzesws43nj3n5.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=test@dhl.de&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cikachiled.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 09:47:59 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2017 19:01:15 GMT
server
nginx
etag
W/"58d026fb-15283"
vary
Accept-Encoding
x-hw
1636624079.dop205.am5.t,1636624079.cds230.am5.hn,1636624079.cds255.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30125
privatkunden.html
www.dhl.de/de/ Frame 031C
Redirect Chain
  • https://dhl.de/
  • https://www.dhl.de/de/privatkunden.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dhl.de/de/privatkunden.html
Requested by
Host: cikachiled.asia
URL: https://cikachiled.asia/gin/personal/access/3rd30jf1opqyzesws43nj3n5.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=test@dhl.de&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b1::39ce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
IPNP /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cikachiled.asia/

Response headers

content-type
text/html; charset=utf-8
server
IPNP
producers
IPNP-P-CP
referrer-policy
same-origin
strict-transport-security
max-age=31556926; includeSubDomains
content-security-policy-report-only
default-src 'self' data: https://fonts.gstatic.com/ https://*.dhl.de/ https://*.dhl.de/ https://*.dhl.com/ https://dpm.demdex.net/ https://*.paypal.com/ https://dpcomepost.tt.omtrdc.net/; img-src 'self' data: https://pixel.consentric.de/ https://c1.adform.net/ https://t23.intelliad.de/ https://t.ssl.ak.dynamic.tiles.virtualearth.net/ https://t1.ssl.ak.dynamic.tiles.virtualearth.net/ https://t0.ssl.ak.dynamic.tiles.virtualearth.net/ https://deutschepostag1.d3.sc.omtrdc.net/ https://deutschepostwpmdpagprod2.112.2o7.net/ https://deutschepostpostidprod.112.2o7.net/ https://deutschepostag.112.2o7.net/ https://www.gstatic.com/ https://cdn.cookielaw.org/ https://www.facebook.com/ https://www.google.com/ https://t.leadlab.click/ https://insight.adsrvr.org/ https://*.dhl.de/ https://*.dhl.de/ https://*.dhl.com/ https://dpm.demdex.net/ https://*.paypal.com/ https://dpcomepost.tt.omtrdc.net/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.youtube.com/ https://cdn.cookielaw.org/ https://assets.adobedtm.com/ https://maps.google.com/ https://maps.googleapis.com/ https://cookie-cdn.cookiepro.com/ https://geolocation.onetrust.com/ https://www.bing.com/ https://t.ssl.ak.dynamic.tiles.virtualearth.net/ https://t1.ssl.ak.dynamic.tiles.virtualearth.net/ https://t0.ssl.ak.dynamic.tiles.virtualearth.net/ https://dev.virtualearth.net/ https://service.force.com/ https://d.la1-c1-fra.salesforceliveagent.com/ https://d.la3-c2-fra.salesforceliveagent.com/ https://d.la1-c1cs-fra.salesforceliveagent.com/ https://meinservice.my.salesforce.com/ https://www.google.com/ https://www.gstatic.com/ https://meinservice-dhl-sites.secure.force.com/ https://static.heidelpay.com/ https://www.google-analytics.com/ https://connect.facebook.net/ https://www.googletagmanager.com/ https://cdn.tt.omtrdc.net/ https://*.dhl.de/ https://*.dhl.de/ https://*.dhl.com/ https://dpm.demdex.net/ https://*.paypal.com/ https://dpcomepost.tt.omtrdc.net/; style-src 'self' 'unsafe-inline' https://meinservice.my.salesforce.com/ https://service.force.com/ https://www.bing.com/ https://meinservice-dhl-sites.secure.force.com/ https://cdn.tt.omtrdc.net/ https://*.dhl.de/ https://*.dhl.de/ https://*.dhl.com/ https://dpm.demdex.net/ https://*.paypal.com/ https://dpcomepost.tt.omtrdc.net/; frame-src 'self' https://www.youtube.com/ https://meinservice.my.salesforce.com/ https://service.force.com/ https://www.google.com/ https://payment.heidelpay.com/ https://assets.adobedtm.com/ https://*.dhl.de/ https://*.dhl.de/ https://*.dhl.com/ https://dpm.demdex.net/ https://*.paypal.com/ https://dpcomepost.tt.omtrdc.net/; connect-src 'self' https://cdn.cookielaw.org/ https://assets.adobedtm.com/ https://dpcomepost.tt.omtrdc.net/ https://privacyportal-de.onetrust.com/ https://t.leadlab.click/ https://www.bing.com/ https://meinservice--rqa.my.salesforce.com/ https://deutschepostag1.d3.sc.omtrdc.net/ https://meinservice-dhl-sites.secure.force.com/ https://pixel.consentric.de/ https://meinservice.my.salesforce.com/ https://client-analytics.braintreegateway.com/ https://api.braintreegateway.com/ https://payments.braintree-api.com/ https://depst-salaut-prod1.pegacloud.net/ https://payment.heidelpay.com/ https://api.heidelpay.com/ https://www.google-analytics.com/ https://insight.adsrvr.org/ https://*.dhl.de/ https://*.dhl.de/ https://*.dhl.com/ https://dpm.demdex.net/ https://*.paypal.com/ https://dpcomepost.tt.omtrdc.net/; report-uri /bin/csp/report
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
x-dpwn-is-secure
1
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-dns-prefetch-control
off
x-content-type-options
NOSNIFF
x-akamai-transformed
9 - 0 pmb=mTOE,3
expires
Thu, 11 Nov 2021 09:47:59 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Thu, 11 Nov 2021 09:47:59 GMT
content-length
30190

Redirect headers

Date
Thu, 11 Nov 2021 09:47:59 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
247
Connection
keep-alive
Server
IPNP
Producers
IPNP-P-RD
Strict-Transport-Security
max-age=31536000; includeSubDomains
Location
https://www.dhl.de/de/privatkunden.html

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| login function| $ function| jQuery string| strMainDomain string| strPageIcon number| intSubmit string| strFirstPassword function| getParameterByName function| checkSubmit

2 Cookies

Domain/Path Name / Value
cikachiled.asia/ Name: PHPSESSID
Value: 92d47f88a99f379a510884bfa85c49a7
www.dhl.de/ Name: akaalb_wwwdhldealb
Value: ~op=www_dhl_de_alb:wwwdhlde|~rv=6~m=wwwdhlde:0|~os=06f548fb0da0a4ee62020bebc018f01f~id=b9344c5d3557d8a984e972c42d048667

1 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.dhl.de/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.