urlscan.io logo urlscan.io
SecurityTrails logo

flekomax.top Open in urlscan Pro
213.189.56.206  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://z755carcare.com/d/?login=x
Effective URL: https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa1...
Submission: On August 16 via manual from HK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 14 HTTP transactions. The main IP is 213.189.56.206, located in Poland and belongs to ECO-ATMAN-PL ECO-ATMAN-, PL. The main domain is flekomax.top.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 24th 2019. Valid for: 3 months.
This is the only time flekomax.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

IP Address AS Autonomous System
1 1 103.90.226.147 135905 (VNPT-AS-V...)
1 2 213.189.56.206 57367 (ECO-ATMAN...)
13 106.122.255.38 133774 (CHINATELE...)
14 2
Apex Domain
Subdomains		 Transfer
13 5idhl.com
etracing.5idhl.com
269 KB
2 flekomax.top
flekomax.top
11 KB
1 z755carcare.com
z755carcare.com
253 B
14 3
Domain Requested by
13 etracing.5idhl.com flekomax.top
etracing.5idhl.com
2 flekomax.top 1 redirects
1 z755carcare.com 1 redirects
14 3

This site contains links to these domains. Also see Links.

Domain
www.5idhl.com
Subject Issuer Validity Valid
flekomax.top
Let's Encrypt Authority X3		 2019-07-24 -
2019-10-22		 3 months crt.sh
*.5idhl.com
GeoTrust RSA CA 2018		 2018-05-28 -
2019-10-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
Frame ID: 2A74C16E92CC1B1CE6C195046292A79F
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://z755carcare.com/d/?login=x HTTP 302
    https://flekomax.top/Apps/5iDHL/?login=x HTTP 302
    https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

280 kB
Transfer

453 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://z755carcare.com/d/?login=x HTTP 302
    https://flekomax.top/Apps/5iDHL/?login=x HTTP 302
    https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 8e9c81s7iujeu60v2nfa9gv7.php
flekomax.top/Apps/5iDHL/
Redirect Chain
  • http://z755carcare.com/d/?login=x
  • https://flekomax.top/Apps/5iDHL/?login=x
  • https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77af...
11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.189.56.206 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web26.mydevil.net
Software
nginx / PHP/7.1.21
Resource Hash
e7bb14238dc429ccf87c250bb1a441f47cfc0119a3973801cd60890445b87150

Request headers

:method
GET
:authority
flekomax.top
:scheme
https
:path
/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx
date
Fri, 16 Aug 2019 01:55:02 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.1.21

Redirect headers

status
302
server
nginx
date
Fri, 16 Aug 2019 01:55:02 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.1.21
location
8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
bootstrap.min.css
etracing.5idhl.com/EClaim/css/ 		118 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://etracing.5idhl.com/EClaim/css/bootstrap.min.css
Requested by
Host: flekomax.top
URL: https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
106.122.255.38 , China, ASN133774 (CHINATELECOM-FUJIAN-FUZHOU-IDC1 Fuzhou, CN),
Reverse DNS
Software
/
Resource Hash
fd1df53216557cfcb5629d56b44536931aac98ec67eed520986dfc3f3043293b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 01:55:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Apr 2019 10:54:55 GMT
Age
1
X-Via
1.1 x13:6 (Cdn Cache Server V2.0)
Connection
keep-alive
Content-Type
text/css;charset=UTF-8
Content-Length
29508
base.css
etracing.5idhl.com/EClaim/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://etracing.5idhl.com/EClaim/css/base.css
Requested by
Host: flekomax.top
URL: https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
106.122.255.38 , China, ASN133774 (CHINATELECOM-FUJIAN-FUZHOU-IDC1 Fuzhou, CN),
Reverse DNS
Software
/
Resource Hash
e789e21d7038024b1b1cf2e0aded5240d553fdde58bc35470e45a45cd826306f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 01:55:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Apr 2019 10:54:55 GMT
Age
1
X-Via
1.1 PSbjwjBGP2vr235:1 (Cdn Cache Server V2.0), 1.1 x13:6 (Cdn Cache Server V2.0)
Connection
keep-alive
Content-Type
text/css;charset=UTF-8
Content-Length
1730
login.css
etracing.5idhl.com/EClaim/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://etracing.5idhl.com/EClaim/css/login.css
Requested by
Host: flekomax.top
URL: https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
106.122.255.38 , China, ASN133774 (CHINATELECOM-FUJIAN-FUZHOU-IDC1 Fuzhou, CN),
Reverse DNS
Software
/
Resource Hash
1caf4d1a4798e38ff1e7c7f3c4f96bdbef470e9439344095d8407d167f23918a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 01:55:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Apr 2019 10:54:55 GMT
Age
1
X-Via
1.1 PSbjwjBGP2vr235:1 (Cdn Cache Server V2.0), 1.1 x13:6 (Cdn Cache Server V2.0)
Connection
keep-alive
Content-Type
text/css;charset=UTF-8
Content-Length
768
content.css
etracing.5idhl.com/EClaim/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://etracing.5idhl.com/EClaim/css/content.css
Requested by
Host: flekomax.top
URL: https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
106.122.255.38 , China, ASN133774 (CHINATELECOM-FUJIAN-FUZHOU-IDC1 Fuzhou, CN),
Reverse DNS
Software
/
Resource Hash
7c06812819b9b9174dea3e3167958745712f9cb0594c31bcd3d2a8ad6beb9bd3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 01:55:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Apr 2019 10:54:55 GMT
Age
1
X-Via
1.1 PSbjwjBGP2vr235:1 (Cdn Cache Server V2.0), 1.1 x13:6 (Cdn Cache Server V2.0)
Connection
keep-alive
Content-Type
text/css;charset=UTF-8
Content-Length
3257
jquery-1.11.3.min.js
etracing.5idhl.com/EClaim/js/ 		94 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://etracing.5idhl.com/EClaim/js/jquery-1.11.3.min.js
Requested by
Host: flekomax.top
URL: https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
106.122.255.38 , China, ASN133774 (CHINATELECOM-FUJIAN-FUZHOU-IDC1 Fuzhou, CN),
Reverse DNS
Software
/
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 01:55:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Apr 2019 10:54:56 GMT
Connection
keep-alive
Content-Type
application/javascript;charset=UTF-8
Content-Length
44993
X-Via
1.1 x13:6 (Cdn Cache Server V2.0)
common.js
etracing.5idhl.com/EClaim/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://etracing.5idhl.com/EClaim/js/common.js
Requested by
Host: flekomax.top
URL: https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
106.122.255.38 , China, ASN133774 (CHINATELECOM-FUJIAN-FUZHOU-IDC1 Fuzhou, CN),
Reverse DNS
Software
/
Resource Hash
ef46131149b6b6a98a411469caab0a7baf189aed1c0e899561755fc89fe478b4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 01:55:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Apr 2019 10:54:56 GMT
Age
1
X-Via
1.1 PSbjwjBGP2vr235:1 (Cdn Cache Server V2.0), 1.1 x13:6 (Cdn Cache Server V2.0)
Connection
keep-alive
Content-Type
application/javascript;charset=UTF-8
Content-Length
4138
layer.js
etracing.5idhl.com/EClaim/js/layer/ 		21 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://etracing.5idhl.com/EClaim/js/layer/layer.js
Requested by
Host: flekomax.top
URL: https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
106.122.255.38 , China, ASN133774 (CHINATELECOM-FUJIAN-FUZHOU-IDC1 Fuzhou, CN),
Reverse DNS
Software
/
Resource Hash
661f380b3cedd25209ae8dacce24bb16c3cd43bb6a2a3c1a830b2af0112837ee

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 01:55:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Apr 2019 10:54:56 GMT
Connection
keep-alive
Content-Type
application/javascript;charset=UTF-8
Content-Length
9565
X-Via
1.1 x13:6 (Cdn Cache Server V2.0)
jsWin.js
etracing.5idhl.com/EClaim/js/ 		1 KB
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://etracing.5idhl.com/EClaim/js/jsWin.js
Requested by
Host: flekomax.top
URL: https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
106.122.255.38 , China, ASN133774 (CHINATELECOM-FUJIAN-FUZHOU-IDC1 Fuzhou, CN),
Reverse DNS
Software
/
Resource Hash
c44b69316ec5698a599c3dfaf38234954552891a33ef1caad4819ffe23fe5272

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 01:55:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Apr 2019 10:54:56 GMT
Connection
keep-alive
Content-Type
application/javascript;charset=UTF-8
Content-Length
565
X-Via
1.1 x13:6 (Cdn Cache Server V2.0)
logo.png
etracing.5idhl.com/EClaim/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://etracing.5idhl.com/EClaim/images/logo.png
Requested by
Host: flekomax.top
URL: https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
106.122.255.38 , China, ASN133774 (CHINATELECOM-FUJIAN-FUZHOU-IDC1 Fuzhou, CN),
Reverse DNS
Software
/
Resource Hash
128f8b9185f2b9ce70ed84cd53a663028a366e8067dd43131da5ed2b3a0c1ee0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 01:55:04 GMT
Last-Modified
Thu, 18 Apr 2019 10:54:55 GMT
Connection
keep-alive
Age
1
Content-Type
image/png;charset=UTF-8
Content-Length
3823
X-Via
1.1 PSbjsdBGPpx20:10 (Cdn Cache Server V2.0), 1.1 x13:6 (Cdn Cache Server V2.0)
imageServlet
etracing.5idhl.com/EClaim/claim/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://etracing.5idhl.com/EClaim/claim/imageServlet
Requested by
Host: flekomax.top
URL: https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
106.122.255.38 , China, ASN133774 (CHINATELECOM-FUJIAN-FUZHOU-IDC1 Fuzhou, CN),
Reverse DNS
Software
/
Resource Hash
e0381fc5a655a10afc48c33c78dd935842361f20ea2bada1160c34f5cdfd7ca9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 01:55:04 GMT
Content-Encoding
gzip
Connection
keep-alive
Transfer-Encoding
chunked
X-Via
1.1 x13:6 (Cdn Cache Server V2.0)
national.png
etracing.5idhl.com/EClaim/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://etracing.5idhl.com/EClaim/images/national.png
Requested by
Host: flekomax.top
URL: https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
106.122.255.38 , China, ASN133774 (CHINATELECOM-FUJIAN-FUZHOU-IDC1 Fuzhou, CN),
Reverse DNS
Software
/
Resource Hash
367f0db970a2058fe4a832d0ad72126da933ef44e66ddf965bdb8f26ed17fa70

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 01:55:04 GMT
Last-Modified
Thu, 18 Apr 2019 10:54:55 GMT
Connection
keep-alive
Age
1
Content-Type
image/png;charset=UTF-8
Content-Length
1983
X-Via
1.1 PSbjsdBGPpx20:10 (Cdn Cache Server V2.0), 1.1 x13:6 (Cdn Cache Server V2.0)
layer.css
etracing.5idhl.com/EClaim/js/layer/skin/default/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://etracing.5idhl.com/EClaim/js/layer/skin/default/layer.css?v=3.0.3303
Requested by
Host: etracing.5idhl.com
URL: https://etracing.5idhl.com/EClaim/js/layer/layer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
106.122.255.38 , China, ASN133774 (CHINATELECOM-FUJIAN-FUZHOU-IDC1 Fuzhou, CN),
Reverse DNS
Software
/
Resource Hash
fefc5c5314aa67b5e56ab4d5e8aab61af50a9ca93df64786b24f77a46a5c22f8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://flekomax.top/Apps/5iDHL/8e9c81s7iujeu60v2nfa9gv7.php?b7LC5K1565920502b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2b7c8caa19cff100b869c77aff6b3dfc2&login=x
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 01:55:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Apr 2019 10:54:56 GMT
Age
1
X-Via
1.1 PSbjwjBGP2vr235:1 (Cdn Cache Server V2.0), 1.1 x13:6 (Cdn Cache Server V2.0)
Connection
keep-alive
Content-Type
text/css;charset=UTF-8
Content-Length
3949
bg-body.jpg
etracing.5idhl.com/EClaim/images/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://etracing.5idhl.com/EClaim/images/bg-body.jpg
Requested by
Host: etracing.5idhl.com
URL: https://etracing.5idhl.com/EClaim/js/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
106.122.255.38 , China, ASN133774 (CHINATELECOM-FUJIAN-FUZHOU-IDC1 Fuzhou, CN),
Reverse DNS
Software
/
Resource Hash
c74e117aacdf398503bfab73dd2791fe03de045d4011e6202bc7133b03296e8c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://etracing.5idhl.com/EClaim/css/base.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 01:55:05 GMT
Last-Modified
Thu, 18 Apr 2019 10:54:56 GMT
Connection
keep-alive
Age
1
Content-Type
image/jpeg;charset=UTF-8
Content-Length
165869
X-Via
1.1 x13:6 (Cdn Cache Server V2.0)

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| export2pdf function| jsCreateRandomCode function| jsSetValuebyCheckbox function| jsSetValuebySelect function| jsSetOPTNameValue function| jsGeneratePDF function| jsDownloadDoc function| jsUploadFile function| jsDelUploadFile function| jsGetReloadUploadFileList function| jsSubmitDocument function| jsCheckingDate function| jsVerifyUUID function| jsVerifyEmail function| jsVerifyImgCode function| jsVerifyPhoneCode object| layer function| openJsWin function| createMengBan function| createWin function| winTitleHTML

0 Cookies