xplicitcoding.com
Open in
urlscan Pro
141.193.213.11
Malicious Activity!
Public Scan
Submission: On March 06 via automatic, source phishtank — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 10th 2024. Valid for: a year.
This is the only time xplicitcoding.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 141.193.213.11 141.193.213.11 | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare) | |
31 | 93.174.145.36 93.174.145.36 | 48703 (CNAM-AS CNAM) (CNAM-AS CNAM - AS de la Caisse Nationale dAssurance Maladie) | |
1 1 | 2a02:26f0:480... 2a02:26f0:480:d::210:f144 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a02:26f0:480... 2a02:26f0:480:59b::4b3f | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 4 | 142.250.184.230 142.250.184.230 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 18.173.191.55 18.173.191.55 | 16509 (AMAZON-02) (AMAZON-02) | |
4 4 | 37.252.171.149 37.252.171.149 | 29990 (ASN-APPNEX) (ASN-APPNEX) | |
4 8 | 37.252.171.52 37.252.171.52 | 29990 (ASN-APPNEX) (ASN-APPNEX) | |
2 | 2a00:1450:400... 2a00:1450:4001:831::2002 | 15169 (GOOGLE) (GOOGLE) | |
2 | 216.58.212.166 216.58.212.166 | 15169 (GOOGLE) (GOOGLE) | |
51 | 9 |
ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
xplicitcoding.com |
ASN48703 (CNAM-AS CNAM - AS de la Caisse Nationale dAssurance Maladie, FR)
PTR: assure.ameli.fr
assure.ameli.fr |
ASN20940 (AKAMAI-ASN1, NL)
www.logistics.dhl |
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
3954462.fls.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-18-173-191-55.muc50.r.cloudfront.net
logs1242.xiti.com |
ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com |
ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net
ad.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
31 |
ameli.fr
assure.ameli.fr — Cisco Umbrella Rank: 477267 |
347 KB |
12 |
adnxs.com
8 redirects
ib.adnxs.com — Cisco Umbrella Rank: 256 secure.adnxs.com — Cisco Umbrella Rank: 500 |
13 KB |
6 |
doubleclick.net
2 redirects
3954462.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 158 |
7 KB |
6 |
xplicitcoding.com
xplicitcoding.com |
48 KB |
2 |
google.com
adservice.google.com — Cisco Umbrella Rank: 92 |
508 B |
2 |
xiti.com
1 redirects
logs1242.xiti.com — Cisco Umbrella Rank: 260837 |
1 KB |
1 |
dhl.com
www.dhl.com — Cisco Umbrella Rank: 45251 |
1 KB |
1 |
logistics.dhl
1 redirects
www.logistics.dhl — Cisco Umbrella Rank: 655139 |
144 B |
0 |
ebz.io
Failed
as.ebz.io Failed |
|
51 | 9 |
Domain | Requested by | |
---|---|---|
31 | assure.ameli.fr |
xplicitcoding.com
|
8 | secure.adnxs.com |
4 redirects
3954462.fls.doubleclick.net
|
6 | xplicitcoding.com |
xplicitcoding.com
|
4 | ib.adnxs.com | 4 redirects |
4 | 3954462.fls.doubleclick.net |
2 redirects
xplicitcoding.com
|
2 | ad.doubleclick.net |
3954462.fls.doubleclick.net
|
2 | adservice.google.com |
3954462.fls.doubleclick.net
|
2 | logs1242.xiti.com |
1 redirects
xplicitcoding.com
|
1 | www.dhl.com |
xplicitcoding.com
|
1 | www.logistics.dhl | 1 redirects |
0 | as.ebz.io Failed |
3954462.fls.doubleclick.net
|
51 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
windows.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
xplicitcoding.com Cloudflare Inc ECC CA-3 |
2024-02-10 - 2024-12-31 |
a year | crt.sh |
assure.ameli.fr Certigna Services CA |
2023-12-17 - 2024-12-16 |
a year | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://xplicitcoding.com/wp-content/uploads/cms/Actions/ifram1.html
Frame ID: CF6459D11F0B39DEABFB72C25C8CE561
Requests: 39 HTTP requests in this frame
Frame:
https://3954462.fls.doubleclick.net/activityi;dc_pre=CO24xfTr4IQDFc5cHgIdkKwI_A;src=3954462;type=amlim657;cat=homep953;ord=1;num=4106214895252.7397
Frame ID: 6CA01DFB4642A751009DB41EDFE9AA6B
Requests: 6 HTTP requests in this frame
Frame:
https://3954462.fls.doubleclick.net/activityi;dc_pre=CIa2xfTr4IQDFZlTHgIdhU8C7g;src=3954462;type=amlim657;cat=homep953;ord=1;num=5212922747223.434
Frame ID: A9C5E56EB40C4A7EAC6258C0B661102F
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
Confirmation Code - DHL ExpressDetected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
AT Internet XiTi (Analytics) Expand
Detected patterns
- xiti\.com/hit\.xiti
AppNexus (Advertising Networks) Expand
Detected patterns
- adnxs\.(?:net|com)
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: http://windows.microsoft.com/fr-fr/internet-explorer/download-ie
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 34- https://www.logistics.dhl/content/dam/dhl/global/core/images/logos/dhl-logo.svg HTTP 301
- https://www.dhl.com/content/dam/dhl/global/core/images/logos/dhl-logo.svg
- https://3954462.fls.doubleclick.net/activityi;src=3954462;type=amlim657;cat=homep953;ord=1;num=4106214895252.7397 HTTP 302
- https://3954462.fls.doubleclick.net/activityi;dc_pre=CO24xfTr4IQDFc5cHgIdkKwI_A;src=3954462;type=amlim657;cat=homep953;ord=1;num=4106214895252.7397
- https://3954462.fls.doubleclick.net/activityi;src=3954462;type=amlim657;cat=homep953;ord=1;num=5212922747223.434 HTTP 302
- https://3954462.fls.doubleclick.net/activityi;dc_pre=CIa2xfTr4IQDFZlTHgIdhU8C7g;src=3954462;type=amlim657;cat=homep953;ord=1;num=5212922747223.434
- https://logs1242.xiti.com/hit.xiti?s=508474&s2=&p=&hl=0x59x8&vrn=1&ac=&an=&lng=en-US&vtag=42008&idp=0059084581689&jv=0&r=1600x1200x24x24&re=1600x1200&ref= HTTP 302
- https://logs1242.xiti.com/hit.xiti?s=508474&s2=&p=&hl=0x59x8&vrn=1&ac=&an=&lng=en-US&vtag=42008&idp=0059084581689&jv=0&r=1600x1200x24x24&re=1600x1200&ref=&Rdt=On
- https://ib.adnxs.com/px?id=595458&t=2 HTTP 307
- https://ib.adnxs.com/bounce?%2Fpx%3Fid%3D595458%26t%3D2 HTTP 302
- https://secure.adnxs.com/seg?add=4500562&t=2
- https://secure.adnxs.com/px?id=591292&t=2 HTTP 307
- https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D591292%26t%3D2 HTTP 302
- https://secure.adnxs.com/seg?add=4500562&t=2
- https://ib.adnxs.com/px?id=595458&t=2 HTTP 307
- https://ib.adnxs.com/bounce?%2Fpx%3Fid%3D595458%26t%3D2 HTTP 302
- https://secure.adnxs.com/seg?add=4500562&t=2
- https://secure.adnxs.com/px?id=591292&t=2 HTTP 307
- https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D591292%26t%3D2 HTTP 302
- https://secure.adnxs.com/seg?add=4500562&t=2
51 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
ifram1.html
xplicitcoding.com/wp-content/uploads/cms/Actions/ |
15 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layout.css
assure.ameli.fr/PortailAS/framework/skeletons/assure/css/ |
1 KB 967 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
buttons.js
assure.ameli.fr/PortailAS/framework/skeletons/bighorn/js/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
util.js
assure.ameli.fr/PortailAS/framework/skeletons/bighorn/js/ |
1 KB 969 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
biblicnam-structure-sans.min.css
assure.ameli.fr/PortailAS/biblicnam/css/ |
83 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reset.css
assure.ameli.fr/PortailAS/framework/skins/assure/css/ |
269 B 584 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.css
assure.ameli.fr/PortailAS/framework/skins/assure/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
liens.css
assure.ameli.fr/PortailAS/framework/skins/assure/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
forms.css
assure.ameli.fr/PortailAS/framework/skins/assure/css/ |
7 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boutons.css
xplicitcoding.com/wp-content/uploads/cms/lib/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
general.css
xplicitcoding.com/wp-content/uploads/cms/lib/css/ |
28 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nav.css
assure.ameli.fr/PortailAS/framework/skins/assure/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
colors.css
assure.ameli.fr/PortailAS/framework/skins/assure/css/ |
2 KB 1015 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.css
xplicitcoding.com/wp-content/uploads/cms/lib/css/ |
147 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
biblicnam-standalone.min.js
assure.ameli.fr/PortailAS/biblicnam/js/ |
641 KB 242 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fenetre.js
assure.ameli.fr/PortailAS/framework/skins/assure/js/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
afficheElement.js
assure.ameli.fr/PortailAS/framework/skins/assure/js/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenPopup.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
651 B 648 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
validation.js
assure.ameli.fr/PortailAS/framework/skins/assure/js/ |
34 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
calendar.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
28 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
calendar-setup.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
calendar-fr.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AideSaisie.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
refonte_biblicnam.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
11 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
questionnaireSatisfaction.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blocs.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
invalidite.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
14 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
paiement.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
21 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
informationsPerso.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
questionnaireNotationEtoile.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dmp.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
1 KB 970 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
window.css
assure.ameli.fr/PortailAS/framework/skins/bighorn/borderless/css/ |
388 B 703 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cco.svg.png
xplicitcoding.com/wp-content/uploads/cms/lib/img/ |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
placeholders.polyfill.min.js
assure.ameli.fr/PortailAS/biblicnam/js/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xtcore.js
assure.ameli.fr/PortailAS/js/fr/cnamts/as/ |
19 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dhl-logo.svg
www.dhl.com/content/dam/dhl/global/core/images/logos/ Redirect Chain
|
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
croix_fermeture.gif
assure.ameli.fr/PortailAS/ShowProperty/WLP%20Repository/images/ |
197 B 513 B |
Image
image/x-png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CO24xfTr4IQDFc5cHgIdkKwI_A;src=3954462;type=amlim657;cat=homep953;ord=1;num=4106214895252.7397
3954462.fls.doubleclick.net/ Frame 6CA0 Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CIa2xfTr4IQDFZlTHgIdhU8C7g;src=3954462;type=amlim657;cat=homep953;ord=1;num=5212922747223.434
3954462.fls.doubleclick.net/ Frame A9C5 Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hit.xiti
logs1242.xiti.com/ Redirect Chain
|
35 B 305 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
picto-fleche-action.png
xplicitcoding.com/wp-content/uploads/cms/lib/images/refonte/accueil/ |
548 B 548 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
seg
secure.adnxs.com/ Frame 6CA0 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
seg
secure.adnxs.com/ Frame 6CA0 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CO24xfTr4IQDFc5cHgIdkKwI_A;src=3954462;type=amlim657;cat=homep953;ord=1;num=4106214895252.7397
adservice.google.com/ddm/fls/z/ Frame 6CA0 |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDM5NTQ0NjIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3hwbGljaXRjb2RpbmcuY29tIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogQ09OVkVSU0lPTgpkZWJ1...
ad.doubleclick.net/ddm/activity/ Frame 6CA0 |
0 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
seg
secure.adnxs.com/ Frame A9C5 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
seg
secure.adnxs.com/ Frame A9C5 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CIa2xfTr4IQDFZlTHgIdhU8C7g;src=3954462;type=amlim657;cat=homep953;ord=1;num=5212922747223.434
adservice.google.com/ddm/fls/z/ Frame A9C5 |
42 B 401 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDM5NTQ0NjIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3hwbGljaXRjb2RpbmcuY29tIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogQ09OVkVSU0lPTgpkZWJ1...
ad.doubleclick.net/ddm/activity/ Frame A9C5 |
0 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
client-tracking.js
as.ebz.io/ebzFormats/assets/js/ Frame 6CA0 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
client-tracking.js
as.ebz.io/ebzFormats/assets/js/ Frame A9C5 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- as.ebz.io
- URL
- https://as.ebz.io/ebzFormats/assets/js/client-tracking.js
- Domain
- as.ebz.io
- URL
- https://as.ebz.io/ebzFormats/assets/js/client-tracking.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)358 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| wlp_bighorn_float_handler function| wlp_bighorn_delete_handler function| wlp_bighorn_attachEventHandler function| wlp_bighorn_addClassName function| wlp_bighorn_removeClassName boolean| IsIE undefined| fond undefined| fenetre undefined| fondFrame undefined| timer function| getStyleProperty function| isIE function| afficher_fenetre function| fermer_fenetre function| afficher_fenetre_body function| affiche_fenetre function| afficher_loader function| fermer_loader function| afficheElt function| afficheElt2CheckBox function| afficheEltCheckBoxAleatoires function| afficherAvertissement function| openPopup function| openPopupFullScreen function| openFormPopup function| openPopupContenu function| validateFloatRange function| validateByte function| validateMaxLength function| validateRequired function| trim function| validateInteger function| isAllDigits function| validateCreditCard function| luhnCheck function| isLuhnNum function| validateDate function| isValidDate function| validateIntRange function| validateShort function| validateFloat function| validateEmail function| checkEmail function| validateMask function| matchPattern function| validateMinLength function| Calendar object| calendar function| removeDefaultValue function| addDefaultValue function| changeTextInputColor function| setAutoCompleteOff function| Autotab function| moveCursorToFirstEmptyCase function| splitNir function| setMaxLength function| countChar function| mb_strlen function| desactiveBoutonsTmp function| initCalendarWithNir function| formatterNIRWithEspace function| formatterJJMMAAAA function| bindClientValidations function| formatterVersionPortail function| pasteReference function| controleSaisieMessage function| GetIEVersion function| GetIsInternetExplorer function| isMobile function| changerStyleErreur function| ajaxCallRemoteMesureSatiAction function| processStateChange function| testEtAffecteAttributsRequete function| remercier function| choisirCauseInsatisfaction function| afficherPrecisions function| afficherMerci function| viderQuestionnaire function| initialiserQuestionnaireSatisfaction function| affecterValeurDiv function| show_hide function| change_onglet function| js_active function| show_hide_link function| show_hide_bloc function| changerImage function| masquerBlocDetailsInfosPerso function| ajouterSejourHopital function| supprimerSejourHopital function| masquerDetailsASI function| masquerDetailsActivite function| masquerDetailsPrestations function| gererBlocSejour function| ajoutRevenu function| suppressionRevenu function| gererBlocSejourHopital function| initBoutonsGestionListeSejoursHopital function| gererBlocSimple function| resetPrestation function| resetInfosASI function| resetInfosMTP function| resetSituationFamiliale function| resetActiviteProfessionnelle function| ajoutActivite function| activerBouton function| desactiverBouton function| retirerErreurChampRevenu function| resetErreurRevenu function| resetErreurRevenuById function| resetElement function| plierRecapitulatif function| verifierDateDebutRevenu function| verifierDateFinRevenu function| champDateNonVide function| retirerStyleErreurLigneRevenu function| ajaxCallRemoteRecherchePaiement function| keyDownRecherchePaiement function| showLoadingPaiement function| validerCriteres function| actualiserAffichagePaiementsNonTransmis function| getDate function| getDateMoinsNMois function| reinitialiserCritereDeRecherche function| majPaiements function| afficherListePaiements function| afficherTextePlusSixMois function| addPaiementsComplementaires function| ajouterListePaiements function| ajoutEventListenerTelecharger function| resetTableauPaiement function| ajaxCallRemoteChargerDetailPaiement function| keyDownChargerDetailPaiement function| loading function| majDetails function| afficherDetailPaiement function| constructionFooter function| showDetails function| closeDetails function| displayDetail function| hideDetail function| cocherDecocherRS function| stopPropagation function| getElementsByClassName function| cacherAutreDetails function| afficheBulle function| miseAJourFiltre function| miseAJourBouttonAfficherPlus function| remplacerDisplayElement function| redirectionPaiementNonTransmis function| afficherNotificationPaiementNonTransmis function| peutTelechargerPDFNonTransmis function| telechargerPDFNonTransmis function| majPdfPaiementNonTransmis function| afficherPDF function| affichageErreurBandeau function| affichageEnleverBandeau function| ajaxCallAfficherPlusReleves function| afficherRelevesMensuels function| addClassBgdWhite function| addClassBgdGris function| showDiv function| openNewWindow function| linkToCeam object| notation function| ajaxCallRemoteNotationAction function| traiterRetourEB function| testEtAffecteAttributsRequeteNotation function| remercierNotation function| afficherMerciNotation function| afficherMerciNotationErreur function| initialiserPresisionsInsatisfaction function| viderQuestionnaireNotation function| initialiserQuestionnaireNotation function| ouvrireQuestionnaire function| CSSsatisfaction function| CssAideNombreEtoile function| liOverOut function| notationAssure function| toutDeselectionner function| gestionActivationValider function| ajaxCallRemoteValiderConsentement function| afficherConfirmation function| afficherMessage object| Placeholders string| axel number| a object| xtnv string| xtsd string| xtsite string| xtn2 string| xtpage string| xtdi string| xt_multc string| xt_an string| xt_ac string| xtparam string| xt1 boolean| xtfirst string| xtcode string| xt46 string| xt50 string| xt48 boolean| xt54 boolean| xt58 boolean| xtdocl string| xtud string| xt2 number| xt3 string| xtkwv string| xtkwp object| xtadch object| xt4 object| xtoid boolean| xtnop boolean| xtkey object| xt49 number| xt5 object| xw object| xd object| xtg string| xtv object| xt6 string| xt7 number| xt36 string| xt37 undefined| xturl string| xt38 string| xt8 string| xt9 string| xt8b string| xtp object| xt10 boolean| xt11 string| xt12 string| xt13 string| xtm number| xtclzone string| xt15 string| xt17 string| xt44 string| xt47 string| xt18 string| xtmc string| xtcr string| xtac string| xtat string| xtan string| xtnp string| xt19 string| xt20 object| xts object| xt21 number| xt22 function| xtserial function| xtclURL function| xtf1 function| xt_addchain function| wck function| xtf3 function| xt_med undefined| xt40 undefined| xtane undefined| xt41 undefined| xtdrc function| xt_ad function| xt_adc function| xt_click function| xt_form function| xt_rm function| xtf4 function| f_nb string| xtidpg number| xt23 string| xt16 number| xt43 function| xt_addProduct function| xt_rd function| xt_addProduct_v2 function| xt_addProduct_load function| xt_ParseUrl function| xt_ParseUrl3 function| xtestr function| xtLhit undefined| xtvid undefined| xtexp string| xtpm string| xtpmd string| xtpmc string| xtpan string| xtpat string| xtpant object| xt24 object| xtdtgo object| xt25 object| xt26 object| xt55 string| xt27 object| xt56 string| xt28 object| cookie_xtpmc object| cookie_xtgo object| cookie_xtord object| cookie_xtvrn string| xtocl object| xtord string| xtgord string| xtvrn number| xtgmt string| xtgo string| xtpgt object| xto object| xtock string| xtdrm object| xtanc object| xtattc object| xtanct object| xtxp object| xt29 object| xt30 number| xt31 number| xt57 string| xtan2 string| xtat2 string| xt32 string| xt35 object| xtor object| xtor_duree object| xtdate2 number| xt34 number| xtecart string| xt33 string| Xt_r string| xtnav boolean| xtIE number| xtvers boolean| xtnet boolean| xtmac boolean| xtOP string| xtconn string| xthome string| xtresr string| xtlang string| xthl string| xt45 string| Xt_param object| xtvalCZ undefined| xtdateo string| Xt_id object| xtide undefined| xtmpide undefined| xtide_t undefined| xtide_c string| Xt_i string| xtati boolean| xtpre boolean| xtone9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.xplicitcoding.com/ | Name: __cf_bm Value: tVVA.fX3FDXftW6vs.26mnIA.o0OLoIlUssneL0WVWE-1709769547-1.0.1.1-k0bxSx3iz_1Bx36rqADLC8rwembKPvGkdKnKAHjNVCxsq593azM7P2nTkqOqPHa6PPRKEjVI9J.u_5j_O3DHZQ |
|
.xiti.com/ | Name: atid Value: A3C75459-9C9A-4F75-B460-07E07EFA2D6D |
|
.doubleclick.net/ | Name: receive-cookie-deprecation Value: 1 |
|
.adnxs.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4/8CxrEQF']wIg2C%3uZb6=!@wnf-Te9(>wL5L!!'@.$`VO5 |
|
.adnxs.com/ | Name: XANDR_PANID Value: cnowmsgVmUmUCYMcXuQzjo3w4x3y9X8dYSXqrPT_YiKplztMM80FIoOIGI0zv1H-_JxZJCJY89_G-iWQ4DW9QnP7yhazuNp2AGfGX3gA4cY. |
|
.adnxs.com/ | Name: uuid2 Value: 843372957704310024 |
|
.doubleclick.net/ | Name: ar_debug Value: 1 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUlMdRfO9WmGM65RqdvaM0B7JZpPOtcoFSH97GbtyrForpC5PcztmUx-F9JK |
49 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
3954462.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
as.ebz.io
assure.ameli.fr
ib.adnxs.com
logs1242.xiti.com
secure.adnxs.com
www.dhl.com
www.logistics.dhl
xplicitcoding.com
as.ebz.io
141.193.213.11
142.250.184.230
18.173.191.55
216.58.212.166
2a00:1450:4001:831::2002
2a02:26f0:480:59b::4b3f
2a02:26f0:480:d::210:f144
37.252.171.149
37.252.171.52
93.174.145.36
16387debec5a5ec6456763fa67426cf3d8cbfb5123e993fc15cd5e15b55587fb
17f196c8885ad7c64020ab029a3e8490725f3664f28e5bb1231064125478a137
194d17c57f959ba3b454690defb6db665176d81252e98d56c0162fba0f845e7d
2046f4e13a85b09ee61731a116ce16605db23ef6ce484b3f302091af0feb4ac0
212ec7e08f76c027a6f4809f88d7fe8a3ed6aab91aca0710fee6c03841b9f232
25bee4f787828df6d31d3064ff3704dc8b6c81ac9e67de78d32c4222368249d5
25fb577661b3717f6181d0e58f884c26cd7ef1bbf89ab45512338b5b47328169
28a54b29be0ca3c478245975a6a4951eefb0941108f9185b559a7c5904b93131
2c30f54bf4045205d109fbdee14cbcb51232feb06fb8ec3368738099c5d5d85b
2fdf5968cae2494ea3eafcecdc3e2edeb3c05ae7e192c8b2af90ba71c70e515a
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
39d59dc30b3239f5161f3dffd49f3aa522ced960a87d1c1f45eea5fe7fac95ad
3c99cc0d772fdb4856d7553472a5a7de4c92a5faa2395e1e524a6f886379bd60
3e417f107e9cc1820ad9f7a9123f2eb415b7f6e2757909e385e95a097b5d1f03
4790c7f52107f8b7a4739ecc4a580fd8b3b22c7a1be66eb43ef0574255290935
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
53bb7fbf0894f5707048481e9af7266e7903986b52b45c180aa821caec79d565
5cbc4c430f89bf5311551da045740e67d52794d38d126d43936731fc5f0177cf
5dcb5a8dd700fcc21426c16999aae605b6e03ef1f6e203d774cdd857df9a5467
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fee06fea34747d966c6ba7f5186e4476b8ed87e27691b2c3d044695fe21b643
7486e3a3e3f9c50e8c2aa7674ba2b598bcd61a525671cbc7c719deefae140dc2
7d1525e0cbc4782905c1a76540775bf3081697651f19e3c1f854fad0bd3444b0
7fcb7bae9bb48c24ae3031c785d1738f6cc0ccd486d4c0b81b7ce3c73686dc35
82da1b846045e58f549e533545c787e77f368f5ceba5b55d775d2b3297a01f1c
939e75bd627bc1b5e5f724139403635cba7ffa8f12d2d3e21b3aa694839d0fa7
9543f8e063b2190a90f1f94eef63f8555fb49f67f3c56516115802dc0585855c
9aeeacfebf52db38e7ef484f6c632ba93bee2218bcff0d5a567127ff1cafa91e
9f4a407864b9d09ee617a7c0dcac953e37b088691b7ea32ad0efab0d157ee694
acfff30ad6a7367b42002b91387ea5732a4627b780e481785bced9adc8d43a04
c05d09ac380252930ba6ab276a7bf1f76ec6079602472d1139fb8f2dfc2eed37
c09ee597e3c996cc9678ed04d3777252266e17bca338ffdddec1c19944a5f7bb
c25927b32982709322d92d6ebc26f8deda1fc9a863ee7ac9037a4c283a04d84b
ce6001d0b09337c45954eb5bb13393952472e31a6de4a4bba732b08dee3f2595
d1802abd0cfdb2b9d16c1dac889eabbf94a8c4b33041dc562ec926207ea4b44b
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d98d34f2e4b39db1a3702a53924a4c7ea8a5965fbd419f5fc84dec6c38a2af0b
da617da72cb2b5639dcd868f9b5748187fe2022c9fac82d4af92ce2f415d6154
dc6be9e27395e42da2db1e9c82486261e507f73c4f4ee63f1e92585f26e9d2f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f63c75d6aeb50f04798a84f0001a311375d1f6d38bee84111383c80a0e5cb171
f81c94f283660d33cc26b9a15792d58cb9fdff7492df4e5dbbe96fa246c3548e
fe0e5d03d5c401e19596f33aac27782bb91f9f3d020802de75d2d2a72c256225