ScanMalware.com

Security Scan Report: ship.dhlecommerce.co.uk

Redirected to: https://loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6Ijg4YTkwM2E4LWM0ZGYtNGM2Yi1iYjk1LTBkODViNDUwYWEzYyIsInRzIjoxNzY3MDYzOTkwLCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=726deb0e-b9ad-441a-b2f4-7fd06ef2e7db&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=a9a5f3de-95df-4959-99fb-a34a9dab2d91&response_mode=fragment

Submitted: Dec 30, 2025, 3:06:26 AMCompleted: Dec 30, 2025, 3:07:34 AMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 38 HTTP transactions. The main domain is loginb2cdhlparceluk.b2clogin.com and was registered NaN years ago.

Submitted URL: https://ship.dhlecommerce.co.uk

Effective URL: https://loginb2cdhlparceluk.b2clogin.com/loginb2cdhlparceluk.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?response_type=id_token&scope=https%3A%2F%2Floginb2cdhlparceluk.onmicrosoft.com%2F34a5f6a1-c056-4937-82b5-8d74f83601b2%2Fuser_impersonation%20openid%20profile&client_id=34a5f6a1-c056-4937-82b5-8d74f83601b2&redirect_uri=https%3A%2F%2Fship.dhlecommerce.co.uk&state=eyJpZCI6Ijg4YTkwM2E4LWM0ZGYtNGM2Yi1iYjk1LTBkODViNDUwYWEzYyIsInRzIjoxNzY3MDYzOTkwLCJtZXRob2QiOiJyZWRpcmVjdEludGVyYWN0aW9uIn0%3D&nonce=726deb0e-b9ad-441a-b2f4-7fd06ef2e7db&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.4.9&client-request-id=a9a5f3de-95df-4959-99fb-a34a9dab2d91&response_mode=fragmentRedirected

The Cisco Umbrella rank of the primary domain is #258,970 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 88%

8
Risk Score

Page likely a phishing login attempting to harvest DHL credentials.

Risk Factors
Hidden password field (potential credential harvesting)
Brand impersonation: page claims DHL but final URL is unrelated B2C domain
Low ranking for brand claim (Cisco Umbrella rank > 100k)
Password form on a non‑official brand domain
Domain age information unavailable

Details

Page Title

DHL

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

e-commerce shopping

(67%)

Domain Information

Domain 'ship.dhlecommerce.co.uk' uses the United Kingdom country-code top-level domain (.co.uk); it also runs on subdomain 'ship'. Its registrable label 'dhlecommerce' stretches across 12 characters holding four vowels versus eight consonants. Word splitting yields 3 words: dhl, e, commerce. Median word length is three characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://ship.dhlecommerce.co.uk

Page Load Overview

2.17s
Total Load Time
18
HTTP Requests
3
Domains
197 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:672 chars
Detector Agreement:100%

Website Classification

Primary Category

e-commerce shopping67% confidence
Type: webapp
Method: ml+structural+ocr_tiebreaker

All Detected Categories

e-commerce shopping
67%
corporate business
48%
government public service
43%
documentation technical
32%
adult content
29%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
3104.18.86.42United States
AS13335CLOUDFLARENET
3104.18.87.42United States
AS13335CLOUDFLARENET
313.107.213.44United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
320.190.160.5NetherlandsUnknown
320.190.160.17NetherlandsUnknown
313.107.246.44United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
186--

Detected Technologies5

X-UA-Compatible
100%
PasswordField
100%
Azure
50%
HSTS
40%
Azure Front Door
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1F08109C97D44F8AD431218E9543FF02DE068AD2A5939EC90A3EDD4F99D70E8C8C06EB4

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

48:C28wtZEpXdyTaOUC7RNBa8T66GHBYPmHYbqntGvVpeuwTLHii3Ik4X6o30ITPO:CGmJ9OUC7RNBa8m6GHeu4gozeX94X68G

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:3852:SQQARHAEAg0AMgQAEAQKwEWEACGQgCAAKgIBAgwCIEACAAQAjA4MQAFAAAIQASgCAAAIQhCALYAIBMigAgQaAEQIACAIMICB

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0000000000000000
Perceptual Hash:d500550055005500
Difference Hash:0000000000000000
Wavelet Hash:0e0e0e0e0e0e0e0e
Color Hash:#33862d

Other Hashes

Crop Resistant:0000000000000000

Scan History

Scan history not available

Unable to load historical scan data