dhlservice24.com Open in urlscan Pro
172.67.141.75 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dhlservice24.com/
Effective URL:
https://dhlservice24.com/start.php
Submission: On March 27 via api (March 27th 2024, 3:48:16 pm UTC) from US — Scanned from US

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 20 HTTP transactions. The main IP is 172.67.141.75, located in United States and belongs to CLOUDFLARENET, US. The main domain is dhlservice24.com.
TLS certificate: Issued by E1 on March 26th 2024. Valid for: 3 months.

This is the only time dhlservice24.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 5	2606:4700:303... 2606:4700:3031::ac43:8d4b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 17	172.67.141.75 172.67.141.75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2

5 2606:4700:3031::ac43:8d4b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dhlservice24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.67.141.75 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dhlservice24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	dhlservice24.com 2 redirects dhlservice24.com	203 KB
20	1

	Domain	Requested by
22	dhlservice24.com	2 redirects dhlservice24.com
20	1

This site contains no links.

Subject Issuer	Validity	Valid
dhlservice24.com E1	`2024-03-26` - `2024-06-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://dhlservice24.com/start.php
Frame ID: 8D5993ED87B344F97F852CFBF1221712
Requests: 18 HTTP requests in this frame

Frame: https://dhlservice24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Frame ID: 1CCFDE3A9784980ABFF9A623B1FECE35
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Track & Trace | DHL

Page URL History Show full URLs

https://dhlservice24.com/ Page URL
https://dhlservice24.com/ Page URL
https://dhlservice24.com/ HTTP 302
https://dhlservice24.com/start.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

95 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

202 kB
Transfer

832 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dhlservice24.com/ Page URL
https://dhlservice24.com/ Page URL
https://dhlservice24.com/ HTTP 302
https://dhlservice24.com/start.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://dhlservice24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://dhlservice24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 503 / Show response
dhlservice24.com/ 7 KB
8 KB 554ms
425ms Document
text/html 2606:4700:3031::ac43:8d4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dhlservice24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8d4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c85ec7c5b9d55afbf9ae3b41389c734e706fdb0ea618ecdede465c8da9f46804

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 86b085f66d828dc6-MIA
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 15:48:12 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kjhBIAUic3sVAzqjvvSO20vAH7%2FvdgsLss4uxM4%2Bw5Yf4v7QSv2%2BmBAYi0O2DnfHk1DONKSwXI5caw9LaUzSYOEZ7Cdni4lCwWrgbTxTtQwr%2Fkyihbw2pcbWM5aicqrfZmHsmHHx2qvaPgEYhEi0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

POST
H2 204 /
dhlservice24.com/ 0
630 B 238ms
237ms XHR
text/plain 2606:4700:3031::ac43:8d4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dhlservice24.com/

Requested by

Host: dhlservice24.com
URL: https://dhlservice24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8d4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Requested-TimeStamp-Expire
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination: GET
z4d8tf5zBG2SztGvMHF3S4J5a0: 46272350
Content-type: application/x-www-form-urlencoded
X-Requested-Type: GET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://dhlservice24.com/
X-Requested-with: XMLHttpRequest
X-Requested-TimeStamp
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 15:48:12 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9OZEdQXq%2FMHociiSdtDW695gTlRSBh2DrnsXkADIhOw0724b79LL4DAN9DSDvxq8DvfhP556cwOJqE1yWc3X4wsJtAQmlGoSFegT6mHx7%2FOvNPgfd4e0grKJbj%2FHrCgDgMsOpwqWhZfkcIO5lYLE"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 86b085f95af38dc6-MIA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
expires: 0

GET
H2

200

main.js Show response
dhlservice24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/ Frame 1CCF
Redirect Chain

https://dhlservice24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://dhlservice24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

8 KB
4 KB

42ms
41ms

Script
application/javascript

2606:4700:3031::ac43:8d4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dhlservice24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

Protocol

Server

2606:4700:3031::ac43:8d4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb35c84c9aec7c85175b900836da441818c98c535e5f9721fa449030fef5fe4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Wed, 27 Mar 2024 15:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CgMh9xRuEwYZgmmwxRSOcPaGnKDQPj4mLFtMF9sPI7c0%2FnqyJpr%2BMWOFMc6hGy6TYHI%2FVkS4bFHo69ybF7VhYt%2BE6qwWI%2BPAOACZg9n2K3it%2BtneSzqCD%2B9V1lmkNmzRXXTK%2F3RpjWgwx7dIrUeG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 86b085f99b888dc6-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 27 Mar 2024 15:48:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4z%2Fu4ya0iOmxkbCHioZyxbgiZfM9zruPxiczneu8zDiCXAD3yPxmfGC8qFqkAyJDXw%2BJgVH%2FJQrKxNHlcIZsiBQ4YovcrtPs512B0dl0f5y4crwmLGUPNXNEuhrodOCLBUjKvucBqPKpIkv7SzhL"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 86b085f95af58dc6-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 503 favicon.ico
dhlservice24.com/ 6 KB
7 KB 428ms
427ms Other
text/html 2606:4700:3031::ac43:8d4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dhlservice24.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8d4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dhlservice24.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 15:48:12 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9GN65MrpOiNrLSzdmaC4LGx1Zrvmo5IAwe7L3A7utSIesYhs7UFdKvWirAWBDuCrXJqof74UdfAwsGa6WamvAPYKfK3YvAy0mIHmczvc6ySbAYokzsbnusvGDa991jUkszuGdK%2BZ2qJYdJ2hyTA"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 86b085f95afc8dc6-MIA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
expires: 0

POST
H3 200 86b085f66d828dc6 Show response
dhlservice24.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 1CCF 0
625 B 60ms
60ms XHR
text/plain 172.67.141.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dhlservice24.com/cdn-cgi/challenge-platform/h/g/jsd/r/86b085f66d828dc6
Requested by: Host: dhlservice24.com
URL: https://dhlservice24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 27 Mar 2024 15:48:12 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dNxhuyvpuRRc6MsUCjxkfhYG1MzRNY0r6HPwbU1IAhsjDHrFaGYK9RgUcUxPl61aolX%2FwDjU8vZM31sNtsEI5N%2BnrK6pbfyVebjN1zoios07BUqUZmri%2FiQ5Dz%2BGwx%2FeIZyp"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 86b085fa6aa69aec-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 503 / Show response
dhlservice24.com/ 6 KB
7 KB 427ms
426ms Document
text/html 172.67.141.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dhlservice24.com/

Requested by

Host: dhlservice24.com
URL: https://dhlservice24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2ea0dd85f476d2368cfa075a4770de5ea5d93f1dc94a2ca6e1ef192bc7caa56

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Referer: https://dhlservice24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 86b085fadb699aec-MIA
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 15:48:13 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nIWL7M46GAfSTIUgFW8EOpcxUddZyswkzsCf%2FaRbeXw%2Bls2D6LDZzsl7Ba3VnWZonPAH9lVA8uI7ULjo%2FcrTqyMYfmC8pqM14ge2sbFco6aRoKa57uG2%2FFbnxudvpesZdJMX"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

POST
H3 204 /
dhlservice24.com/ 0
844 B 233ms
233ms XHR
text/plain 172.67.141.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dhlservice24.com/

Requested by

Host: dhlservice24.com
URL: https://dhlservice24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Requested-TimeStamp-Expire
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination: GET
fy2ppVW0OF2kP68Dj1A7WqiC6IM: 46272350
Content-type: application/x-www-form-urlencoded
X-Requested-Type: GET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://dhlservice24.com/
X-Requested-with: XMLHttpRequest
X-Requested-TimeStamp
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 15:48:13 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xpwmrbq%2BSu7ya5A3pC6Ti6F8kPADIJvZKD%2FqHUiEyTlw3Dv4KpI4otM9VSRFH%2B1l%2BMWjyk0UkFCve%2BxOKlwvBNGFYPR2eCEqiozSp3%2F0vqGbwtZ%2BT7hDFpH2QVCGgQGNJ1We"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 86b085fd9ffe9aec-MIA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
expires: 0

GET
H3 503 favicon.ico
dhlservice24.com/ 18 KB
18 KB 235ms
234ms Other
text/html 172.67.141.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dhlservice24.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dhlservice24.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 15:48:13 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uCQ6V0Ah0z%2Bm3G9BuLrQhG6ThnldMNupzwMesXHPcjXnXOcODySWMzO7%2FN29MbK3Pv5cjlDGROGMAxnRzmbrRBp6s1GDupG6LYRhxe0D%2BSQB9g6m4HYXNcLC5vhl1SmKQ7t6"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 86b085fd98059aec-MIA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
expires: 0

GET
H3

200

Primary Request start.php Show response
dhlservice24.com/
Redirect Chain

https://dhlservice24.com/
https://dhlservice24.com/start.php

138 KB
20 KB

241ms
241ms

Document
text/html

172.67.141.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dhlservice24.com/start.php

Requested by

Host: dhlservice24.com
URL: https://dhlservice24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

873336755c11d70504d0ec9b4bc0fe8e4a2374c22ff9ceba644eac30ab67514c

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Referer: https://dhlservice24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 86b08601bea39aec-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 27 Mar 2024 15:48:13 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uN5%2BGyXRDFzR4h0HNRbzsNu5NSCEpI6ZmQiWNGDF3chFfSR5tUQyXb3hIWHbLY2GjrnWGlfjA9KytieaUsbJM7ck7XuBHfL2hkT8Lw8SnB2xYAUBZ51sEqCOHUprHWvA7cck"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-nginx-upstream-cache-status: BYPASS
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 86b085ff1a2f9aec-MIA
content-type: text/html; charset=UTF-8
date: Wed, 27 Mar 2024 15:48:13 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: ./start.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fD60L044Xf9IozCFg59RG%2FtZJ5kD2A6xyALf0Kb94qyQ2i4ju%2FJokrGRJE2ihYJ4o5P1N8xw4CjnDPB7WE%2BE0XD%2FV239i78xt%2F6zgYJEBnamCreqiUTpXN32pitIhjlzB37D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block 1; mode=block

GET
H3 200 bundle.3c2de8e2291c5000dfa1bd18a61ea226.css
dhlservice24.com/start/ 544 KB
95 KB 997ms
995ms Stylesheet
text/css 172.67.141.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dhlservice24.com/start/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css

Requested by

Host: dhlservice24.com
URL: https://dhlservice24.com/start.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

672fc728fbce22a952328d1543b012ac726e00196a995bf19295746bc7198815

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dhlservice24.com/start.php
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 15:48:14 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff, nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
x-nginx-upstream-cache-status: STALE
pragma: public
last-modified: Fri, 01 Dec 2023 17:10:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4EescEeb6y5yQbsZnNxjJ95Dq%2B0VjNYhLFDxcvYYTvbCjHivAPQ%2F4%2BlZGWehm%2FxrAkm%2BUAzFtJJJJrFlAXr5vB%2Bmy%2BmBisfJVrIEFXUYi4hM4xNfiTWLLZqLIPPcDdVysEe3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 86b0860359499aec-MIA
expires: Fri, 26 Apr 2024 15:48:14 GMT

GET
H3 200 bundle-utapi.3c2de8e2291c5000dfa1bd18a61ea226.css
dhlservice24.com/start/ 9 KB
2 KB 436ms
435ms Stylesheet
text/css 172.67.141.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dhlservice24.com/start/bundle-utapi.3c2de8e2291c5000dfa1bd18a61ea226.css

Requested by

Host: dhlservice24.com
URL: https://dhlservice24.com/start.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85b883df6303e38a134fcde90960409c54526acf0833f6c0f175f9d10e6c402a

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dhlservice24.com/start.php
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 15:48:14 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff, nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
x-nginx-upstream-cache-status: STALE
pragma: public
last-modified: Fri, 01 Dec 2023 17:10:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AgY5%2B2p33JfghZ0v2Ij6LSy7LlVONhp15HmSefxSjCKIbjNE5vACdpoww2O8ZYHd7Biy1M6eWHFg80F%2BdTo4F6SLIi0psRizhAXKMPwkcrygVXJTO1jYRTkhV%2Bv2cru4r6vo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 86b08603594e9aec-MIA
expires: Fri, 26 Apr 2024 15:48:14 GMT

GET
H3 200 dhl-logo.svg
dhlservice24.com/start/ 2 KB
1 KB 434ms
433ms Image
image/svg+xml 172.67.141.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dhlservice24.com/start/dhl-logo.svg

Requested by

Host: dhlservice24.com
URL: https://dhlservice24.com/start.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dhlservice24.com/start.php
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 15:48:14 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff, nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
x-nginx-upstream-cache-status: STALE
pragma: public
last-modified: Fri, 01 Dec 2023 17:10:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PhiYqwke1Ggc3s3TrQ8I5S5lL6w8sG2oWtn6Pp0d%2FcGu3uOb9EVJ%2FaA9tOWjHPc4ITOaeZOJWZHzEdTUWUooPYNIX8p2jYKorEIGyv8faPhOmgItUobF07G5PwwupvhjUnPO"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=5184000
cf-ray: 86b0860359519aec-MIA
expires: Sun, 26 May 2024 15:48:14 GMT

GET
H3 200 glo-footer-logo.svg
dhlservice24.com/image/ 4 KB
2 KB 425ms
424ms Image
image/svg+xml 172.67.141.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dhlservice24.com/image/glo-footer-logo.svg

Requested by

Host: dhlservice24.com
URL: https://dhlservice24.com/start.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09685aa19deb8ef5a52bcebfe4e0cc009d0ca199d7a85c2a2e58e2d7ab41db35

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dhlservice24.com/start.php
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 15:48:14 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff, nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
x-nginx-upstream-cache-status: STALE
pragma: public
last-modified: Thu, 21 Dec 2023 15:10:26 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i5kZ4%2BcRn2xj386yKwKa%2BJuWqBBwhTLbWMLV3P%2BHXkVxgVYmJbytIXKYi%2FkwbB3JATSyl1AoMmwwVn7L1aV%2BykNEFEliPL2iOdTTF8UBFMz3PNy4fOVnA44DABS4JPntMw85"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=5184000
cf-ray: 86b086046aee9aec-MIA
expires: Sun, 26 May 2024 15:48:14 GMT

GET
H3 200 jquery.min.js Show response
dhlservice24.com/start/ 87 KB
32 KB 620ms
619ms Script
application/javascript 172.67.141.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dhlservice24.com/start/jquery.min.js

Requested by

Host: dhlservice24.com
URL: https://dhlservice24.com/start.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dhlservice24.com/start.php
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 15:48:14 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff, nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
x-nginx-upstream-cache-status: STALE
pragma: public
last-modified: Fri, 01 Dec 2023 17:10:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ztmtIqURyTkPNECc803FyXZX7tJoZs1f%2BoLbVhvHnEXLKDR48wm90tPFfj%2BvKtXPARo5e7bh4VuJQ1oyIrrUMwql%2Fgwv1E%2BDcnIf2DOLtM0WTYtCTXmUXaTPHVI9r0tiPPzK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 86b086046aef9aec-MIA
expires: Fri, 26 Apr 2024 15:48:14 GMT

GET
H3 404 default-5a6dd86f272b304a8b83f7df61f11c2f.woff
dhlservice24.com/fonts/ 0
0 441ms
440ms Font
text/html 172.67.141.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dhlservice24.com/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff

Requested by

Host: dhlservice24.com
URL: https://dhlservice24.com/start/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dhlservice24.com/start/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css
Origin: https://dhlservice24.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 27 Mar 2024 15:48:15 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FckMXLnYunU2OeQG%2BcJ4eOytEa6q2luc2u03%2FGfht0EsqR24mZgi1edPKiVPaFUX95SiCFfEfSLCO3vlsenXWZNDUoIaZW0q407jRazckUXScoww2SQLDaAaoFnG75pe8ZYj"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray: 86b0860a3d1d9aec-MIA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block

GET
H3 404 iconfont-2817b89766135c02472db274c79655de.woff
dhlservice24.com/fonts/ 0
0 436ms
435ms Font
text/html 172.67.141.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dhlservice24.com/fonts/iconfont-2817b89766135c02472db274c79655de.woff

Requested by

Host: dhlservice24.com
URL: https://dhlservice24.com/start/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dhlservice24.com/start/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css
Origin: https://dhlservice24.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 27 Mar 2024 15:48:15 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EIg%2Fe06j7vPYT9eGRH377nodZbuUlwEgi1DYYUrMZlVftGLLm1gBIzrqW1200dAYDMkzsN75bNiSor7%2FdFwW3JFXMa3kVqN9rwCGippHA63w70BQxcIEi8nqwUnLbUUTsM5Y"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray: 86b0860a3d239aec-MIA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block

GET
H3 404 default-3e828e80f6e985c352eba4474518978d.woff
dhlservice24.com/fonts/ 0
0 435ms
434ms Font
text/html 172.67.141.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dhlservice24.com/fonts/default-3e828e80f6e985c352eba4474518978d.woff

Requested by

Host: dhlservice24.com
URL: https://dhlservice24.com/start/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dhlservice24.com/start/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css
Origin: https://dhlservice24.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 27 Mar 2024 15:48:15 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J2DWsi2hxrdIfsqm%2FGkqLBVZWRbatbDd9eJLWcw3uoO%2BzXC2Yy3MGB%2Fab9bhL6qyKDVozxtkOJEiuxip6lSRdwuGqsaS3IoBMjAiFCvcXKnfV4wTSDA9ilKdrKhTJcjwhw7j"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray: 86b0860a3d289aec-MIA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block

GET
H3 404 default-274a65bae9742377aaf010bb1a7de971.woff
dhlservice24.com/fonts/ 0
0 439ms
438ms Font
text/html 172.67.141.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dhlservice24.com/fonts/default-274a65bae9742377aaf010bb1a7de971.woff

Requested by

Host: dhlservice24.com
URL: https://dhlservice24.com/start/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dhlservice24.com/start/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css
Origin: https://dhlservice24.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 27 Mar 2024 15:48:15 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Dd6q%2Fr14wsCRCe5x6r7s50DuY62ek28KS4hdAwFjXQfMOBlZDEPv0Vb66dDAtvPFmG%2FD6FqXjv6qWJgPLeiBoL7I2Kfrm72TfoevxMeHsLSseyQWFDp%2FisAdv713Wky6uJq"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray: 86b0860a3d2b9aec-MIA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block

GET
H3 404 default-815fcbb4d2c57901701125d768f09d67.woff
dhlservice24.com/fonts/ 0
0 435ms
434ms Font
text/html 172.67.141.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dhlservice24.com/fonts/default-815fcbb4d2c57901701125d768f09d67.woff

Requested by

Host: dhlservice24.com
URL: https://dhlservice24.com/start/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dhlservice24.com/start/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css
Origin: https://dhlservice24.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 27 Mar 2024 15:48:15 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iezcDyj7ryIoLIhHfFWzECwqyG%2FJbgUvxqFklR83zDKzbY6Bcw%2BMOho0Ef%2BYK65IDDNuvOfdbIrodt1oN50UGAwCWbo1rNA7ijHQL2xVL8CfF7cLeHNxU4faLZE87TfV5o%2B7"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray: 86b0860a3d309aec-MIA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block

GET
H3 200 favicon.gif
dhlservice24.com/ 2 KB
3 KB 428ms
427ms Other
image/gif 172.67.141.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dhlservice24.com/favicon.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dhlservice24.com/start.php
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 15:48:15 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff, nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2238
x-xss-protection: 1; mode=block, 1; mode=block
x-nginx-upstream-cache-status: STALE
pragma: public
last-modified: Fri, 01 Dec 2023 21:49:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aX5BPhwk1SRm1i5QsaispRBj9zDGTun8v1dZa6clrJmMdVWMCTPQeX6AKOS1kuUMOwYi40%2BpUP1ZUfNfZbKKPgN84N6nxDnwQywhu7cNarlr3u%2FsCCTkpqPdcscrKkRWmxwI"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 86b0860d0a299aec-MIA
expires: Sun, 26 May 2024 15:48:15 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal function| $ function| jQuery

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dhlservice24.com/	1970-01-20 19:27:20	Name: wZlYC40UcyNpErkzjETkcV1qDX0 Value: r7cRgGAxCrq2Kqo7PHNvWwOPi0k
dhlservice24.com/	1970-01-20 19:27:20	Name: Io6KlvZ-2lpOmxNLxOTo_MPUiR0 Value: 1711554489
dhlservice24.com/	1970-01-20 19:27:20	Name: c3JBszPcqBsm3Ye6jYcHcxv4eT8 Value: 1711640889
dhlservice24.com/	1970-01-20 19:27:20	Name: 9d3HQzE4Q_-yhkFJE-km8MYqXoU Value: LlBLO6-SWfi8yKkAgRpecChxy_0
dhlservice24.com/	1970-01-20 19:27:20	Name: rJRzCLBVX64vGAFZu-TUH8n1k-g Value: eh07-xlO1HOUxH6QB2Gh_FPSCWE
.dhlservice24.com/	1970-01-21 04:11:30	Name: cf_clearance Value: ffUIMih4eJKgWkACN841YdKWAsoHiDE_wzHCxBHPzoE-1711554492-1.0.1.1-aIasvqoEkxIj6A6.6xyoHjmKI7n0eQupyvD0KJLtfT_LFjZvfnMBn_cL8uiVEdOclsYgRX4zC49eFhK_ZJpjmA
dhlservice24.com/	1970-01-20 19:27:20	Name: J9P6768psv3tCoJRAiQHUiy9Vy8 Value: 1711554492
dhlservice24.com/	1970-01-20 19:27:20	Name: T-hgQrI_GNHJhVtlCVEOWs0dlkM Value: 1711640892
dhlservice24.com/	1970-01-20 19:27:20	Name: Ypmgp_relkdjoF6gKaTucXQsQoA Value: RBK-sP49_6XM6Pa11qP3SLFd3BE
dhlservice24.com/	1970-01-20 19:27:20	Name: zCPPoIa_iqlPrsIxRIyLR39X-98 Value: BTtlN5oMs_YX3CmRn37lmh-sBtg
dhlservice24.com/	1970-01-20 19:27:20	Name: q9zSJ7HxCIXaw20wYgpmLsm17Cs Value: 1711554493
dhlservice24.com/	1970-01-20 19:27:20	Name: shr56kkFdODjgFnPJLTn2Z4wlzY Value: 1711640893
dhlservice24.com/	1970-01-20 19:27:20	Name: dtHhxfbMqNPwsMaNvJhXx6wdvAM Value: EPCkV4iM8R9NhdnA-IFx8wsipJw
dhlservice24.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 64cd30e9c758c9b3f6f970d3745f0e7a

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dhlservice24.com/ Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://dhlservice24.com/favicon.ico Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://dhlservice24.com/ Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://dhlservice24.com/favicon.ico Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://dhlservice24.com/fonts/default-3e828e80f6e985c352eba4474518978d.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dhlservice24.com/fonts/default-815fcbb4d2c57901701125d768f09d67.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dhlservice24.com/fonts/iconfont-2817b89766135c02472db274c79655de.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dhlservice24.com/fonts/default-274a65bae9742377aaf010bb1a7de971.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dhlservice24.com/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dhlservice24.com
172.67.141.75
2606:4700:3031::ac43:8d4b
09685aa19deb8ef5a52bcebfe4e0cc009d0ca199d7a85c2a2e58e2d7ab41db35
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
672fc728fbce22a952328d1543b012ac726e00196a995bf19295746bc7198815
85b883df6303e38a134fcde90960409c54526acf0833f6c0f175f9d10e6c402a
873336755c11d70504d0ec9b4bc0fe8e4a2374c22ff9ceba644eac30ab67514c
b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807
b2ea0dd85f476d2368cfa075a4770de5ea5d93f1dc94a2ca6e1ef192bc7caa56
c85ec7c5b9d55afbf9ae3b41389c734e706fdb0ea618ecdede465c8da9f46804
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb35c84c9aec7c85175b900836da441818c98c535e5f9721fa449030fef5fe4f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

dhlservice24.com Open in urlscan Pro 172.67.141.75 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

95 %HTTPS

50 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

202 kBTransfer

832 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

14 Cookies

9 Console Messages

Security Headers

Indicators

dhlservice24.com Open in urlscan Pro
172.67.141.75 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

95 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

202 kB
Transfer

832 kB
Size

14
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!