urlscan.io logo urlscan.io
SecurityTrails logo

marketing.ph-mail.com.br Open in urlscan Pro
177.92.84.29  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Submission: On January 06 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 28 HTTP transactions. The main IP is 177.92.84.29, located in Barueri, Brazil and belongs to MUNDIVOX DO BRASIL LTDA, BR. The main domain is marketing.ph-mail.com.br.
This is the only time marketing.ph-mail.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

IP Address AS Autonomous System
7 177.92.84.29 17222 (MUNDIVOX ...)
15 104.109.88.35 16625 (AKAMAI-AS)
28 3
Apex Domain
Subdomains		 Transfer
15 dhl.com
ecommerceportal.dhl.com — Cisco Umbrella Rank: 215893
479 KB
7 ph-mail.com.br
marketing.ph-mail.com.br
70 KB
28 2
Domain Requested by
15 ecommerceportal.dhl.com marketing.ph-mail.com.br
7 marketing.ph-mail.com.br marketing.ph-mail.com.br
ecommerceportal.dhl.com
28 2
Subject Issuer Validity Valid
ecommerceportal.dhl.com
DPDHL Global TLS CA - I5		 2021-06-18 -
2022-06-18		 a year crt.sh

This page contains 1 frames:

Primary Page: http://marketing.ph-mail.com.br/admin/temp/dhl/
Frame ID: 67CE82787232B89B3359CB174550B8A4
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login | DHL eCommerce

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

54 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

550 kB
Transfer

2205 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
marketing.ph-mail.com.br/admin/temp/dhl/ 		83 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
HTTP/1.1
Server
177.92.84.29 Barueri, Brazil, ASN17222 (MUNDIVOX DO BRASIL LTDA, BR),
Reverse DNS
mvx-177-92-84-29.mundivox.com
Software
Apache/2.2.22 (Debian) / PHP/5.4.45-1~dotdeb+7.1
Resource Hash
6466b6d34e2da2bea2c3d0d5a25d84f09d3a90a1aa5391b070cd3df75d214b1d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 06 Jan 2022 15:01:17 GMT
Server
Apache/2.2.22 (Debian)
X-Powered-By
PHP/5.4.45-1~dotdeb+7.1
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
ruxitagentjs_ICA2QVfgjqrux_10229211201102017.js
ecommerceportal.dhl.com//Portal/ 		320 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecommerceportal.dhl.com//Portal/ruxitagentjs_ICA2QVfgjqrux_10229211201102017.js
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5d61aa55ecb22746c439cfac9e2e9cad51e2427823cfd23cdfea3faf68291386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2010 07:01:40 GMT
date
Thu, 06 Jan 2022 15:01:18 GMT
x-dns-prefetch-control
off
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=45865
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Fri, 07 Jan 2022 03:45:43 GMT
theme.css.xhtml
ecommerceportal.dhl.com/Portal/javax.faces.resource/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ecommerceportal.dhl.com/Portal/javax.faces.resource/theme.css.xhtml?ln=primefaces-aristo
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a8fcb38cc9e39de846eb16ec08af2bc97a3a4eaca630e0ef8288771bee1b968f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 01:56:01 GMT
etag
"1536112562:dtagent10229211201102017eFe2"
x-frame-options
DENY
content-type
text/css
x-oneagent-js-injection
true
date
Thu, 06 Jan 2022 15:01:18 GMT
server-timing
dtRpid;desc="-914290911", dtSInfo;desc="0"
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
3656
x-xss-protection
1; mode=block
expires
Thu, 13 Jan 2022 15:01:18 GMT
jquery.js.xhtml
ecommerceportal.dhl.com//Portal/javax.faces.resource/jquery/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecommerceportal.dhl.com//Portal/javax.faces.resource/jquery/jquery.js.xhtml?ln=primefaces&v=6.2.9
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
90d7c57f39e9c93fd77f5a92d07a6967eedd61fba40c0f3de80bd5105d96a5c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 01:55:45 GMT
etag
"1536112546:dtagent10229211201102017eFe2"
x-frame-options
DENY
content-type
text/javascript
x-oneagent-js-injection
true
date
Thu, 06 Jan 2022 15:01:18 GMT
server-timing
dtRpid;desc="2086171995", dtSInfo;desc="0"
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
30266
x-xss-protection
1; mode=block
expires
Thu, 13 Jan 2022 15:01:18 GMT
jquery-plugins.js.xhtml
ecommerceportal.dhl.com//Portal/javax.faces.resource/jquery/ 		257 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecommerceportal.dhl.com//Portal/javax.faces.resource/jquery/jquery-plugins.js.xhtml?ln=primefaces&v=6.2.9
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
75fd6b02c952c6ad2c3559d871c2b22141f44226ae390ab982de1233e84295c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 01:56:09 GMT
etag
"1536112570:dtagent10229211201102017eFe2"
x-frame-options
DENY
content-type
text/javascript
x-oneagent-js-injection
true
date
Thu, 06 Jan 2022 15:01:18 GMT
server-timing
dtRpid;desc="1878012834", dtSInfo;desc="0"
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 13 Jan 2022 15:01:18 GMT
core.js.xhtml
ecommerceportal.dhl.com//Portal/javax.faces.resource/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecommerceportal.dhl.com//Portal/javax.faces.resource/core.js.xhtml?ln=primefaces&v=6.2.9
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f897e1ef0680e0460536c90c0119abb4e8ddde28e6e0a9f323dca30c7fc92bf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 01:56:01 GMT
etag
"1536112562:dtagent10229211201102017eFe2"
x-frame-options
DENY
content-type
text/javascript
x-oneagent-js-injection
true
date
Thu, 06 Jan 2022 15:01:18 GMT
server-timing
dtRpid;desc="-1113850474", dtSInfo;desc="0"
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
9748
x-xss-protection
1; mode=block
expires
Thu, 13 Jan 2022 15:01:18 GMT
components.js.xhtml
ecommerceportal.dhl.com//Portal/javax.faces.resource/ 		407 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecommerceportal.dhl.com//Portal/javax.faces.resource/components.js.xhtml?ln=primefaces&v=6.2.9
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
848ed3323a6714abaacea077103ed676c06a06c63f5631f3e39a06ed5ac1c574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 01:56:09 GMT
etag
"1536112570:dtagent10229211201102017eFe2"
x-frame-options
DENY
content-type
text/javascript
x-oneagent-js-injection
true
date
Thu, 06 Jan 2022 15:01:18 GMT
server-timing
dtRpid;desc="-1818134391", dtSInfo;desc="0"
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 13 Jan 2022 15:01:18 GMT
components.css.xhtml
ecommerceportal.dhl.com/Portal/javax.faces.resource/ 		85 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ecommerceportal.dhl.com/Portal/javax.faces.resource/components.css.xhtml?ln=primefaces&v=6.2.9
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
61c67a70caf388634b7a673db56172bd9ca70b8648b29af3d00c9ac6fc028f17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 01:56:01 GMT
etag
"1536112562:dtagent10229211201102017eFe2"
x-frame-options
DENY
content-type
text/css
x-oneagent-js-injection
true
date
Thu, 06 Jan 2022 15:01:18 GMT
server-timing
dtRpid;desc="-547426951", dtSInfo;desc="0"
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
14525
x-xss-protection
1; mode=block
expires
Thu, 13 Jan 2022 15:01:18 GMT
style.css
marketing.ph-mail.com.br/admin/temp/dhl/css/ 		235 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://marketing.ph-mail.com.br/admin/temp/dhl/css/style.css
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
HTTP/1.1
Server
177.92.84.29 Barueri, Brazil, ASN17222 (MUNDIVOX DO BRASIL LTDA, BR),
Reverse DNS
mvx-177-92-84-29.mundivox.com
Software
Apache/2.2.22 (Debian) /
Resource Hash
ed4ecb63b737660176484aaf1b63c33a1a6bf5b6a665c07da2de93585b981596

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/admin/temp/dhl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 06 Jan 2022 15:01:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jan 2022 13:06:59 GMT
Server
Apache/2.2.22 (Debian)
ETag
"2b1ab-3ad86-5d4e98ba85ca6"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
43391
dhl_logo.png
ecommerceportal.dhl.com//Portal/resources/ui-template-0.3/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com//Portal/resources/ui-template-0.3/img/dhl_logo.png?version=6.7.2
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1b6389d35c5f52ed5f726ae3d6222942c0deaec552e0e6bba4ba9a395fcf1cc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 15:01:19 GMT
x-frame-options
DENY
content-type
image/png
x-oneagent-js-injection
true
cache-control
max-age=522480
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
7492
x-xss-protection
1; mode=block
expires
Wed, 12 Jan 2022 16:09:19 GMT
ruxitagentjs_D_10229211201102017.js
marketing.ph-mail.com.br/Portal/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://marketing.ph-mail.com.br/Portal/ruxitagentjs_D_10229211201102017.js
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
HTTP/1.1
Server
177.92.84.29 Barueri, Brazil, ASN17222 (MUNDIVOX DO BRASIL LTDA, BR),
Reverse DNS
mvx-177-92-84-29.mundivox.com
Software
Apache/2.2.22 (Debian) /
Resource Hash
905ef121eb55d75a39e25b743d94453dce955befc515492065bd626971454b2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/admin/temp/dhl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 06 Jan 2022 15:01:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Dec 2020 17:00:02 GMT
Server
Apache/2.2.22 (Debian)
ETag
"10e1ec-70e-5b57e2c977a91"
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
809
cc.png
marketing.ph-mail.com.br/admin/temp/dhl/ 		508 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://marketing.ph-mail.com.br/admin/temp/dhl/cc.png
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
HTTP/1.1
Server
177.92.84.29 Barueri, Brazil, ASN17222 (MUNDIVOX DO BRASIL LTDA, BR),
Reverse DNS
mvx-177-92-84-29.mundivox.com
Software
Apache/2.2.22 (Debian) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/admin/temp/dhl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 06 Jan 2022 15:01:19 GMT
Last-Modified
Thu, 06 Jan 2022 13:06:59 GMT
Server
Apache/2.2.22 (Debian)
ETag
"2b1a8-839ab-5d4e98ba84d06"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
539051
dot_clear.gif.xhtml
ecommerceportal.dhl.com//Portal/javax.faces.resource/spacer/ 		42 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com//Portal/javax.faces.resource/spacer/dot_clear.gif.xhtml?ln=primefaces&v=6.2.9
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 01:55:49 GMT
etag
"1536112550:dtagent10229211201102017eFe2"
x-frame-options
DENY
content-type
image/gif
x-oneagent-js-injection
true
date
Thu, 06 Jan 2022 15:01:19 GMT
server-timing
dtRpid;desc="-358370103", dtSInfo;desc="0"
x-dns-prefetch-control
off
content-length
42
x-xss-protection
1; mode=block
expires
Thu, 13 Jan 2022 15:01:19 GMT
servicelink_separator_footer.gif
ecommerceportal.dhl.com//Portal/resources/ui-template-0.3/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com//Portal/resources/ui-template-0.3/img/servicelink_separator_footer.gif?version=6.7.2
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
feeea694042e9da25391f3b38c12492949359d3b98364e6781e793fef35fd0a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 15:01:19 GMT
x-frame-options
DENY
content-type
image/gif
x-oneagent-js-injection
true
cache-control
max-age=68003
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
1290
x-xss-protection
1; mode=block
expires
Fri, 07 Jan 2022 09:54:42 GMT
java.js
marketing.ph-mail.com.br/admin/temp/dhl/css/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://marketing.ph-mail.com.br/admin/temp/dhl/css/java.js
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
HTTP/1.1
Server
177.92.84.29 Barueri, Brazil, ASN17222 (MUNDIVOX DO BRASIL LTDA, BR),
Reverse DNS
mvx-177-92-84-29.mundivox.com
Software
Apache/2.2.22 (Debian) /
Resource Hash
68986d40e1ac132d2f90a1505ca24baaf4f4c6dc1ddaf649087d95fd772904ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/admin/temp/dhl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 06 Jan 2022 15:01:19 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jan 2022 13:06:59 GMT
Server
Apache/2.2.22 (Debian)
ETag
"2b1aa-606d-5d4e98ba84d06"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
6969
ruxitagentjs_D_10229211201102017.js
marketing.ph-mail.com.br/Portal/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://marketing.ph-mail.com.br/Portal/ruxitagentjs_D_10229211201102017.js
Requested by
Host: ecommerceportal.dhl.com
URL: https://ecommerceportal.dhl.com//Portal/ruxitagentjs_ICA2QVfgjqrux_10229211201102017.js
Protocol
HTTP/1.1
Server
177.92.84.29 Barueri, Brazil, ASN17222 (MUNDIVOX DO BRASIL LTDA, BR),
Reverse DNS
mvx-177-92-84-29.mundivox.com
Software
Apache/2.2.22 (Debian) /
Resource Hash

Request headers

Referer
http://marketing.ph-mail.com.br/admin/temp/dhl/
Origin
http://marketing.ph-mail.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 06 Jan 2022 15:01:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Dec 2020 17:00:02 GMT
Server
Apache/2.2.22 (Debian)
ETag
"10e1ec-70e-5b57e2c977a91"
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
809
bg.jpg
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/ 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/bg.jpg?version=6.7.2
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dfdf92496fc1abae8e8594b3264bf2b3a9083d91a4ac26b5d26abfa59ecaa566
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 15:01:19 GMT
x-frame-options
DENY
content-type
image/jpeg
x-oneagent-js-injection
true
cache-control
max-age=465477
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
133249
x-xss-protection
1; mode=block
expires
Wed, 12 Jan 2022 00:19:16 GMT
header-background.png
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/header-background.png?version=6.7.2
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
80ff1403c19e7a6a0c184ae33ddf326be24a077a207e3b04b1ab689326405982
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 15:01:19 GMT
x-frame-options
DENY
content-type
image/png
x-oneagent-js-injection
true
cache-control
max-age=431445
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
1391
x-xss-protection
1; mode=block
expires
Tue, 11 Jan 2022 14:52:04 GMT
loc-finder-imge1-selected.png
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/loc-finder-imge1-selected.png?version=6.7.2
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a0d9389ee2f342f073e39e2040d39c4d4dda2ce8279d5d90015b47493bccfc02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 15:01:19 GMT
x-frame-options
DENY
content-type
image/png
x-oneagent-js-injection
true
cache-control
max-age=316931
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
1247
x-xss-protection
1; mode=block
expires
Mon, 10 Jan 2022 07:03:30 GMT
ICONS_RED_CIRCLE_LOCATION1.png
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/ 		661 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/ICONS_RED_CIRCLE_LOCATION1.png?version=6.7.2
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
19878644b02e7f29a79cec8628976c2ae75aa7c01f192989da87192da566ccef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 15:01:19 GMT
x-frame-options
DENY
content-type
image/png
x-oneagent-js-injection
true
cache-control
max-age=416216
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
661
x-xss-protection
1; mode=block
expires
Tue, 11 Jan 2022 10:38:15 GMT
Delivery_W_CdLt.woff2
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF2/ 		0
0
down-arrow.png
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/ 		511 B
794 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/down-arrow.png?version=6.7.2
Requested by
Host: marketing.ph-mail.com.br
URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fce7e84158e60a4d26c681d0a1300b388c629560b52b734703fd63e1a87df3d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://marketing.ph-mail.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 15:01:19 GMT
x-frame-options
DENY
content-type
image/png
x-oneagent-js-injection
true
cache-control
max-age=545483
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
511
x-xss-protection
1; mode=block
expires
Wed, 12 Jan 2022 22:32:42 GMT
Delivery_W_Bd.woff2
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF2/ 		0
0
Delivery_W_CdLt.woff
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF/ 		0
0
Delivery_W_Bd.woff
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF/ 		0
0
Delivery_CdLt.ttf
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/TTF/ 		0
0
Delivery_Bd.ttf
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/TTF/ 		0
0
rb_02ab6811-c8ba-4103-ac6a-0d5055e74c3d
marketing.ph-mail.com.br/Portal/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://marketing.ph-mail.com.br/Portal/rb_02ab6811-c8ba-4103-ac6a-0d5055e74c3d?type=js3&sn=v_4_srv_-2D98_sn_I1R1J7U5QBGDHVGR0TVBJ5DALR2IFBDP&svrid=-98&flavor=post&vi=VPACQMQPUGOJDKPJHLKFDUGAQSHJAHAR-0&modifiedSince=1639895964186&rf=http%3A%2F%2Fmarketing.ph-mail.com.br%2Fadmin%2Ftemp%2Fdhl%2F&bp=3&app=ea7c4b59f27d43eb&crc=1356301862&en=855neg7n&end=1
Requested by
Host: ecommerceportal.dhl.com
URL: https://ecommerceportal.dhl.com//Portal/ruxitagentjs_ICA2QVfgjqrux_10229211201102017.js
Protocol
HTTP/1.1
Server
177.92.84.29 Barueri, Brazil, ASN17222 (MUNDIVOX DO BRASIL LTDA, BR),
Reverse DNS
mvx-177-92-84-29.mundivox.com
Software
Apache/2.2.22 (Debian) /
Resource Hash
905ef121eb55d75a39e25b743d94453dce955befc515492065bd626971454b2b

Request headers

Referer
http://marketing.ph-mail.com.br/admin/temp/dhl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 06 Jan 2022 15:01:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Dec 2020 17:00:02 GMT
Server
Apache/2.2.22 (Debian)
ETag
"10e1ec-70e-5b57e2c977a91"
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
809

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ecommerceportal.dhl.com
URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF2/Delivery_W_CdLt.woff2
Domain
ecommerceportal.dhl.com
URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF2/Delivery_W_Bd.woff2
Domain
ecommerceportal.dhl.com
URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF/Delivery_W_CdLt.woff
Domain
ecommerceportal.dhl.com
URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF/Delivery_W_Bd.woff
Domain
ecommerceportal.dhl.com
URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/TTF/Delivery_CdLt.ttf
Domain
ecommerceportal.dhl.com
URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/TTF/Delivery_Bd.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange object| dT_ object| dtrum function| $ function| autosize function| PF object| PrimeFaces function| Class number| currentYear function| validateCreditCard function| cardType

6 Cookies

Domain/Path Name / Value
.ph-mail.com.br/ Name: dtCookie
Value: v_4_srv_-2D98_sn_I1R1J7U5QBGDHVGR0TVBJ5DALR2IFBDP
.ph-mail.com.br/ Name: rxVisitor
Value: 1641481278060CFFDIQVCT9TUTPNB01SD7QKUSD7QH5UB
.ph-mail.com.br/ Name: dtPC
Value: -98$481278056_117h1vVPACQMQPUGOJDKPJHLKFDUGAQSHJAHAR-0e0
.ph-mail.com.br/ Name: dtLatC
Value: 282
.ph-mail.com.br/ Name: dtSa
Value: -
.ph-mail.com.br/ Name: rxvt
Value: 1641483079287|1641481278061

15 Console Messages

Source Level URL
Text
network error URL: http://marketing.ph-mail.com.br/Portal/ruxitagentjs_D_10229211201102017.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Message:
Access to font at 'https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF2/Delivery_W_CdLt.woff2' from origin 'http://marketing.ph-mail.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF2/Delivery_W_CdLt.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Message:
Access to font at 'https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF2/Delivery_W_Bd.woff2' from origin 'http://marketing.ph-mail.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF2/Delivery_W_Bd.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Message:
Access to font at 'https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF/Delivery_W_CdLt.woff' from origin 'http://marketing.ph-mail.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF/Delivery_W_CdLt.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Message:
Access to font at 'https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF/Delivery_W_Bd.woff' from origin 'http://marketing.ph-mail.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF/Delivery_W_Bd.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Message:
Access to font at 'https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/TTF/Delivery_CdLt.ttf' from origin 'http://marketing.ph-mail.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/TTF/Delivery_CdLt.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://marketing.ph-mail.com.br/admin/temp/dhl/
Message:
Access to font at 'https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/TTF/Delivery_Bd.ttf' from origin 'http://marketing.ph-mail.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/TTF/Delivery_Bd.ttf
Message:
Failed to load resource: net::ERR_FAILED
network error URL: http://marketing.ph-mail.com.br/Portal/ruxitagentjs_D_10229211201102017.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://marketing.ph-mail.com.br/Portal/rb_02ab6811-c8ba-4103-ac6a-0d5055e74c3d?type=js3&sn=v_4_srv_-2D98_sn_I1R1J7U5QBGDHVGR0TVBJ5DALR2IFBDP&svrid=-98&flavor=post&vi=VPACQMQPUGOJDKPJHLKFDUGAQSHJAHAR-0&modifiedSince=1639895964186&rf=http%3A%2F%2Fmarketing.ph-mail.com.br%2Fadmin%2Ftemp%2Fdhl%2F&bp=3&app=ea7c4b59f27d43eb&crc=1356301862&en=855neg7n&end=1
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ecommerceportal.dhl.com
marketing.ph-mail.com.br
ecommerceportal.dhl.com
104.109.88.35
177.92.84.29
19878644b02e7f29a79cec8628976c2ae75aa7c01f192989da87192da566ccef
1b6389d35c5f52ed5f726ae3d6222942c0deaec552e0e6bba4ba9a395fcf1cc6
5d61aa55ecb22746c439cfac9e2e9cad51e2427823cfd23cdfea3faf68291386
61c67a70caf388634b7a673db56172bd9ca70b8648b29af3d00c9ac6fc028f17
6466b6d34e2da2bea2c3d0d5a25d84f09d3a90a1aa5391b070cd3df75d214b1d
68986d40e1ac132d2f90a1505ca24baaf4f4c6dc1ddaf649087d95fd772904ed
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
75fd6b02c952c6ad2c3559d871c2b22141f44226ae390ab982de1233e84295c0
80ff1403c19e7a6a0c184ae33ddf326be24a077a207e3b04b1ab689326405982
848ed3323a6714abaacea077103ed676c06a06c63f5631f3e39a06ed5ac1c574
905ef121eb55d75a39e25b743d94453dce955befc515492065bd626971454b2b
90d7c57f39e9c93fd77f5a92d07a6967eedd61fba40c0f3de80bd5105d96a5c8
a0d9389ee2f342f073e39e2040d39c4d4dda2ce8279d5d90015b47493bccfc02
a8fcb38cc9e39de846eb16ec08af2bc97a3a4eaca630e0ef8288771bee1b968f
dfdf92496fc1abae8e8594b3264bf2b3a9083d91a4ac26b5d26abfa59ecaa566
ed4ecb63b737660176484aaf1b63c33a1a6bf5b6a665c07da2de93585b981596
f897e1ef0680e0460536c90c0119abb4e8ddde28e6e0a9f323dca30c7fc92bf9
fce7e84158e60a4d26c681d0a1300b388c629560b52b734703fd63e1a87df3d1
feeea694042e9da25391f3b38c12492949359d3b98364e6781e793fef35fd0a7