www.deliveryexpress-parcel.com Open in urlscan Pro
213.226.123.65 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.deliveryexpress-parcel.com/
Effective URL:
https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4
Submission: On May 25 via automatic, source certstream-suspicious (May 25th 2023, 4:37:43 pm UTC) — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 20 HTTP transactions. The main IP is 213.226.123.65, located in St Petersburg, Russian Federation and belongs to ITRESHENIYA-AS, RU. The main domain is www.deliveryexpress-parcel.com.
TLS certificate: Issued by R3 on May 25th 2023. Valid for: 3 months.

This is the only time www.deliveryexpress-parcel.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
2 12	213.226.123.65 213.226.123.65		49943 (ITRESHENI...) (ITRESHENIYA-AS)
20	2

12 213.226.123.65 (St Petersburg, Russian Federation) 2 redirects

ASN49943 (ITRESHENIYA-AS, RU)

www.deliveryexpress-parcel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	deliveryexpress-parcel.com 2 redirects www.deliveryexpress-parcel.com	436 KB
0	Failed function sub() { [native code] }. Failed
20	2

	Domain	Requested by
12	www.deliveryexpress-parcel.com	2 redirects www.deliveryexpress-parcel.com
0	scrapbook Failed	www.deliveryexpress-parcel.com
0	eofcbnmajmjmplflapaojjnihcjkigck Failed	www.deliveryexpress-parcel.com
20	3

This site contains no links.

Subject Issuer	Validity	Valid
deliveryexpress-parcel.com R3	`2023-05-25` - `2023-08-23`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4
Frame ID: D7BF31AFABE7D898E6A4BDF5C0EB7B3A
Requests: 18 HTTP requests in this frame

Frame: https://www.deliveryexpress-parcel.com/index_2.html
Frame ID: BF97C93CD3295630848BF93B1AD1B71A
Requests: 1 HTTP requests in this frame

Frame: https://www.deliveryexpress-parcel.com/index_1.html
Frame ID: 57F15E73C1483FB441066D90D6D7C66A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DHL

Page URL History Show full URLs

https://www.deliveryexpress-parcel.com/ HTTP 302
https://www.deliveryexpress-parcel.com/dhl.php HTTP 302
https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

20
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

436 kB
Transfer

986 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.deliveryexpress-parcel.com/ HTTP 302
https://www.deliveryexpress-parcel.com/dhl.php HTTP 302
https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request dhl.php Show response www.deliveryexpress-parcel.com/ Redirect Chain https://www.deliveryexpress-parcel.com/ https://www.deliveryexpress-parcel.com/dhl.php https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4	186 KB 38 KB	618ms 618ms	Document text/html	213.226.123.65 ITRESHENIYA-AS
General Check archive.org Show headers Download Go to Full URL https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.226.123.65 St Petersburg, Russian Federation, ASN49943 (ITRESHENIYA-AS, RU), Reverse DNS Software nginx / PHP/8.0.28 PleskLin Resource Hash `e666a99faaa3e45b319f3d3be65efa211de3e9b7edee8e9b3b12035bf96c5fd2` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding br content-type text/html; charset=UTF-8 date Thu, 25 May 2023 16:37:37 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx x-powered-by PHP/8.0.28 PleskLin Redirect headers cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 date Thu, 25 May 2023 16:37:37 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 pragma no-cache server nginx x-powered-by PHP/8.0.28 PleskLin
GET H2	200	app.css www.deliveryexpress-parcel.com/	428 KB 48 KB	60ms 59ms	Stylesheet text/css	213.226.123.65 ITRESHENIYA-AS
General Check archive.org Show headers Download Go to Full URL https://www.deliveryexpress-parcel.com/app.css Requested by Host: www.deliveryexpress-parcel.com URL: https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.226.123.65 St Petersburg, Russian Federation, ASN49943 (ITRESHENIYA-AS, RU), Reverse DNS Software nginx / PleskLin Resource Hash `72f138dcdaf6cc3f7a5d91e2e9b7cb43a561a4963397d93bf44a1c51fbf21031` Request headers accept-language de-DE,de;q=0.9 Referer https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 25 May 2023 16:37:37 GMT content-encoding br last-modified Tue, 17 Jan 2023 20:02:26 GMT server nginx etag W/"63c6fed2-6af54" x-powered-by PleskLin content-type text/css
GET H2	200	font-awesome.min.css www.deliveryexpress-parcel.com/	30 KB 7 KB	46ms 46ms	Stylesheet text/css	213.226.123.65 ITRESHENIYA-AS
General Check archive.org Show headers Download Go to Full URL https://www.deliveryexpress-parcel.com/font-awesome.min.css Requested by Host: www.deliveryexpress-parcel.com URL: https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.226.123.65 St Petersburg, Russian Federation, ASN49943 (ITRESHENIYA-AS, RU), Reverse DNS Software nginx / PleskLin Resource Hash `ef0bc747d66e15373ad212493cb6b86daa907b62ea9350f3e1521ec8a613aff8` Request headers accept-language de-DE,de;q=0.9 Referer https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 25 May 2023 16:37:37 GMT content-encoding br last-modified Tue, 17 Jan 2023 20:02:26 GMT server nginx etag W/"63c6fed2-7881" x-powered-by PleskLin content-type text/css
GET		fonts.css eofcbnmajmjmplflapaojjnihcjkigck/common/ui/fonts/	0 0

GET H2	200	logo.png www.deliveryexpress-parcel.com/	2 KB 2 KB	79ms 78ms	Image image/png	213.226.123.65 ITRESHENIYA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.deliveryexpress-parcel.com/logo.png Requested by Host: www.deliveryexpress-parcel.com URL: https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.226.123.65 St Petersburg, Russian Federation, ASN49943 (ITRESHENIYA-AS, RU), Reverse DNS Software nginx / PleskLin Resource Hash `3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756` Request headers accept-language de-DE,de;q=0.9 Referer https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 25 May 2023 16:37:37 GMT last-modified Tue, 17 Jan 2023 20:02:26 GMT server nginx etag "63c6fed2-7ce" x-powered-by PleskLin content-type image/png accept-ranges bytes content-length 1998
GET H2	200	all.png www.deliveryexpress-parcel.com/	12 KB 12 KB	92ms 92ms	Image image/png	213.226.123.65 ITRESHENIYA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.deliveryexpress-parcel.com/all.png Requested by Host: www.deliveryexpress-parcel.com URL: https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.226.123.65 St Petersburg, Russian Federation, ASN49943 (ITRESHENIYA-AS, RU), Reverse DNS Software nginx / PleskLin Resource Hash `c1d5409eecb402a99f10718b06c266ba314d9e25f0b56c6fd063699334b8be6d` Request headers accept-language de-DE,de;q=0.9 Referer https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 25 May 2023 16:37:37 GMT last-modified Tue, 17 Jan 2023 19:57:50 GMT server nginx etag "63c6fdbe-30d3" x-powered-by PleskLin content-type image/png accept-ranges bytes content-length 12499
GET		foo.png scrapbook:download:error:https://dhl-del-ondemand.com/images/	0 0

GET		roboto-latin-400-normal.woff2 scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fontsource/roboto/files/	0 0

GET		roboto-all-400-normal.woff scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fontsource/roboto/files/	0 0

GET H2	200	index_2.html Show response www.deliveryexpress-parcel.com/ Frame BF97	176 B 289 B	44ms 44ms	Document text/html	213.226.123.65 ITRESHENIYA-AS
General Check archive.org Show headers Download Go to Full URL https://www.deliveryexpress-parcel.com/index_2.html Requested by Host: www.deliveryexpress-parcel.com URL: https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.226.123.65 St Petersburg, Russian Federation, ASN49943 (ITRESHENIYA-AS, RU), Reverse DNS Software nginx / PleskLin Resource Hash `9b7e75f538939a8a701287d17a93761402362459d51199ba7f9393524e98ab17` Request headers Referer https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-type text/html date Thu, 25 May 2023 16:37:38 GMT etag W/"b0-5f27b1d4c6b80" last-modified Tue, 17 Jan 2023 19:57:50 GMT server nginx x-accel-version 0.01 x-powered-by PleskLin
GET		webfa-brands-400.woff2 scrapbook:download:error:https://dhl-del-ondemand.com/css/fonts/	0 0

GET H2	200	fontawesome-webfont.woff2 www.deliveryexpress-parcel.com/	75 KB 76 KB	43ms 42ms	Font font/woff2	213.226.123.65 ITRESHENIYA-AS
General Check archive.org Show headers Download Go to Full URL https://www.deliveryexpress-parcel.com/fontawesome-webfont.woff2 Requested by Host: www.deliveryexpress-parcel.com URL: https://www.deliveryexpress-parcel.com/font-awesome.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.226.123.65 St Petersburg, Russian Federation, ASN49943 (ITRESHENIYA-AS, RU), Reverse DNS Software nginx / PleskLin Resource Hash `2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe` Request headers Referer https://www.deliveryexpress-parcel.com/font-awesome.min.css Origin https://www.deliveryexpress-parcel.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 25 May 2023 16:37:38 GMT last-modified Tue, 17 Jan 2023 20:02:26 GMT server nginx etag "63c6fed2-12d68" x-powered-by PleskLin content-type font/woff2 accept-ranges bytes content-length 77160
GET		webfa-solid-900.woff2 scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/	0 0

GET H2	200	index_1.html Show response www.deliveryexpress-parcel.com/ Frame 57F1	97 B 239 B	42ms 42ms	Document text/html	213.226.123.65 ITRESHENIYA-AS
General Check archive.org Show headers Download Go to Full URL https://www.deliveryexpress-parcel.com/index_1.html Requested by Host: www.deliveryexpress-parcel.com URL: https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.226.123.65 St Petersburg, Russian Federation, ASN49943 (ITRESHENIYA-AS, RU), Reverse DNS Software nginx / PleskLin Resource Hash `3de2c358acd98dd93f54af55a7d89ae64cca5757d76fb95ae74db8bd63389bdd` Request headers Referer https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-type text/html date Thu, 25 May 2023 16:37:38 GMT etag W/"61-5f27b1d4c6b80" last-modified Tue, 17 Jan 2023 19:57:50 GMT server nginx x-accel-version 0.01 x-powered-by PleskLin
GET		webfa-brands-400.woff scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/	0 0

GET		webfa-solid-900.woff scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/	0 0

GET		webfa-brands-400.ttf scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/	0 0

GET		webfa-solid-900.ttf scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/	0 0

GET H2	200	free-fa-brands-400.woff2 www.deliveryexpress-parcel.com/	105 KB 105 KB	43ms 42ms	Font font/woff2	213.226.123.65 ITRESHENIYA-AS
General Check archive.org Show headers Download Go to Full URL https://www.deliveryexpress-parcel.com/free-fa-brands-400.woff2 Requested by Host: www.deliveryexpress-parcel.com URL: https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.226.123.65 St Petersburg, Russian Federation, ASN49943 (ITRESHENIYA-AS, RU), Reverse DNS Software nginx / PleskLin Resource Hash `4f04c94b287d7dfdfad36e60915eefbef7127a073546e6c21512b5052c6ac48d` Request headers Referer https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Origin https://www.deliveryexpress-parcel.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 25 May 2023 16:37:38 GMT last-modified Tue, 17 Jan 2023 19:57:50 GMT server nginx etag "63c6fdbe-1a488" x-powered-by PleskLin content-type font/woff2 accept-ranges bytes content-length 107656
GET H2	200	free-fa-solid-900.woff2 www.deliveryexpress-parcel.com/	147 KB 147 KB	59ms 59ms	Font font/woff2	213.226.123.65 ITRESHENIYA-AS
General Check archive.org Show headers Download Go to Full URL https://www.deliveryexpress-parcel.com/free-fa-solid-900.woff2 Requested by Host: www.deliveryexpress-parcel.com URL: https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.226.123.65 St Petersburg, Russian Federation, ASN49943 (ITRESHENIYA-AS, RU), Reverse DNS Software nginx / PleskLin Resource Hash `1494e2691e1c13a3f35cbc3e1b56c5187c10ffe220d1fdc58d99494a666244d4` Request headers Referer https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Origin https://www.deliveryexpress-parcel.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 25 May 2023 16:37:38 GMT last-modified Tue, 17 Jan 2023 19:57:50 GMT server nginx etag "63c6fdbe-24be4" x-powered-by PleskLin content-type font/woff2 accept-ranges bytes content-length 150500

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: eofcbnmajmjmplflapaojjnihcjkigck
URL: chrome-extension://eofcbnmajmjmplflapaojjnihcjkigck/common/ui/fonts/fonts.css

Domain: scrapbook
URL: urn:scrapbook:download:error:https://dhl-del-ondemand.com/images/foo.png

Domain: scrapbook
URL: urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b

Domain: scrapbook
URL: urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c

Domain: scrapbook
URL: urn:scrapbook:download:error:https://dhl-del-ondemand.com/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c

Domain: scrapbook
URL: urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80

Domain: scrapbook
URL: urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775

Domain: scrapbook
URL: urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2

Domain: scrapbook
URL: urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603

Domain: scrapbook
URL: urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.deliveryexpress-parcel.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: h2rlmrba03suhhi9k11m5npo6s

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-extension://eofcbnmajmjmplflapaojjnihcjkigck/common/ui/fonts/fonts.css Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: urn:scrapbook:download:error:https://dhl-del-ondemand.com/images/foo.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
javascript	error	URL: https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4(Line 130) Message: Access to font at 'urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b' from origin 'https://www.deliveryexpress-parcel.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4(Line 392) Message: Access to font at 'urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c' from origin 'https://www.deliveryexpress-parcel.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4(Line 393) Message: Access to font at 'urn:scrapbook:download:error:https://dhl-del-ondemand.com/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c' from origin 'https://www.deliveryexpress-parcel.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: urn:scrapbook:download:error:https://dhl-del-ondemand.com/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4(Line 393) Message: Access to font at 'urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80' from origin 'https://www.deliveryexpress-parcel.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Message: Access to font at 'urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775' from origin 'https://www.deliveryexpress-parcel.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Message: Access to font at 'urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2' from origin 'https://www.deliveryexpress-parcel.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Message: Access to font at 'urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603' from origin 'https://www.deliveryexpress-parcel.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.deliveryexpress-parcel.com/dhl.php?UID=646f8ed1401df646f8ed1401e2646f8ed1401e3646f8ed1401e4 Message: Access to font at 'urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f' from origin 'https://www.deliveryexpress-parcel.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: urn:scrapbook:download:error:https://dhl-del-ondemand.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eofcbnmajmjmplflapaojjnihcjkigck
scrapbook
www.deliveryexpress-parcel.com
eofcbnmajmjmplflapaojjnihcjkigck
scrapbook
213.226.123.65
1494e2691e1c13a3f35cbc3e1b56c5187c10ffe220d1fdc58d99494a666244d4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3de2c358acd98dd93f54af55a7d89ae64cca5757d76fb95ae74db8bd63389bdd
3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756
4f04c94b287d7dfdfad36e60915eefbef7127a073546e6c21512b5052c6ac48d
72f138dcdaf6cc3f7a5d91e2e9b7cb43a561a4963397d93bf44a1c51fbf21031
9b7e75f538939a8a701287d17a93761402362459d51199ba7f9393524e98ab17
c1d5409eecb402a99f10718b06c266ba314d9e25f0b56c6fd063699334b8be6d
e666a99faaa3e45b319f3d3be65efa211de3e9b7edee8e9b3b12035bf96c5fd2
ef0bc747d66e15373ad212493cb6b86daa907b62ea9350f3e1521ec8a613aff8

www.deliveryexpress-parcel.com Open in urlscan Pro 213.226.123.65 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

50 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

436 kBTransfer

986 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

1 Cookies

18 Console Messages

Indicators

www.deliveryexpress-parcel.com Open in urlscan Pro
213.226.123.65 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

436 kB
Transfer

986 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!