urlscan.io logo urlscan.io
SecurityTrails logo

econnect.dhlparcel.eu Open in urlscan Pro
2606:4700::6812:1088  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.zwroty.pinkorblue.pl/
Effective URL: https://econnect.dhlparcel.eu/return-portal/94f9e76f-4be8-4900-8b87-bf8ced76ae42
Submission: On June 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 24 HTTP transactions. The main IP is 2606:4700::6812:1088, located in United States and belongs to CLOUDFLARENET, US. The main domain is econnect.dhlparcel.eu.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 27th 2021. Valid for: a year.
This is the only time econnect.dhlparcel.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.56.131.114 25291 (SYSELEVEN...)
8 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 35.188.42.15 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
24 7
1    185.56.131.114 (Germany)

ASN25291 (SYSELEVEN SysEleven GmbH, DE)
www.zwroty.pinkorblue.pl
8    2606:4700::6812:1088 (United States)

ASN13335 (CLOUDFLARENET, US)
econnect.dhlparcel.eu
3    2606:4700::6813:fb1a (United States)

ASN13335 (CLOUDFLARENET, US)
static.dhlparcel.nl
2    35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com
sentry.io
4    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 dhlparcel.eu
econnect.dhlparcel.eu
533 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
937 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 4
25 KB
3 dhlparcel.nl
static.dhlparcel.nl — Cisco Umbrella Rank: 136012
83 KB
2 sentry.io
sentry.io — Cisco Umbrella Rank: 356
754 B
1 pinkorblue.pl
www.zwroty.pinkorblue.pl
174 B
24 6
Domain Requested by
8 econnect.dhlparcel.eu econnect.dhlparcel.eu
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com econnect.dhlparcel.eu
www.google.com
www.gstatic.com
3 static.dhlparcel.nl econnect.dhlparcel.eu
static.dhlparcel.nl
2 sentry.io econnect.dhlparcel.eu
1 fonts.gstatic.com www.google.com
1 www.zwroty.pinkorblue.pl 1 redirects
24 7

This site contains links to these domains. Also see Links.

Domain
www.dhl.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-12-27 -
2022-12-26		 a year crt.sh
dhlparcel.nl
Cloudflare Inc ECC CA-3		 2022-05-17 -
2023-05-17		 a year crt.sh
sentry.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-03 -
2023-07-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://econnect.dhlparcel.eu/return-portal/94f9e76f-4be8-4900-8b87-bf8ced76ae42
Frame ID: 8F0F94A804F60FD93AF654593A9378CC
Requests: 15 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1BwsUAAAAAJvD7Laxity7K1IyHNMYOCO850zq&co=aHR0cHM6Ly9lY29ubmVjdC5kaGxwYXJjZWwuZXU6NDQz&hl=en&type=image&v=g9jXH0OtfQet-V0Aewq23c7K&theme=light&size=compact&badge=bottomright&cb=t7fjgbwwcpe
Frame ID: C7912143538471A2084D88210EA226D8
Requests: 8 HTTP requests in this frame

Frame: https://sentry.io/api/5227786/security/?sentry_key=ced897bf0a6f41159e7fd59b5d9cce6f
Frame ID: 351CC2700DC82F67ABCFA5921F139DFB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=g9jXH0OtfQet-V0Aewq23c7K&k=6Lc1BwsUAAAAAJvD7Laxity7K1IyHNMYOCO850zq
Frame ID: 3D0E02839B5A6E13EE4C0C0BA89877CF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DHL Return Portal

Page URL History Show full URLs

  1. https://www.zwroty.pinkorblue.pl/ HTTP 301
    https://econnect.dhlparcel.eu/return-portal/94f9e76f-4be8-4900-8b87-bf8ced76ae42 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

24
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1578 kB
Transfer

3144 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.zwroty.pinkorblue.pl/ HTTP 301
    https://econnect.dhlparcel.eu/return-portal/94f9e76f-4be8-4900-8b87-bf8ced76ae42 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 94f9e76f-4be8-4900-8b87-bf8ced76ae42
econnect.dhlparcel.eu/return-portal/
Redirect Chain
  • https://www.zwroty.pinkorblue.pl/
  • https://econnect.dhlparcel.eu/return-portal/94f9e76f-4be8-4900-8b87-bf8ced76ae42
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://econnect.dhlparcel.eu/return-portal/94f9e76f-4be8-4900-8b87-bf8ced76ae42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1088 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f229eda7f7ef815e7494d85a90e8775d4c6112167d1f984c57c6c54050e280cf
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src https://www.google.com/recaptcha/; object-src 'none'; script-src 'nonce-89874859fd5b24623df4534c5a42070705a5074151' 'report-sample' https://www.google.com/recaptcha/; connect-src 'self' https://sentry.io/api/5227786/ https://api-gw.dhlparcel.nl; base-uri 'none'; style-src 'nonce-89874859fd5b24623df4534c5a42070705a5074151' https://static.dhlparcel.nl/fonts/Delivery.css; form-action 'none'; font-src 'self' https://static.dhlparcel.nl; frame-ancestors 'none'; manifest-src 'self'; img-src 'self' data:; report-uri https://sentry.io/api/5227786/security/?sentry_key=ced897bf0a6f41159e7fd59b5d9cce6f
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
71b0fac20e099960-FRA
content-encoding
br
content-security-policy
default-src 'none'; frame-src https://www.google.com/recaptcha/; object-src 'none'; script-src 'nonce-89874859fd5b24623df4534c5a42070705a5074151' 'report-sample' https://www.google.com/recaptcha/; connect-src 'self' https://sentry.io/api/5227786/ https://api-gw.dhlparcel.nl; base-uri 'none'; style-src 'nonce-89874859fd5b24623df4534c5a42070705a5074151' https://static.dhlparcel.nl/fonts/Delivery.css; form-action 'none'; font-src 'self' https://static.dhlparcel.nl; frame-ancestors 'none'; manifest-src 'self'; img-src 'self' data:; report-uri https://sentry.io/api/5227786/security/?sentry_key=ced897bf0a6f41159e7fd59b5d9cce6f
content-type
text/html
date
Tue, 14 Jun 2022 06:23:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'self'; encrypted-media 'none'; fullscreen 'self'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'self'; usb 'none'; vr 'none'
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-frame-options
deny
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block

Redirect headers

content-type
text/html
date
Tue, 14 Jun 2022 06:23:50 GMT
location
https://econnect.dhlparcel.eu/return-portal/94f9e76f-4be8-4900-8b87-bf8ced76ae42
strict-transport-security
max-age=15724800; includeSubDomains
x-frame-options
sameorigin
Delivery.css
static.dhlparcel.nl/fonts/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.dhlparcel.nl/fonts/Delivery.css
Requested by
Host: econnect.dhlparcel.eu
URL: https://econnect.dhlparcel.eu/return-portal/94f9e76f-4be8-4900-8b87-bf8ced76ae42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:fb1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
589dd4829e7ea3ff25302751dac95c83baec9613a6fdced75a508bc8ea653a37
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 06:23:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1323
vary
Accept-Encoding
last-modified
Thu, 12 May 2022 06:59:19 GMT
server
cloudflare
etag
W/"gz[627cb047-15e0]"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=3600
cf-ray
71b0fac368ce690d-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
main.08bf894d.js
econnect.dhlparcel.eu/return-portal/static/js/ 		1 MB
400 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://econnect.dhlparcel.eu/return-portal/static/js/main.08bf894d.js
Requested by
Host: econnect.dhlparcel.eu
URL: https://econnect.dhlparcel.eu/return-portal/94f9e76f-4be8-4900-8b87-bf8ced76ae42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1088 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b894e0990ab3ef968a7d43897e86885989524f81efc68548d7803b4bac456cb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://econnect.dhlparcel.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray
71b0fac328079960-FRA
date
Tue, 14 Jun 2022 06:23:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 12 May 2022 10:42:49 GMT
server
cloudflare
etag
W/"627ce4a9-14cdcf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
/
sentry.io/api/5227786/security/ 		0
377 B 		Other
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/5227786/security/?sentry_key=ced897bf0a6f41159e7fd59b5d9cce6f
Requested by
Host: econnect.dhlparcel.eu
URL: https://econnect.dhlparcel.eu/return-portal/94f9e76f-4be8-4900-8b87-bf8ced76ae42
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Tue, 14 Jun 2022 06:23:50 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
access-control-allow-origin
https://econnect.dhlparcel.eu
access-control-expose-headers
x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
0
en.json
econnect.dhlparcel.eu/return-portal/i18n/ 		12 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://econnect.dhlparcel.eu/return-portal/i18n/en.json
Requested by
Host: econnect.dhlparcel.eu
URL: https://econnect.dhlparcel.eu/return-portal/static/js/main.08bf894d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1088 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
721cba2c4dbf9cab1ff9e66018b3b42455a80a36563450295b61910c2f4abef1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 06:23:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pragma
public
last-modified
Thu, 12 May 2022 10:42:49 GMT
server
cloudflare
etag
W/"627ce4a9-2fe4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/json
cache-control
max-age=60, public
cf-ray
71b0fac52b979960-FRA
expires
Tue, 14 Jun 2022 06:24:50 GMT
94f9e76f-4be8-4900-8b87-bf8ced76ae42
econnect.dhlparcel.eu/api/return-portals/ 		246 KB
126 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://econnect.dhlparcel.eu/api/return-portals/94f9e76f-4be8-4900-8b87-bf8ced76ae42
Requested by
Host: econnect.dhlparcel.eu
URL: https://econnect.dhlparcel.eu/return-portal/static/js/main.08bf894d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1088 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8746c3e767f616e29b0de3e5ce40927fd962be91cacaa258b739decf6c4732d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
X-CSRF-TOKEN
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 06:23:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
x-userid
6afbf050-09ae-4cfa-b510-e680a9571322
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cf-ray
71b0fac5ac6b9960-FRA
expires
0
Delivery_W_Rg.03f859bf58e4d37841070de34be7d978.woff
static.dhlparcel.nl/fonts/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.dhlparcel.nl/fonts/Delivery_W_Rg.03f859bf58e4d37841070de34be7d978.woff
Requested by
Host: static.dhlparcel.nl
URL: https://static.dhlparcel.nl/fonts/Delivery.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:fb1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.dhlparcel.nl/fonts/Delivery.css
Origin
https://econnect.dhlparcel.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 06:23:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1540427
vary
Accept-Encoding
content-length
41084
last-modified
Thu, 12 May 2022 06:59:18 GMT
server
cloudflare
etag
"627cb046-a07c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
GET, OPTIONS
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=1728000
accept-ranges
bytes
cf-ray
71b0fac5df939152-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Delivery_W_Bd.e39bd2e2657ce5dd6f9c33df18529233.woff
static.dhlparcel.nl/fonts/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.dhlparcel.nl/fonts/Delivery_W_Bd.e39bd2e2657ce5dd6f9c33df18529233.woff
Requested by
Host: static.dhlparcel.nl
URL: https://static.dhlparcel.nl/fonts/Delivery.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:fb1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.dhlparcel.nl/fonts/Delivery.css
Origin
https://econnect.dhlparcel.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 06:23:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1540427
vary
Accept-Encoding
content-length
41328
last-modified
Thu, 12 May 2022 06:59:19 GMT
server
cloudflare
etag
"627cb047-a170"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
GET, OPTIONS
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=1728000
accept-ranges
bytes
cf-ray
71b0fac5df949152-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
api.js
www.google.com/recaptcha/ 		909 B
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: econnect.dhlparcel.eu
URL: https://econnect.dhlparcel.eu/return-portal/static/js/main.08bf894d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
937d6825f7bc41049cc9622abc8e0ff07bb762771d872675243df75ae304fe8c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 06:23:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
580
x-xss-protection
1; mode=block
expires
Tue, 14 Jun 2022 06:23:50 GMT
AT
econnect.dhlparcel.eu/address-format-api/address-formats/parcel/ 		1 KB
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://econnect.dhlparcel.eu/address-format-api/address-formats/parcel/AT
Requested by
Host: econnect.dhlparcel.eu
URL: https://econnect.dhlparcel.eu/return-portal/static/js/main.08bf894d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1088 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
929fda47b64bfa30d646bf42183674b99a14641fcbc07f4506f50f7104b6401b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
X-XSRF-TOKEN
-53-123-26-64-68-104-811817-3999-401-8954-18111-6-19674-28-75-18694-92-15-87-63-44
X-CSRF-TOKEN
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 06:23:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/json
x-dns-prefetch-control
off
cf-ray
71b0fac72f199960-FRA
x-xss-protection
1; mode=block
EU
econnect.dhlparcel.eu/address-format-api/address-formats/parcel/ 		960 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://econnect.dhlparcel.eu/address-format-api/address-formats/parcel/EU
Requested by
Host: econnect.dhlparcel.eu
URL: https://econnect.dhlparcel.eu/return-portal/static/js/main.08bf894d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1088 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
013f14aecfa7db084f88a2e715c7ced13e544af0d01343d6cf939ce31241d141
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
X-XSRF-TOKEN
-53-123-26-64-68-104-811817-3999-401-8954-18111-6-19674-28-75-18694-92-15-87-63-44
X-CSRF-TOKEN
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 06:23:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/json
x-dns-prefetch-control
off
cf-ray
71b0fac72f219960-FRA
x-xss-protection
1; mode=block
EU
econnect.dhlparcel.eu/address-format-api/address-formats/parcel/ 		960 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://econnect.dhlparcel.eu/address-format-api/address-formats/parcel/EU
Requested by
Host: econnect.dhlparcel.eu
URL: https://econnect.dhlparcel.eu/return-portal/static/js/main.08bf894d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1088 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
013f14aecfa7db084f88a2e715c7ced13e544af0d01343d6cf939ce31241d141
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
X-XSRF-TOKEN
-53-123-26-64-68-104-811817-3999-401-8954-18111-6-19674-28-75-18694-92-15-87-63-44
X-CSRF-TOKEN
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 06:23:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/json
x-dns-prefetch-control
off
cf-ray
71b0fac74f4f9960-FRA
x-xss-protection
1; mode=block
truncated
/ 		184 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9acec48dbebdedbcf7598a69755382007815e8d1a1621ad323cd3e3479638bfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/jpeg
recaptcha__de.js
www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/ 		367 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
506336914f02f937120502bd21ebe49d3720829c2a09f6bc7f933baba246e14c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://econnect.dhlparcel.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 18:20:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43378
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148524
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 04:02:41 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Jun 2023 18:20:53 GMT
AT
econnect.dhlparcel.eu/address-format-api/address-formats/parcel/ 		1 KB
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://econnect.dhlparcel.eu/address-format-api/address-formats/parcel/AT
Requested by
Host: econnect.dhlparcel.eu
URL: https://econnect.dhlparcel.eu/return-portal/static/js/main.08bf894d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1088 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
929fda47b64bfa30d646bf42183674b99a14641fcbc07f4506f50f7104b6401b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
X-XSRF-TOKEN
-53-123-26-64-68-104-811817-3999-401-8954-18111-6-19674-28-75-18694-92-15-87-63-44
X-CSRF-TOKEN
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 06:23:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/json
x-dns-prefetch-control
off
cf-ray
71b0fac818ea9960-FRA
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame C791 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1BwsUAAAAAJvD7Laxity7K1IyHNMYOCO850zq&co=aHR0cHM6Ly9lY29ubmVjdC5kaGxwYXJjZWwuZXU6NDQz&hl=en&type=image&v=g9jXH0OtfQet-V0Aewq23c7K&theme=light&size=compact&badge=bottomright&cb=t7fjgbwwcpe
Requested by
Host: econnect.dhlparcel.eu
URL: https://econnect.dhlparcel.eu/return-portal/static/js/main.08bf894d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
660ebff67e85a497245fa9b255bc8fd6d8c8db43e5f0d747327a8b7b72c09db8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fn9DNaC9cwJauMydu9hgrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23072
content-security-policy
script-src 'report-sample' 'nonce-fn9DNaC9cwJauMydu9hgrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Jun 2022 06:23:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/ Frame C791 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1BwsUAAAAAJvD7Laxity7K1IyHNMYOCO850zq&co=aHR0cHM6Ly9lY29ubmVjdC5kaGxwYXJjZWwuZXU6NDQz&hl=en&type=image&v=g9jXH0OtfQet-V0Aewq23c7K&theme=light&size=compact&badge=bottomright&cb=t7fjgbwwcpe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 05:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4889
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 04:02:41 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Jun 2023 05:02:22 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/ Frame C791 		363 KB
363 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1BwsUAAAAAJvD7Laxity7K1IyHNMYOCO850zq&co=aHR0cHM6Ly9lY29ubmVjdC5kaGxwYXJjZWwuZXU6NDQz&hl=en&type=image&v=g9jXH0OtfQet-V0Aewq23c7K&theme=light&size=compact&badge=bottomright&cb=t7fjgbwwcpe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
483dfad907203c4c6ff5432a4d8f8505778096755cc05cf86d657137e2370e62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 20:36:56 GMT
x-content-type-options
nosniff
age
35215
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
371779
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 04:02:41 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Jun 2023 20:36:56 GMT
truncated
/ Frame C791 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C791 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C791 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 19:40:09 GMT
x-content-type-options
nosniff
age
384222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 16 Jun 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C791 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1BwsUAAAAAJvD7Laxity7K1IyHNMYOCO850zq&co=aHR0cHM6Ly9lY29ubmVjdC5kaGxwYXJjZWwuZXU6NDQz&hl=en&type=image&v=g9jXH0OtfQet-V0Aewq23c7K&theme=light&size=compact&badge=bottomright&cb=t7fjgbwwcpe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
566230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 07 Jun 2023 17:06:41 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame C791 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=g9jXH0OtfQet-V0Aewq23c7K
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1BwsUAAAAAJvD7Laxity7K1IyHNMYOCO850zq&co=aHR0cHM6Ly9lY29ubmVjdC5kaGxwYXJjZWwuZXU6NDQz&hl=en&type=image&v=g9jXH0OtfQet-V0Aewq23c7K&theme=light&size=compact&badge=bottomright&cb=t7fjgbwwcpe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4d0c03784a50b5bff5d7685a7b9d81b20eb14943cdb5acfa797e6b5f22d1805e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1BwsUAAAAAJvD7Laxity7K1IyHNMYOCO850zq&co=aHR0cHM6Ly9lY29ubmVjdC5kaGxwYXJjZWwuZXU6NDQz&hl=en&type=image&v=g9jXH0OtfQet-V0Aewq23c7K&theme=light&size=compact&badge=bottomright&cb=t7fjgbwwcpe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 06:23:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 14 Jun 2022 06:23:51 GMT
/
sentry.io/api/5227786/security/ Frame 351C 		0
377 B 		Other
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/5227786/security/?sentry_key=ced897bf0a6f41159e7fd59b5d9cce6f
Requested by
Host: econnect.dhlparcel.eu
URL: https://econnect.dhlparcel.eu/return-portal/94f9e76f-4be8-4900-8b87-bf8ced76ae42
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Tue, 14 Jun 2022 06:23:51 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
access-control-allow-origin
https://econnect.dhlparcel.eu
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
0
bframe
www.google.com/recaptcha/api2/ Frame 3D0E 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=g9jXH0OtfQet-V0Aewq23c7K&k=6Lc1BwsUAAAAAJvD7Laxity7K1IyHNMYOCO850zq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9942297b0dd6bd629c8474e2d8652853c390f2a9f4431cf296b8ac563edb95a8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IgvZg6DOO6m313pBjWE_JQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1115
content-security-policy
script-src 'report-sample' 'nonce-IgvZg6DOO6m313pBjWE_JQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Jun 2022 06:23:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/ Frame 3D0E 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=g9jXH0OtfQet-V0Aewq23c7K&k=6Lc1BwsUAAAAAJvD7Laxity7K1IyHNMYOCO850zq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 05:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4889
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 04:02:41 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Jun 2023 05:02:22 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/ Frame 3D0E 		363 KB
363 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=g9jXH0OtfQet-V0Aewq23c7K&k=6Lc1BwsUAAAAAJvD7Laxity7K1IyHNMYOCO850zq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
483dfad907203c4c6ff5432a4d8f8505778096755cc05cf86d657137e2370e62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 20:36:56 GMT
x-content-type-options
nosniff
age
35215
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
371779
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 04:02:41 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Jun 2023 20:36:56 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| env string| CAPTCHA_V2_SITE_KEY string| API_GATEWAY_HOST string| CSP_NONCE undefined| SENTRY_DSN object| __SENTRY__ object| regeneratorRuntime function| _ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_542300

5 Cookies

Domain/Path Name / Value
econnect.dhlparcel.eu/ Name: ui-theme
Value: light
econnect.dhlparcel.eu/ Name: X-AUTH-TOKEN
Value: eyJ1c2VySWQiOiI2YWZiZjA1MC0wOWFlLTRjZmEtYjUxMC1lNjgwYTk1NzEzMjIiLCJuYW1lIjp7ImZpcnN0TmFtZSI6ImFub255bW91cyIsImxhc3ROYW1lIjoiYW5vbnltb3VzIn0sImVtYWlsIjoiYW5vbnltb3VzIiwicm9sZXMiOlsiQU5PTllNT1VTIl0sImlzc3VlZEF0IjoxNjU1MTg3ODMwNjg3fTs4MTM4LTkxMjEtNzgtMjgtODcxMjEtOTktOTkzMi03MzIxMTQzMS0xMDgxMTItOTEtNjctMzI2Ny03My04MzQ3LTEwNzQ1MjAtODItOTI0OS00MS0zNA
econnect.dhlparcel.eu/ Name: XSRF-TOKEN
Value: -53-123-26-64-68-104-811817-3999-401-8954-18111-6-19674-28-75-18694-92-15-87-63-44
econnect.dhlparcel.eu/ Name: access_token
Value:
econnect.dhlparcel.eu/ Name: refresh_token
Value:

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vr'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; frame-src https://www.google.com/recaptcha/; object-src 'none'; script-src 'nonce-89874859fd5b24623df4534c5a42070705a5074151' 'report-sample' https://www.google.com/recaptcha/; connect-src 'self' https://sentry.io/api/5227786/ https://api-gw.dhlparcel.nl; base-uri 'none'; style-src 'nonce-89874859fd5b24623df4534c5a42070705a5074151' https://static.dhlparcel.nl/fonts/Delivery.css; form-action 'none'; font-src 'self' https://static.dhlparcel.nl; frame-ancestors 'none'; manifest-src 'self'; img-src 'self' data:; report-uri https://sentry.io/api/5227786/security/?sentry_key=ced897bf0a6f41159e7fd59b5d9cce6f
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

econnect.dhlparcel.eu
fonts.gstatic.com
sentry.io
static.dhlparcel.nl
www.google.com
www.gstatic.com
www.zwroty.pinkorblue.pl
185.56.131.114
2606:4700::6812:1088
2606:4700::6813:fb1a
2a00:1450:4001:803::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:82a::2003
35.188.42.15
013f14aecfa7db084f88a2e715c7ced13e544af0d01343d6cf939ce31241d141
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3b894e0990ab3ef968a7d43897e86885989524f81efc68548d7803b4bac456cb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
483dfad907203c4c6ff5432a4d8f8505778096755cc05cf86d657137e2370e62
4d0c03784a50b5bff5d7685a7b9d81b20eb14943cdb5acfa797e6b5f22d1805e
506336914f02f937120502bd21ebe49d3720829c2a09f6bc7f933baba246e14c
589dd4829e7ea3ff25302751dac95c83baec9613a6fdced75a508bc8ea653a37
5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940
660ebff67e85a497245fa9b255bc8fd6d8c8db43e5f0d747327a8b7b72c09db8
721cba2c4dbf9cab1ff9e66018b3b42455a80a36563450295b61910c2f4abef1
929fda47b64bfa30d646bf42183674b99a14641fcbc07f4506f50f7104b6401b
937d6825f7bc41049cc9622abc8e0ff07bb762771d872675243df75ae304fe8c
9942297b0dd6bd629c8474e2d8652853c390f2a9f4431cf296b8ac563edb95a8
9acec48dbebdedbcf7598a69755382007815e8d1a1621ad323cd3e3479638bfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8746c3e767f616e29b0de3e5ce40927fd962be91cacaa258b739decf6c4732d
f229eda7f7ef815e7494d85a90e8775d4c6112167d1f984c57c6c54050e280cf
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48