urlscan.io logo urlscan.io
SecurityTrails logo

escolhacerta.we.bs Open in urlscan Pro
186.251.138.126  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Submission: On January 06 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 35 HTTP transactions. The main IP is 186.251.138.126, located in Olimpia, Brazil and belongs to IPGLOBE INTERNET LTDA, BR. The main domain is escolhacerta.we.bs.
This is the only time escolhacerta.we.bs was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

IP Address AS Autonomous System
1 10 186.251.138.126 53225 (IPGLOBE I...)
20 104.109.88.35 16625 (AKAMAI-AS)
35 3
Apex Domain
Subdomains		 Transfer
20 dhl.com
ecommerceportal.dhl.com — Cisco Umbrella Rank: 215893
489 KB
10 we.bs
escolhacerta.we.bs
872 KB
35 2
Domain Requested by
20 ecommerceportal.dhl.com escolhacerta.we.bs
ecommerceportal.dhl.com
10 escolhacerta.we.bs 1 redirects escolhacerta.we.bs
ecommerceportal.dhl.com
35 2
Subject Issuer Validity Valid
ecommerceportal.dhl.com
DPDHL Global TLS CA - I5		 2021-06-18 -
2022-06-18		 a year crt.sh

This page contains 1 frames:

Primary Page: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Frame ID: 18825BACB9636999367601684C611798
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login | DHL eCommerce

Page URL History Show full URLs

  1. http://escolhacerta.we.bs/painel/admin/temp/dhl HTTP 301
    http://escolhacerta.we.bs/painel/admin/temp/dhl/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

57 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1361 kB
Transfer

2229 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://escolhacerta.we.bs/painel/admin/temp/dhl HTTP 301
    http://escolhacerta.we.bs/painel/admin/temp/dhl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
escolhacerta.we.bs/painel/admin/temp/dhl/
Redirect Chain
  • http://escolhacerta.we.bs/painel/admin/temp/dhl
  • http://escolhacerta.we.bs/painel/admin/temp/dhl/
83 KB
83 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
HTTP/1.1
Server
186.251.138.126 Olimpia, Brazil, ASN53225 (IPGLOBE INTERNET LTDA, BR),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
6466b6d34e2da2bea2c3d0d5a25d84f09d3a90a1aa5391b070cd3df75d214b1d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 06 Jan 2022 13:25:36 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
X-Powered-By
PHP/5.6.40
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Thu, 06 Jan 2022 13:25:35 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
Location
http://escolhacerta.we.bs/painel/admin/temp/dhl/
Content-Length
256
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
ruxitagentjs_ICA2QVfgjqrux_10229211201102017.js
ecommerceportal.dhl.com//Portal/ 		320 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecommerceportal.dhl.com//Portal/ruxitagentjs_ICA2QVfgjqrux_10229211201102017.js
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5d61aa55ecb22746c439cfac9e2e9cad51e2427823cfd23cdfea3faf68291386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2010 07:01:40 GMT
date
Thu, 06 Jan 2022 13:25:36 GMT
x-dns-prefetch-control
off
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=51651
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Fri, 07 Jan 2022 03:46:27 GMT
theme.css.xhtml
ecommerceportal.dhl.com/Portal/javax.faces.resource/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ecommerceportal.dhl.com/Portal/javax.faces.resource/theme.css.xhtml?ln=primefaces-aristo
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a8fcb38cc9e39de846eb16ec08af2bc97a3a4eaca630e0ef8288771bee1b968f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 01:56:01 GMT
etag
"1536112562:dtagent10229211201102017eFe2"
x-frame-options
DENY
content-type
text/css
x-oneagent-js-injection
true
date
Thu, 06 Jan 2022 13:25:36 GMT
server-timing
dtRpid;desc="-159633438", dtSInfo;desc="0"
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
3656
x-xss-protection
1; mode=block
expires
Thu, 13 Jan 2022 13:25:36 GMT
jquery.js.xhtml
ecommerceportal.dhl.com//Portal/javax.faces.resource/jquery/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecommerceportal.dhl.com//Portal/javax.faces.resource/jquery/jquery.js.xhtml?ln=primefaces&v=6.2.9
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
90d7c57f39e9c93fd77f5a92d07a6967eedd61fba40c0f3de80bd5105d96a5c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 01:55:45 GMT
etag
"1536112546:dtagent10229211201102017eFe2"
x-frame-options
DENY
content-type
text/javascript
x-oneagent-js-injection
true
date
Thu, 06 Jan 2022 13:25:36 GMT
server-timing
dtRpid;desc="1295499936", dtSInfo;desc="0"
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
30266
x-xss-protection
1; mode=block
expires
Thu, 13 Jan 2022 13:25:36 GMT
jquery-plugins.js.xhtml
ecommerceportal.dhl.com//Portal/javax.faces.resource/jquery/ 		257 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecommerceportal.dhl.com//Portal/javax.faces.resource/jquery/jquery-plugins.js.xhtml?ln=primefaces&v=6.2.9
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
75fd6b02c952c6ad2c3559d871c2b22141f44226ae390ab982de1233e84295c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 01:56:09 GMT
etag
"1536112570:dtagent10229211201102017eFe2"
x-frame-options
DENY
content-type
text/javascript
x-oneagent-js-injection
true
date
Thu, 06 Jan 2022 13:25:36 GMT
server-timing
dtRpid;desc="-1579729144", dtSInfo;desc="0"
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 13 Jan 2022 13:25:36 GMT
core.js.xhtml
ecommerceportal.dhl.com//Portal/javax.faces.resource/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecommerceportal.dhl.com//Portal/javax.faces.resource/core.js.xhtml?ln=primefaces&v=6.2.9
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f897e1ef0680e0460536c90c0119abb4e8ddde28e6e0a9f323dca30c7fc92bf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 01:56:01 GMT
etag
"1536112562:dtagent10229211201102017eFe2"
x-frame-options
DENY
content-type
text/javascript
x-oneagent-js-injection
true
date
Thu, 06 Jan 2022 13:25:36 GMT
server-timing
dtRpid;desc="1880356289", dtSInfo;desc="0"
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
9748
x-xss-protection
1; mode=block
expires
Thu, 13 Jan 2022 13:25:36 GMT
components.js.xhtml
ecommerceportal.dhl.com//Portal/javax.faces.resource/ 		407 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecommerceportal.dhl.com//Portal/javax.faces.resource/components.js.xhtml?ln=primefaces&v=6.2.9
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
848ed3323a6714abaacea077103ed676c06a06c63f5631f3e39a06ed5ac1c574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 01:56:09 GMT
etag
"1536112570:dtagent10229211201102017eFe2"
x-frame-options
DENY
content-type
text/javascript
x-oneagent-js-injection
true
date
Thu, 06 Jan 2022 13:25:36 GMT
server-timing
dtRpid;desc="-2118313353", dtSInfo;desc="0"
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 13 Jan 2022 13:25:36 GMT
components.css.xhtml
ecommerceportal.dhl.com/Portal/javax.faces.resource/ 		85 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ecommerceportal.dhl.com/Portal/javax.faces.resource/components.css.xhtml?ln=primefaces&v=6.2.9
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
61c67a70caf388634b7a673db56172bd9ca70b8648b29af3d00c9ac6fc028f17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 01:56:01 GMT
etag
"1536112562:dtagent10229211201102017eFe2"
x-frame-options
DENY
content-type
text/css
x-oneagent-js-injection
true
date
Thu, 06 Jan 2022 13:25:36 GMT
server-timing
dtRpid;desc="1464241583", dtSInfo;desc="0"
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
14525
x-xss-protection
1; mode=block
expires
Thu, 13 Jan 2022 13:25:36 GMT
style.css
escolhacerta.we.bs/painel/admin/temp/dhl/css/ 		235 KB
236 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://escolhacerta.we.bs/painel/admin/temp/dhl/css/style.css
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
HTTP/1.1
Server
186.251.138.126 Olimpia, Brazil, ASN53225 (IPGLOBE INTERNET LTDA, BR),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
ed4ecb63b737660176484aaf1b63c33a1a6bf5b6a665c07da2de93585b981596

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/painel/admin/temp/dhl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 06 Jan 2022 13:25:36 GMT
Last-Modified
Tue, 04 Jan 2022 20:11:54 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"3ad86-5d4c73f971680"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
241030
dhl_logo.png
ecommerceportal.dhl.com//Portal/resources/ui-template-0.3/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com//Portal/resources/ui-template-0.3/img/dhl_logo.png?version=6.7.2
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1b6389d35c5f52ed5f726ae3d6222942c0deaec552e0e6bba4ba9a395fcf1cc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 13:25:37 GMT
x-frame-options
DENY
content-type
image/png
x-oneagent-js-injection
true
cache-control
max-age=528262
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
7492
x-xss-protection
1; mode=block
expires
Wed, 12 Jan 2022 16:09:59 GMT
cc.png
escolhacerta.we.bs/painel/admin/temp/dhl/ 		526 KB
527 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://escolhacerta.we.bs/painel/admin/temp/dhl/cc.png
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
HTTP/1.1
Server
186.251.138.126 Olimpia, Brazil, ASN53225 (IPGLOBE INTERNET LTDA, BR),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
c8b9d0ce0ac8d5ff4c370ceece0650959c2e9709ae7e176a85bf95947c03970d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/painel/admin/temp/dhl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 06 Jan 2022 13:25:37 GMT
Last-Modified
Tue, 04 Jan 2022 20:06:58 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"839ab-5d4c72df27c80"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
539051
ruxitagentjs_D_10229211201102017.js
escolhacerta.we.bs/Portal/ 		240 B
487 B 		Other
General
Check archive.org
Download Go to
Full URL
http://escolhacerta.we.bs/Portal/ruxitagentjs_D_10229211201102017.js
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
HTTP/1.1
Server
186.251.138.126 Olimpia, Brazil, ASN53225 (IPGLOBE INTERNET LTDA, BR),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
6d280681f882276cb0f149220af559b20abd1b8f54602f3c746535440e8a657a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/painel/admin/temp/dhl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 06 Jan 2022 13:25:36 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
240
Content-Type
text/html; charset=iso-8859-1
dot_clear.gif.xhtml
ecommerceportal.dhl.com//Portal/javax.faces.resource/spacer/ 		42 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com//Portal/javax.faces.resource/spacer/dot_clear.gif.xhtml?ln=primefaces&v=6.2.9
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 01:55:49 GMT
etag
"1536112550:dtagent10229211201102017eFe2"
x-frame-options
DENY
content-type
image/gif
x-oneagent-js-injection
true
date
Thu, 06 Jan 2022 13:25:37 GMT
server-timing
dtRpid;desc="-2143677537", dtSInfo;desc="0"
x-dns-prefetch-control
off
content-length
42
x-xss-protection
1; mode=block
expires
Thu, 13 Jan 2022 13:25:37 GMT
servicelink_separator_footer.gif
ecommerceportal.dhl.com//Portal/resources/ui-template-0.3/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com//Portal/resources/ui-template-0.3/img/servicelink_separator_footer.gif?version=6.7.2
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
feeea694042e9da25391f3b38c12492949359d3b98364e6781e793fef35fd0a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 13:25:37 GMT
x-frame-options
DENY
content-type
image/gif
x-oneagent-js-injection
true
cache-control
max-age=73789
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
1290
x-xss-protection
1; mode=block
expires
Fri, 07 Jan 2022 09:55:26 GMT
ruxitagentjs_D_10229211201102017.js
escolhacerta.we.bs/Portal/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://escolhacerta.we.bs/Portal/ruxitagentjs_D_10229211201102017.js
Requested by
Host: ecommerceportal.dhl.com
URL: https://ecommerceportal.dhl.com//Portal/ruxitagentjs_ICA2QVfgjqrux_10229211201102017.js
Protocol
HTTP/1.1
Server
186.251.138.126 Olimpia, Brazil, ASN53225 (IPGLOBE INTERNET LTDA, BR),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash

Request headers

Referer
http://escolhacerta.we.bs/painel/admin/temp/dhl/
Origin
http://escolhacerta.we.bs
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 06 Jan 2022 13:25:37 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
240
Content-Type
text/html; charset=iso-8859-1
java.js
escolhacerta.we.bs/painel/admin/temp/dhl/css/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://escolhacerta.we.bs/painel/admin/temp/dhl/css/java.js
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
HTTP/1.1
Server
186.251.138.126 Olimpia, Brazil, ASN53225 (IPGLOBE INTERNET LTDA, BR),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
68986d40e1ac132d2f90a1505ca24baaf4f4c6dc1ddaf649087d95fd772904ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/painel/admin/temp/dhl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 06 Jan 2022 13:25:37 GMT
Last-Modified
Thu, 23 Dec 2021 01:23:42 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"606d-5d3c616bca380"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
24685
bg.jpg
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/ 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/bg.jpg?version=6.7.2
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dfdf92496fc1abae8e8594b3264bf2b3a9083d91a4ac26b5d26abfa59ecaa566
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 13:25:37 GMT
x-frame-options
DENY
content-type
image/jpeg
x-oneagent-js-injection
true
cache-control
max-age=471242
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
133249
x-xss-protection
1; mode=block
expires
Wed, 12 Jan 2022 00:19:39 GMT
header-background.png
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/header-background.png?version=6.7.2
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
80ff1403c19e7a6a0c184ae33ddf326be24a077a207e3b04b1ab689326405982
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 13:25:37 GMT
x-frame-options
DENY
content-type
image/png
x-oneagent-js-injection
true
cache-control
max-age=437239
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
1391
x-xss-protection
1; mode=block
expires
Tue, 11 Jan 2022 14:52:56 GMT
loc-finder-imge1-selected.png
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/loc-finder-imge1-selected.png?version=6.7.2
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a0d9389ee2f342f073e39e2040d39c4d4dda2ce8279d5d90015b47493bccfc02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 13:25:37 GMT
x-frame-options
DENY
content-type
image/png
x-oneagent-js-injection
true
cache-control
max-age=322704
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
1247
x-xss-protection
1; mode=block
expires
Mon, 10 Jan 2022 07:04:01 GMT
ICONS_RED_CIRCLE_LOCATION1.png
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/ 		661 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/ICONS_RED_CIRCLE_LOCATION1.png?version=6.7.2
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
19878644b02e7f29a79cec8628976c2ae75aa7c01f192989da87192da566ccef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 13:25:37 GMT
x-frame-options
DENY
content-type
image/png
x-oneagent-js-injection
true
cache-control
max-age=422004
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
661
x-xss-protection
1; mode=block
expires
Tue, 11 Jan 2022 10:39:01 GMT
Delivery_W_CdLt.woff2
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF2/ 		0
0
down-arrow.png
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/ 		511 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/down-arrow.png?version=6.7.2
Requested by
Host: escolhacerta.we.bs
URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fce7e84158e60a4d26c681d0a1300b388c629560b52b734703fd63e1a87df3d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 13:25:37 GMT
x-frame-options
DENY
content-type
image/png
x-oneagent-js-injection
true
cache-control
max-age=551169
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
511
x-xss-protection
1; mode=block
expires
Wed, 12 Jan 2022 22:31:46 GMT
Delivery_W_Bd.woff2
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF2/ 		0
0
Delivery_W_CdLt.woff
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF/ 		0
0
Delivery_W_Bd.woff
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF/ 		0
0
Delivery_CdLt.ttf
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/TTF/ 		0
0
Delivery_Bd.ttf
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/TTF/ 		0
0
rb_02ab6811-c8ba-4103-ac6a-0d5055e74c3d
escolhacerta.we.bs/Portal/ 		244 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://escolhacerta.we.bs/Portal/rb_02ab6811-c8ba-4103-ac6a-0d5055e74c3d?type=js3&sn=v_4_srv_-2D38_sn_FNJOLOKQQNU9IUML1JAQB7HV2R0RN6UI&svrid=-38&flavor=post&vi=PHIWPLMPPALAUCAKFGOFDDKFFCEEUURI-0&modifiedSince=1639895964186&rf=http%3A%2F%2Fescolhacerta.we.bs%2Fpainel%2Fadmin%2Ftemp%2Fdhl%2F&bp=3&app=ea7c4b59f27d43eb&crc=3683620808&en=855neg7n&end=1
Requested by
Host: ecommerceportal.dhl.com
URL: https://ecommerceportal.dhl.com//Portal/ruxitagentjs_ICA2QVfgjqrux_10229211201102017.js
Protocol
HTTP/1.1
Server
186.251.138.126 Olimpia, Brazil, ASN53225 (IPGLOBE INTERNET LTDA, BR),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
8d19dc9ab10cb2c56bd8a227d5b794d3f42bfece0243b0be5dba13f8dbacc6fc

Request headers

Referer
http://escolhacerta.we.bs/painel/admin/temp/dhl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 06 Jan 2022 13:25:38 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
244
Content-Type
text/html; charset=iso-8859-1
header-background.png
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/header-background.png?version=6.7.2
Requested by
Host: ecommerceportal.dhl.com
URL: https://ecommerceportal.dhl.com//Portal/ruxitagentjs_ICA2QVfgjqrux_10229211201102017.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
80ff1403c19e7a6a0c184ae33ddf326be24a077a207e3b04b1ab689326405982
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 13:25:39 GMT
x-frame-options
DENY
content-type
image/png
x-oneagent-js-injection
true
cache-control
max-age=437237
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
1391
x-xss-protection
1; mode=block
expires
Tue, 11 Jan 2022 14:52:56 GMT
loc-finder-imge1-selected.png
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/loc-finder-imge1-selected.png?version=6.7.2
Requested by
Host: ecommerceportal.dhl.com
URL: https://ecommerceportal.dhl.com//Portal/ruxitagentjs_ICA2QVfgjqrux_10229211201102017.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a0d9389ee2f342f073e39e2040d39c4d4dda2ce8279d5d90015b47493bccfc02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 13:25:39 GMT
x-frame-options
DENY
content-type
image/png
x-oneagent-js-injection
true
cache-control
max-age=322702
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
1247
x-xss-protection
1; mode=block
expires
Mon, 10 Jan 2022 07:04:01 GMT
ICONS_RED_CIRCLE_LOCATION1.png
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/ 		661 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/ICONS_RED_CIRCLE_LOCATION1.png?version=6.7.2
Requested by
Host: ecommerceportal.dhl.com
URL: https://ecommerceportal.dhl.com//Portal/ruxitagentjs_ICA2QVfgjqrux_10229211201102017.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
19878644b02e7f29a79cec8628976c2ae75aa7c01f192989da87192da566ccef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 13:25:39 GMT
x-frame-options
DENY
content-type
image/png
x-oneagent-js-injection
true
cache-control
max-age=422002
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
661
x-xss-protection
1; mode=block
expires
Tue, 11 Jan 2022 10:39:01 GMT
down-arrow.png
ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/ 		511 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/img/down-arrow.png?version=6.7.2
Requested by
Host: ecommerceportal.dhl.com
URL: https://ecommerceportal.dhl.com//Portal/ruxitagentjs_ICA2QVfgjqrux_10229211201102017.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fce7e84158e60a4d26c681d0a1300b388c629560b52b734703fd63e1a87df3d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 13:25:39 GMT
x-frame-options
DENY
content-type
image/png
x-oneagent-js-injection
true
cache-control
max-age=551167
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
511
x-xss-protection
1; mode=block
expires
Wed, 12 Jan 2022 22:31:46 GMT
ui-icons_898989_256x240.png
ecommerceportal.dhl.com/Portal/resources/ui-template-0.2/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.2/img/ui-icons_898989_256x240.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.88.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-88-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e0965682db4acacdb90008b078cdacae4b76410c23c360aa3be7998d2f59bd0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://escolhacerta.we.bs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 12:21:10 GMT
date
Thu, 06 Jan 2022 13:25:39 GMT
x-frame-options
DENY
content-type
image/png
x-oneagent-js-injection
true
cache-control
max-age=408391
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
4754
x-xss-protection
1; mode=block
expires
Tue, 11 Jan 2022 06:52:10 GMT
rb_02ab6811-c8ba-4103-ac6a-0d5055e74c3d
escolhacerta.we.bs/Portal/ 		244 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://escolhacerta.we.bs/Portal/rb_02ab6811-c8ba-4103-ac6a-0d5055e74c3d?type=js3&sn=v_4_srv_-2D38_sn_FNJOLOKQQNU9IUML1JAQB7HV2R0RN6UI&svrid=-38&flavor=post&vi=PHIWPLMPPALAUCAKFGOFDDKFFCEEUURI-0&modifiedSince=1639895964186&rf=http%3A%2F%2Fescolhacerta.we.bs%2Fpainel%2Fadmin%2Ftemp%2Fdhl%2F&bp=3&app=ea7c4b59f27d43eb&crc=4221236037&en=855neg7n&end=1
Requested by
Host: ecommerceportal.dhl.com
URL: https://ecommerceportal.dhl.com//Portal/ruxitagentjs_ICA2QVfgjqrux_10229211201102017.js
Protocol
HTTP/1.1
Server
186.251.138.126 Olimpia, Brazil, ASN53225 (IPGLOBE INTERNET LTDA, BR),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
8d19dc9ab10cb2c56bd8a227d5b794d3f42bfece0243b0be5dba13f8dbacc6fc

Request headers

Referer
http://escolhacerta.we.bs/painel/admin/temp/dhl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 06 Jan 2022 13:25:39 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
244
Content-Type
text/html; charset=iso-8859-1
rb_02ab6811-c8ba-4103-ac6a-0d5055e74c3d
escolhacerta.we.bs/Portal/ 		244 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://escolhacerta.we.bs/Portal/rb_02ab6811-c8ba-4103-ac6a-0d5055e74c3d?type=js3&sn=v_4_srv_-2D38_sn_FNJOLOKQQNU9IUML1JAQB7HV2R0RN6UI&svrid=-38&flavor=post&vi=PHIWPLMPPALAUCAKFGOFDDKFFCEEUURI-0&modifiedSince=1639895964186&rf=http%3A%2F%2Fescolhacerta.we.bs%2Fpainel%2Fadmin%2Ftemp%2Fdhl%2F&bp=3&app=ea7c4b59f27d43eb&crc=518403&en=855neg7n&end=1
Requested by
Host: ecommerceportal.dhl.com
URL: https://ecommerceportal.dhl.com//Portal/ruxitagentjs_ICA2QVfgjqrux_10229211201102017.js
Protocol
HTTP/1.1
Server
186.251.138.126 Olimpia, Brazil, ASN53225 (IPGLOBE INTERNET LTDA, BR),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
8d19dc9ab10cb2c56bd8a227d5b794d3f42bfece0243b0be5dba13f8dbacc6fc

Request headers

Referer
http://escolhacerta.we.bs/painel/admin/temp/dhl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 06 Jan 2022 13:25:41 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
244
Content-Type
text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ecommerceportal.dhl.com
URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF2/Delivery_W_CdLt.woff2
Domain
ecommerceportal.dhl.com
URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF2/Delivery_W_Bd.woff2
Domain
ecommerceportal.dhl.com
URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF/Delivery_W_CdLt.woff
Domain
ecommerceportal.dhl.com
URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF/Delivery_W_Bd.woff
Domain
ecommerceportal.dhl.com
URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/TTF/Delivery_CdLt.ttf
Domain
ecommerceportal.dhl.com
URL
https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/TTF/Delivery_Bd.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange object| dT_ object| dtrum function| $ function| autosize function| PF object| PrimeFaces function| Class number| currentYear function| validateCreditCard function| cardType

5 Cookies

Domain/Path Name / Value
.escolhacerta.we.bs/ Name: dtCookie
Value: v_4_srv_-2D38_sn_FNJOLOKQQNU9IUML1JAQB7HV2R0RN6UI
.escolhacerta.we.bs/ Name: rxVisitor
Value: 1641475536327I45BBHOTLNOBNG1EIH9E5KGF0IDGQMLB
.escolhacerta.we.bs/ Name: dtSa
Value: -
.escolhacerta.we.bs/ Name: rxvt
Value: 1641477338299|1641475536328
.escolhacerta.we.bs/ Name: dtPC
Value: -38$475536324_880h-vPHIWPLMPPALAUCAKFGOFDDKFFCEEUURI-0e0

17 Console Messages

Source Level URL
Text
network error URL: http://escolhacerta.we.bs/Portal/ruxitagentjs_D_10229211201102017.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Message:
Access to font at 'https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF2/Delivery_W_CdLt.woff2' from origin 'http://escolhacerta.we.bs' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF2/Delivery_W_CdLt.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Message:
Access to font at 'https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF2/Delivery_W_Bd.woff2' from origin 'http://escolhacerta.we.bs' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF2/Delivery_W_Bd.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Message:
Access to font at 'https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF/Delivery_W_CdLt.woff' from origin 'http://escolhacerta.we.bs' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF/Delivery_W_CdLt.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Message:
Access to font at 'https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF/Delivery_W_Bd.woff' from origin 'http://escolhacerta.we.bs' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/WOFF/Delivery_W_Bd.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Message:
Access to font at 'https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/TTF/Delivery_CdLt.ttf' from origin 'http://escolhacerta.we.bs' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/TTF/Delivery_CdLt.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://escolhacerta.we.bs/painel/admin/temp/dhl/
Message:
Access to font at 'https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/TTF/Delivery_Bd.ttf' from origin 'http://escolhacerta.we.bs' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ecommerceportal.dhl.com/Portal/resources/ui-template-0.3/Fonts-Delivery/TTF/Delivery_Bd.ttf
Message:
Failed to load resource: net::ERR_FAILED
network error URL: http://escolhacerta.we.bs/Portal/ruxitagentjs_D_10229211201102017.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://escolhacerta.we.bs/Portal/rb_02ab6811-c8ba-4103-ac6a-0d5055e74c3d?type=js3&sn=v_4_srv_-2D38_sn_FNJOLOKQQNU9IUML1JAQB7HV2R0RN6UI&svrid=-38&flavor=post&vi=PHIWPLMPPALAUCAKFGOFDDKFFCEEUURI-0&modifiedSince=1639895964186&rf=http%3A%2F%2Fescolhacerta.we.bs%2Fpainel%2Fadmin%2Ftemp%2Fdhl%2F&bp=3&app=ea7c4b59f27d43eb&crc=3683620808&en=855neg7n&end=1
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://escolhacerta.we.bs/Portal/rb_02ab6811-c8ba-4103-ac6a-0d5055e74c3d?type=js3&sn=v_4_srv_-2D38_sn_FNJOLOKQQNU9IUML1JAQB7HV2R0RN6UI&svrid=-38&flavor=post&vi=PHIWPLMPPALAUCAKFGOFDDKFFCEEUURI-0&modifiedSince=1639895964186&rf=http%3A%2F%2Fescolhacerta.we.bs%2Fpainel%2Fadmin%2Ftemp%2Fdhl%2F&bp=3&app=ea7c4b59f27d43eb&crc=4221236037&en=855neg7n&end=1
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://escolhacerta.we.bs/Portal/rb_02ab6811-c8ba-4103-ac6a-0d5055e74c3d?type=js3&sn=v_4_srv_-2D38_sn_FNJOLOKQQNU9IUML1JAQB7HV2R0RN6UI&svrid=-38&flavor=post&vi=PHIWPLMPPALAUCAKFGOFDDKFFCEEUURI-0&modifiedSince=1639895964186&rf=http%3A%2F%2Fescolhacerta.we.bs%2Fpainel%2Fadmin%2Ftemp%2Fdhl%2F&bp=3&app=ea7c4b59f27d43eb&crc=518403&en=855neg7n&end=1
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ecommerceportal.dhl.com
escolhacerta.we.bs
ecommerceportal.dhl.com
104.109.88.35
186.251.138.126
19878644b02e7f29a79cec8628976c2ae75aa7c01f192989da87192da566ccef
1b6389d35c5f52ed5f726ae3d6222942c0deaec552e0e6bba4ba9a395fcf1cc6
5d61aa55ecb22746c439cfac9e2e9cad51e2427823cfd23cdfea3faf68291386
61c67a70caf388634b7a673db56172bd9ca70b8648b29af3d00c9ac6fc028f17
6466b6d34e2da2bea2c3d0d5a25d84f09d3a90a1aa5391b070cd3df75d214b1d
68986d40e1ac132d2f90a1505ca24baaf4f4c6dc1ddaf649087d95fd772904ed
6d280681f882276cb0f149220af559b20abd1b8f54602f3c746535440e8a657a
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
75fd6b02c952c6ad2c3559d871c2b22141f44226ae390ab982de1233e84295c0
80ff1403c19e7a6a0c184ae33ddf326be24a077a207e3b04b1ab689326405982
848ed3323a6714abaacea077103ed676c06a06c63f5631f3e39a06ed5ac1c574
8d19dc9ab10cb2c56bd8a227d5b794d3f42bfece0243b0be5dba13f8dbacc6fc
90d7c57f39e9c93fd77f5a92d07a6967eedd61fba40c0f3de80bd5105d96a5c8
a0d9389ee2f342f073e39e2040d39c4d4dda2ce8279d5d90015b47493bccfc02
a8fcb38cc9e39de846eb16ec08af2bc97a3a4eaca630e0ef8288771bee1b968f
c8b9d0ce0ac8d5ff4c370ceece0650959c2e9709ae7e176a85bf95947c03970d
dfdf92496fc1abae8e8594b3264bf2b3a9083d91a4ac26b5d26abfa59ecaa566
e0965682db4acacdb90008b078cdacae4b76410c23c360aa3be7998d2f59bd0a
ed4ecb63b737660176484aaf1b63c33a1a6bf5b6a665c07da2de93585b981596
f897e1ef0680e0460536c90c0119abb4e8ddde28e6e0a9f323dca30c7fc92bf9
fce7e84158e60a4d26c681d0a1300b388c629560b52b734703fd63e1a87df3d1
feeea694042e9da25391f3b38c12492949359d3b98364e6781e793fef35fd0a7