express-resources.dhl.com Open in urlscan Pro
104.17.73.206 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://express2.dhl.com/MDc4LUVSVC01MjIAAAGRsVp8aK2GVw6JbBIMtzl8beNG47sluCsAmzyNbFmTY0Q4C-rTx5986zOanE4VljefKYQgdvE=
Effective URL:
https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka44...
Submission: On March 13 via api (March 13th 2024, 8:02:41 am UTC) from IN — Scanned from DE

Summary HTTP 58 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 58 HTTP transactions. The main IP is 104.17.73.206, located in and belongs to CLOUDFLARENET, US. The main domain is express-resources.dhl.com. The Cisco Umbrella rank of the primary domain is 424082.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 3rd 2023. Valid for: a year.

This is the only time express-resources.dhl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.72.206 104.17.72.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	104.17.73.206 104.17.73.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	23.192.243.198 23.192.243.198	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.17.70.206 104.17.70.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	130.248.173.59 130.248.173.59	15224 (OMNITURE) (OMNITURE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2016	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
58	15

1 104.17.72.206 (None, )

ASN13335 (CLOUDFLARENET, US)

express2.dhl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.17.73.206 (None, )

ASN13335 (CLOUDFLARENET, US)

express-resources.dhl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.192.243.198 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-243-198.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.70.206 (None, )

ASN13335 (CLOUDFLARENET, US)

express-resource.dhl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.248.173.59 (United States)

ASN15224 (OMNITURE, US)

078-ert-522.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	dhl.com express2.dhl.com — Cisco Umbrella Rank: 579447 express-resources.dhl.com — Cisco Umbrella Rank: 424082 express-resource.dhl.com — Cisco Umbrella Rank: 337897	510 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	497 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 66	1014 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	57 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 368 jnn-pa.googleapis.com — Cisco Umbrella Rank: 218	74 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 static.doubleclick.net — Cisco Umbrella Rank: 259	1 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2945	83 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3643	6 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	5 KB
1	mktoresp.com 078-ert-522.mktoresp.com — Cisco Umbrella Rank: 74844	318 B
58	10

	Domain	Requested by
18	express-resources.dhl.com	express2.dhl.com express-resources.dhl.com
8	www.youtube.com	express-resources.dhl.com www.youtube.com
6	www.gstatic.com	www.google.com www.youtube.com www.gstatic.com
5	www.google.com	express-resources.dhl.com www.youtube.com www.gstatic.com www.google.com
4	jnn-pa.googleapis.com	www.youtube.com
4	fonts.gstatic.com	www.youtube.com www.google.com
3	express-resource.dhl.com	express-resources.dhl.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	stackpath.bootstrapcdn.com	express-resources.dhl.com stackpath.bootstrapcdn.com
2	munchkin.marketo.net	express-resources.dhl.com munchkin.marketo.net
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	078-ert-522.mktoresp.com	munchkin.marketo.net
1	ajax.googleapis.com	express-resources.dhl.com
1	express2.dhl.com
58	15

This site contains links to these domains. Also see Links.

Domain
www.dhl.com
policies.google.com
www.facebook.com
www.instagram.com
twitter.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
express2.dhl.com Cloudflare Inc ECC CA-3	`2023-06-05` - `2024-06-04`	a year	crt.sh
express-resources.dhl.com Cloudflare Inc ECC CA-3	`2023-06-03` - `2024-06-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
express-resource.dhl.com Cloudflare Inc ECC CA-3	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
Frame ID: A2DB53DC2230D8478B92AE83FEAED8F4
Requests: 30 HTTP requests in this frame

Frame: https://www.youtube.com/embed/IFMp-zi_nGc
Frame ID: D1080F17FC6AB8F548A4CD9BD8E9E0C7
Requests: 18 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezzO0jAAAAABoxalLJO3jIJTnJUFi8nQZO-LH4&co=aHR0cHM6Ly9leHByZXNzLXJlc291cmNlcy5kaGwuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=luhrfqboyst7
Frame ID: FDD30D021B57863962086A3951BA9BB5
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DHL

Page URL History Show full URLs

https://express2.dhl.com/MDc4LUVSVC01MjIAAAGRsVp8aK2GVw6JbBIMtzl8beNG47sluCsAmzyNbFmTY0Q4C-rTx5986zOa... Page URL
https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

58
Requests

98 %
HTTPS

67 %
IPv6

10
Domains

15
Subdomains

15
IPs

3
Countries

2248 kB
Transfer

5704 kB
Size

8
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dhl.com/

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.dhl.com/global-en/home/footer/legal-notice.html
Title: Legal Notice

Search URL Search Domain Scan URL

URL: https://www.dhl.com/global-en/home/footer/terms-of-use.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.dhl.com/global-en/home/footer/global-privacy-notice.html
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DHLexpress/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/discoverbydhl/

Search URL Search Domain Scan URL

URL: https://twitter.com/dhlexpress

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/discover-dhl-for-business/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/dhl

Search URL Search Domain Scan URL

URL: https://www.dhl.com/discover/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://express2.dhl.com/MDc4LUVSVC01MjIAAAGRsVp8aK2GVw6JbBIMtzl8beNG47sluCsAmzyNbFmTY0Q4C-rTx5986zOanE4VljefKYQgdvE= Page URL
https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 MDc4LUVSVC01MjIAAAGRsVp8aK2GVw6JbBIMtzl8beNG47sluCsAmzyNbFmTY0Q4C-rTx5986zOanE4VljefKYQgdvE=
express2.dhl.com/ 582 B
1 KB 574ms
109ms Document
text/html 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://express2.dhl.com/MDc4LUVSVC01MjIAAAGRsVp8aK2GVw6JbBIMtzl8beNG47sluCsAmzyNbFmTY0Q4C-rTx5986zOanE4VljefKYQgdvE=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-mFryC8AZD5ZGbjyqJ3yHBaMwgMeoI63czgtF9ssEAIM=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 863a80af0b306ae8-FRA
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-mFryC8AZD5ZGbjyqJ3yHBaMwgMeoI63czgtF9ssEAIM=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
content-type: text/html;charset=UTF-8
date: Wed, 13 Mar 2024 08:02:36 GMT
referrer-policy: strict-origin
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: ac1ccafe4bc6af78

GET
H2 200 Primary Request email-preferences.html Show response
express-resources.dhl.com/ 40 KB
9 KB 502ms
395ms Document
text/html 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU

Requested by

Host: express2.dhl.com
URL: https://express2.dhl.com/MDc4LUVSVC01MjIAAAGRsVp8aK2GVw6JbBIMtzl8beNG47sluCsAmzyNbFmTY0Q4C-rTx5986zOanE4VljefKYQgdvE=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fe06921b3331aa3a2caad4559d7ebfa772e9aba0a07d695ddf405f2b7dfba77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://express2.dhl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 863a80b0f8623688-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 13 Mar 2024 08:02:36 GMT
p3p: CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
server: cloudflare
vary: *,Accept-Encoding
x-asset-type: LP
x-content-type-options: nosniff

GET
H2 200 dhl_style.css
express-resources.dhl.com/rs/078-ERT-522/images/ 28 KB
5 KB 55ms
55ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://express-resources.dhl.com/rs/078-ERT-522/images/dhl_style.css

Requested by

Host: express-resources.dhl.com
URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02be04536f6cd17c99d78bbc4f18316f0cfac86631d6d5c34ce3b70bd9ed294a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Mar 2024 01:52:21 GMT
server: cloudflare
etag: "37a08dc-6e70-612f4359ceb08"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 863a80b37b103688-FRA
content-length: 5109
expires: Wed, 13 Mar 2024 08:03:36 GMT

GET
H2 200 dhl_responsive.css
express-resources.dhl.com/rs/078-ERT-522/images/ 5 KB
1 KB 95ms
94ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://express-resources.dhl.com/rs/078-ERT-522/images/dhl_responsive.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5379176344e102bc7df2da1bf38bcb36361130664c6a61aad6389ab689228645

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 06 Mar 2024 01:51:57 GMT
server: cloudflare
etag: "37a085f-12ef-612f4343538c4"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 863a80b37b133688-FRA
content-length: 1084
expires: Wed, 13 Mar 2024 08:03:36 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.0/ 91 KB
33 KB 75ms
21ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33140
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 20:08:59 GMT

GET
H2 200 dhl_main_logo.png
express-resources.dhl.com/rs/078-ERT-522/images/ 3 KB
3 KB 53ms
53ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://express-resources.dhl.com/rs/078-ERT-522/images/dhl_main_logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c33b869dc23ad7036027fc60a164aa72f433f94d9d8fbdc4a6db0a47afcb6677

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:36 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 06 Mar 2024 01:51:57 GMT
server: cloudflare
etag: "37a085e-a8a-612f4343534dc"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 863a80b37b163688-FRA
content-length: 2698
expires: Wed, 13 Mar 2024 08:03:36 GMT

GET
H2 200 forms2.min.js Show response
express-resources.dhl.com/js/forms2/js/ 199 KB
66 KB 72ms
72ms Script
application/x-javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://express-resources.dhl.com/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9649e0e9e5790f8d6b5e69aa4ff9969e8f7d72a84f8501ff9379078005124d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 05 Mar 2024 19:24:48 GMT
server: cloudflare
etag: "36e0eaf-31af8-612eecb9f6000"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 863a80b37b173688-FRA
expires: Wed, 13 Mar 2024 12:02:36 GMT

GET
H2 200 dhl_s7_img_1.jpg
express-resources.dhl.com/rs/078-ERT-522/images/ 108 KB
108 KB 73ms
72ms Image
image/jpeg 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://express-resources.dhl.com/rs/078-ERT-522/images/dhl_s7_img_1.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab01abb389869def1527cf1a822db3aeade675563aded76dbd14fc1f48afda2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:36 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 06 Mar 2024 01:52:38 GMT
server: cloudflare
etag: "37a091c-1aed8-612f436a8cd55"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 863a80b3db613688-FRA
content-length: 110296
expires: Wed, 13 Mar 2024 08:03:36 GMT

GET
H2 200 dhl_s7_img_2.jpg
express-resources.dhl.com/rs/078-ERT-522/images/ 45 KB
45 KB 67ms
67ms Image
image/jpeg 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://express-resources.dhl.com/rs/078-ERT-522/images/dhl_s7_img_2.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d441841b904d5b5656e572b7cb8b8598e0a2606099a8a066f38f533d2b626fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:36 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 06 Mar 2024 01:52:39 GMT
server: cloudflare
etag: "37a091e-b4e3-612f436b60427"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 863a80b41baa3688-FRA
content-length: 46307
expires: Wed, 13 Mar 2024 08:03:36 GMT

GET
H2 200 dhl_s7_img_3.jpg
express-resources.dhl.com/rs/078-ERT-522/images/ 189 KB
189 KB 54ms
54ms Image
image/jpeg 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://express-resources.dhl.com/rs/078-ERT-522/images/dhl_s7_img_3.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55adacc08f94d8d4e68e5798717f74c088cf392b0568adc70f7917a3a6fa338f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:36 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 06 Mar 2024 01:52:39 GMT
server: cloudflare
etag: "37a091f-2f3f3-612f436b782f8"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 863a80b44be43688-FRA
content-length: 193523
expires: Wed, 13 Mar 2024 08:03:36 GMT

GET
H2 200 dhl_social_1.png
express-resources.dhl.com/rs/078-ERT-522/images/ 1 KB
1 KB 67ms
66ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://express-resources.dhl.com/rs/078-ERT-522/images/dhl_social_1.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b9c31e73dec637da27639d3cc4591ac61c3bcf7ea84154de2d9acb7dafd88f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:36 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Mar 2024 01:51:58 GMT
server: cloudflare
etag: "37a086d-47d-612f4344bbe68"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 863a80b46bfb3688-FRA
content-length: 1149
expires: Wed, 13 Mar 2024 08:03:36 GMT

GET
H2 200 dhl_social_2.png
express-resources.dhl.com/rs/078-ERT-522/images/ 2 KB
2 KB 93ms
93ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://express-resources.dhl.com/rs/078-ERT-522/images/dhl_social_2.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

352b87fea22079fd40b275e2deecacf4e4c0fccb0222e314396709242a4a1c62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:36 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Mar 2024 01:51:58 GMT
server: cloudflare
etag: "37a0868-65e-612f4344332e6"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 863a80b46bfd3688-FRA
content-length: 1630
expires: Wed, 13 Mar 2024 08:03:36 GMT

GET
H2 200 dhl_social_3.png
express-resources.dhl.com/rs/078-ERT-522/images/ 1 KB
2 KB 64ms
63ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://express-resources.dhl.com/rs/078-ERT-522/images/dhl_social_3.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b3175f84a6bc69cdbd5210f5802166562b517d95a37cb02627f097582158bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:36 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Mar 2024 01:53:01 GMT
server: cloudflare
etag: "37a0945-5ac-612f4380c5149"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 863a80b46c013688-FRA
content-length: 1452
expires: Wed, 13 Mar 2024 08:03:36 GMT

GET
H2 200 dhl_social_4.png
express-resources.dhl.com/rs/078-ERT-522/images/ 1 KB
1 KB 52ms
52ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://express-resources.dhl.com/rs/078-ERT-522/images/dhl_social_4.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e0436271277e8cd5cf1b3100ef000212ea780faca01fe0f5cfa9af929f52e07

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:36 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 06 Mar 2024 01:51:59 GMT
server: cloudflare
etag: "37a086f-4ed-612f434522ed9"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 863a80b46c023688-FRA
content-length: 1261
expires: Wed, 13 Mar 2024 08:03:36 GMT

GET
H2 200 dhl_social_5.png
express-resources.dhl.com/rs/078-ERT-522/images/ 1 KB
1 KB 64ms
64ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://express-resources.dhl.com/rs/078-ERT-522/images/dhl_social_5.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85b11a47bd23c1584542dbff49f540b7ec34fedbc2f7756bea1d27d16b392e9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:36 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 06 Mar 2024 01:51:59 GMT
server: cloudflare
etag: "37a086e-50a-612f434522709"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 863a80b46c053688-FRA
content-length: 1290
expires: Wed, 13 Mar 2024 08:03:36 GMT

GET
H2 200 dhl_social_6.png
express-resources.dhl.com/rs/078-ERT-522/images/ 1 KB
1 KB 61ms
61ms Image
image/png 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://express-resources.dhl.com/rs/078-ERT-522/images/dhl_social_6.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d846373cfe0dad02c6afd697d63ace1843dd9d662c93755eec5da17a4034ec39

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:36 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 06 Mar 2024 01:51:59 GMT
server: cloudflare
etag: "37a0870-5a6-612f434524261"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 863a80b46c063688-FRA
content-length: 1446
expires: Wed, 13 Mar 2024 08:03:36 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net// 1 KB
1 KB 107ms
35ms Script
application/x-javascript 23.192.243.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net//munchkin.js
Requested by: Host: express-resources.dhl.com
URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.243.198 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-243-198.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 13 Mar 2024 08:02:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 stripmkttok.js Show response
express-resources.dhl.com/js/ 2 KB
790 B 46ms
45ms Script
application/x-javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://express-resources.dhl.com/js/stripmkttok.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 05 Mar 2024 19:24:48 GMT
server: cloudflare
age: 1490
etag: "36e0e5f-602-612eecb9f6000"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 863a80b46bfc3688-FRA
content-length: 678
expires: Wed, 13 Mar 2024 12:02:36 GMT

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 86ms
34ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: express-resources.dhl.com
URL: https://express-resources.dhl.com/rs/078-ERT-522/images/dhl_style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 10468115
cdn-cachedat: 10/31/2023 18:48:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 4ded4cc74861d4861658261bdf347dff
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 863a80b42b288ed4-FRA
cdn-requestpullsuccess: True

GET
H2 200 Delivery_W_Bd.woff2
express-resource.dhl.com/rs/903-EZK-832/images/ 33 KB
34 KB 146ms
62ms Font
text/plain 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://express-resource.dhl.com/rs/903-EZK-832/images/Delivery_W_Bd.woff2

Requested by

Host: express-resources.dhl.com
URL: https://express-resources.dhl.com/rs/078-ERT-522/images/dhl_style.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

252a00cc37c5625a9079caa25891b1e36ff3120c959264c8b4866bc6805180b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://express-resources.dhl.com/
Origin: https://express-resources.dhl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Mar 2024 01:52:04 GMT
server: cloudflare
etag: W/"37a0891-8410-612f434a6945f"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=60
cf-ray: 863a80b4fa246964-FRA
expires: Wed, 13 Mar 2024 08:03:36 GMT

GET
H2 200 Delivery_W_Rg.woff2
express-resource.dhl.com/rs/903-EZK-832/images/ 33 KB
33 KB 149ms
66ms Font
text/plain 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://express-resource.dhl.com/rs/903-EZK-832/images/Delivery_W_Rg.woff2

Requested by

Host: express-resources.dhl.com
URL: https://express-resources.dhl.com/rs/078-ERT-522/images/dhl_style.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07ddea756916f790a3815007ea5b8e1aa1fdd93223e0905fbd7464d3d24f83de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://express-resources.dhl.com/
Origin: https://express-resources.dhl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Mar 2024 01:52:17 GMT
server: cloudflare
etag: W/"37a08cd-8344-612f4356a5d98"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=60
cf-ray: 863a80b4fa266964-FRA
expires: Wed, 13 Mar 2024 08:03:36 GMT

GET
H2 200 getForm Show response
express-resources.dhl.com/index.php/form/ 11 KB
3 KB 108ms
108ms XHR
application/javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://express-resources.dhl.com/index.php/form/getForm?munchkinId=078-ERT-522&form=1710
Requested by: Host: express-resources.dhl.com
URL: https://express-resources.dhl.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df45147182b7bd69a03f4de8dee25ebf443d08268b9e1961ae72dcec76f6a7e4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:36 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 863a80b47c0e3688-FRA
cached: true
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 IFMp-zi_nGc Show response
www.youtube.com/embed/ Frame D108 91 KB
39 KB 129ms
74ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/IFMp-zi_nGc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3c7bf000842d5ddc6cb4a69ba851cf1145f4c9c464d014b72788486fa0c69e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://express-resources.dhl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 08:02:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 35ms
35ms Script
application/x-javascript 23.192.243.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net//munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.243.198 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-243-198.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 13 Mar 2024 08:02:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Fri, 21 Jun 2024 08:02:36 GMT

GET
H2 200 forms2.css
express-resources.dhl.com/js/forms2/css/ 13 KB
3 KB 75ms
75ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://express-resources.dhl.com/js/forms2/css/forms2.css

Requested by

Host: express-resources.dhl.com
URL: https://express-resources.dhl.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 05 Mar 2024 19:24:48 GMT
server: cloudflare
etag: "360a2d-3437-612eecb9f6000"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 863a80b52cc33688-FRA
content-length: 2623
expires: Wed, 13 Mar 2024 12:02:37 GMT

GET
H2 200 forms2-theme-simple.css
express-resources.dhl.com/js/forms2/css/ 826 B
337 B 76ms
75ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://express-resources.dhl.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: express-resources.dhl.com
URL: https://express-resources.dhl.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 05 Mar 2024 19:24:48 GMT
server: cloudflare
etag: "360a2f-33a-612eecb9f6000"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 863a80b52cc53688-FRA
content-length: 242
expires: Wed, 13 Mar 2024 12:02:37 GMT

POST
H/1.1 200
OK visitWebPage
078-ert-522.mktoresp.com/webevents/ 2 B
318 B 136ms
32ms Ping
text/plain 130.248.173.59
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://078-ert-522.mktoresp.com/webevents/visitWebPage?_mchNc=1710316956999&_mchCn=email-preferences&_mchId=078-ERT-522&_mchTk=_mch-dhl.com-1710316956999-31589&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU&_mchWs=j0hRctjP&_mchHo=express-resources.dhl.com&_mchPo=&_mchRu=%2Femail-preferences.html&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fexpress2.dhl.com%2F&_mchQp=mkt_unsubscribe%3D1__-__Unsubscribed%3D1__-__mkt_tok%3DMDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.248.173.59 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 13 Mar 2024 08:02:37 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: d456a5c5-7a25-4416-90e3-60c15509af9d

GET
H2 200 www-player.css
www.youtube.com/s/player/704f0391/ Frame D108 370 KB
47 KB 23ms
23ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/704f0391/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IFMp-zi_nGc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8e5652e2e352cf03a24ae72ef43118cf6fdc65047dc8438b19768e0cafb297f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IFMp-zi_nGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 03:23:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47944
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 04:21:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Mar 2025 03:23:13 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D108 15 KB
16 KB 77ms
24ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IFMp-zi_nGc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 21:26:23 GMT
x-content-type-options: nosniff
age: 124574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 21:26:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D108 15 KB
15 KB 82ms
30ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IFMp-zi_nGc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 09:11:37 GMT
x-content-type-options: nosniff
age: 82260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 09:11:37 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/704f0391/player_ias.vflset/de_DE/ Frame D108 57 KB
18 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/704f0391/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IFMp-zi_nGc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

124fdecbfa9b9b8af618f1b02a392de88b9f6d8e3cbf13a0aa28cd837521390c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IFMp-zi_nGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 07:22:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18071
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 04:21:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Mar 2025 07:22:44 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/704f0391/www-embed-player.vflset/ Frame D108 319 KB
95 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/704f0391/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IFMp-zi_nGc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edd9c924156589464a6d67d8255a3c8dfa1b3aa63ae938daab172f5dfd35735c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IFMp-zi_nGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 07:50:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 719
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97434
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 04:21:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Mar 2025 07:50:38 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/704f0391/player_ias.vflset/de_DE/ Frame D108 2 MB
781 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/704f0391/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IFMp-zi_nGc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4ee493d8299deb392ae6f809a4a981634ad5db111a0cd10bc745d6620186048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IFMp-zi_nGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 07:20:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 799328
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 04:21:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Mar 2025 07:20:43 GMT

GET
H2 404 dhl_down_arrow.png
express-resource.dhl.com/rs/903-EZK-832/images/images/ 0
0 374ms
323ms Image
text/html 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://express-resource.dhl.com/rs/903-EZK-832/images/images/dhl_down_arrow.png
Requested by: Host: express-resources.dhl.com
URL: https://express-resources.dhl.com/rs/078-ERT-522/images/dhl_style.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 82ms
30ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=captchaCallback

Requested by

Host: express-resources.dhl.com
URL: https://express-resources.dhl.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

16644fafcc07bab6a94419041cec5d961f2268f922b827fc6c0a05652a7f7b60

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://express-resources.dhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 13 Mar 2024 08:02:37 GMT

GET
H3 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 77ms
30ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://express-resources.dhl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752
age: 29349
cdn-cachedat: 10/31/2023 19:08:24
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 84f6de2b3a4dd4511475e186ca0cc71e
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 863a80b6199b5c80-FRA
cdn-requestpullsuccess: True

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame D108
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

33ms
33ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IFMp-zi_nGc

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4138a89ea96151898ebb4f9b9c52f356cb7e859862579c41dcb6fb54665ea63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 13 Mar 2024 08:02:37 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D108 29 B
495 B 72ms
21ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/704f0391/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 07:52:39 GMT
x-content-type-options: nosniff
age: 598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Mar 2024 08:07:39 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 84ms
31ms Preflight
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 13 Mar 2024 08:02:37 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D108 88 KB
41 KB 40ms
40ms XHR
application/json+protobuf 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/704f0391/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c1d32941ba5ba311050b5b0eeb338ee064f9b1a6928b7caa86277c6e71b3f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 13 Mar 2024 08:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41855
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/704f0391/player_ias.vflset/de_DE/ Frame D108 118 KB
33 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/704f0391/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/704f0391/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f123a87b6a0d2b7dd3fbf96b12a147dd96eeb0101e7a15279d109bb00c0b458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IFMp-zi_nGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 07:20:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34000
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 04:21:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Mar 2025 07:20:45 GMT

GET
H2 200 eKoYoTZeWyOvXhp0A93-wqJyHZ2R82AeO30zld14Z3M.js Show response
www.google.com/js/th/ Frame D108 51 KB
20 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/eKoYoTZeWyOvXhp0A93-wqJyHZ2R82AeO30zld14Z3M.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/704f0391/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78aa18a1365e5b23af5e1a7403ddfec2a2721d9d91f3601e3b7d3395dd786773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 23:10:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20316
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Mar 2025 23:10:17 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/IFMp-zi_nGc/ Frame D108 5 KB
5 KB 79ms
24ms Image
image/jpeg 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/IFMp-zi_nGc/default.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IFMp-zi_nGc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

365a699eb7b252b0d63bab4ca0acdf44a33b5df5ecc99d53662f2ed258e33bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 06:44:27 GMT
x-content-type-options: nosniff
age: 4690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4624
x-xss-protection: 0
server: sffe
etag: "1606293774"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 13 Mar 2024 08:44:27 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ 494 KB
197 KB 77ms
23ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaCallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://express-resources.dhl.com/
Origin: https://express-resources.dhl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 07:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200579
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 07:25:58 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame D108 0
10 B 26ms
25ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?9u0Z6w
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/IFMp-zi_nGc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IFMp-zi_nGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D108 4 KB
2 KB 140ms
91ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/704f0391/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Mar 2024 08:02:37 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 31ms
30ms Preflight
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 13 Mar 2024 08:02:37 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D108 90 B
134 B 35ms
34ms XHR
application/json+protobuf 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/704f0391/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7fadd13d20e146be6b7ba067a77a974abfcd7098df041e7c71d3c79c028bde86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 13 Mar 2024 08:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame FDD3 45 KB
28 KB 45ms
45ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezzO0jAAAAABoxalLJO3jIJTnJUFi8nQZO-LH4&co=aHR0cHM6Ly9leHByZXNzLXJlc291cmNlcy5kaGwuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=luhrfqboyst7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6915dc65da6f2438ce1a4c9c66bcb8403497cf8e6bc55433485fae67a86d3477

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4utzLzYITQ-ImqIzLIQccQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://express-resources.dhl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4utzLzYITQ-ImqIzLIQccQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 08:02:37 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/122/ Frame D108 50 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/122/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 12:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14711
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 16:03:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 13 Mar 2024 12:09:12 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame FDD3 55 KB
24 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezzO0jAAAAABoxalLJO3jIJTnJUFi8nQZO-LH4&co=aHR0cHM6Ly9leHByZXNzLXJlc291cmNlcy5kaGwuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=luhrfqboyst7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 07:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 07:27:11 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame FDD3 494 KB
196 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 07:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200579
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 07:25:58 GMT

GET
H3 200 v77SiQbcxtK1O5ek11TdloiB5zZ00UAxE3PsP-319e4.js Show response
www.google.com/js/bg/ Frame FDD3 17 KB
7 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/v77SiQbcxtK1O5ek11TdloiB5zZ00UAxE3PsP-319e4.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfbed28906dcc6d2b53b97a4d754dd968881e73674d140311373ec3fedf5f5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezzO0jAAAAABoxalLJO3jIJTnJUFi8nQZO-LH4&co=aHR0cHM6Ly9leHByZXNzLXJlc291cmNlcy5kaGwuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=luhrfqboyst7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 10:09:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 251569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7341
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Mar 2025 10:09:48 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame FDD3 2 KB
2 KB 23ms
23ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 03:45:28 GMT
x-content-type-options: nosniff
age: 101829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 19 Mar 2024 03:45:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FDD3 15 KB
15 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 21:26:23 GMT
x-content-type-options: nosniff
age: 124574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 21:26:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FDD3 15 KB
15 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 09:11:37 GMT
x-content-type-options: nosniff
age: 82260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 09:11:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame FDD3 102 B
134 B 33ms
33ms Other
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezzO0jAAAAABoxalLJO3jIJTnJUFi8nQZO-LH4&co=aHR0cHM6Ly9leHByZXNzLXJlc291cmNlcy5kaGwuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=luhrfqboyst7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 13 Mar 2024 08:02:37 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame D108 28 B
50 B 36ms
35ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/704f0391/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
X-Goog-Request-Time: 1710316959233
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/IFMp-zi_nGc
X-YouTube-Client-Version: 1.20240310.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtEODBrT0pkVUIyNCicu8WvBjIKCgJERRIEEgAgOQ%3D%3D
X-YouTube-Ad-Signals: dt=1710316957089&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 13 Mar 2024 08:02:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.express2.dhl.com/	1970-01-20 19:05:18	Name: __cf_bm Value: hVQd848a1TcGv0_yNad57cd8a5hi03pdr1q.dfXS20M-1710316956-1.0.1.1-ZlO6sKUNwQH.LpnLpWHYnhzRYk7Y2b16gi1nnQqhFuQGgAooIcVRno4GBjJj0QkAXjdRR3dh7fdVXodWYPcczA
express-resources.dhl.com/	1969-12-31 23:59:59	Name: BIGipServernld102web-nginx-app_https Value: !4w5m4KPkNZyVrNlrOLKyik1ZTDsaNhXO1ry32LNfypP8ZCypl5xD108ZUG3P2c6c5k6lONu14CDi3g==
.express-resources.dhl.com/	1970-01-20 19:05:18	Name: __cf_bm Value: GFLQfZxEtJSEyLZAbJOdLFg_E5BfAbxWH5HTpl.ODrk-1710316956-1.0.1.1-rqzdg.utwQti3KxiT72BTl620b51DTMvHnBPXWhKMGXjrSGQPI4qIYKpIEYVYBClwB5xLinK4KY4_eSdYl2i2g
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: a3FfwXjX2tk
.youtube.com/	1970-01-20 23:24:28	Name: VISITOR_INFO1_LIVE Value: D80kOJdUB24
.youtube.com/	1970-01-20 23:24:28	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgOQ%3D%3D
.dhl.com/	1970-01-21 04:41:16	Name: _mkto_trk Value: id:078-ERT-522&token:_mch-dhl.com-1710316956999-31589
.express-resource.dhl.com/	1970-01-20 19:05:18	Name: __cf_bm Value: EBf88P3l810twLI.dmCdapIg5N4CnMLY8WUtjCoioGQ-1710316957-1.0.1.1-Mpwc8Kfn.uRJswRC3x2N4501f1WgkIgoPUOx0HMZuyCU9nx_AT9HsHFgzLL0apjryiZLXzxgucR70FOdB_6N.g

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1&mkt_tok=MDc4LUVSVC01MjIAAAGRsVp8aKXMka4425L6YrUSnQM6I2PF4T9STSlJKj6k_9KOJsCfYoR9hTbxCtJ_5ez7peF7GrhvdN7rV8njJ_JsGkLUNk_0n0YiUVFKXoRSlcdMwxU Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://express-resource.dhl.com/rs/903-EZK-832/images/images/dhl_down_arrow.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://express-resources.dhl.com/email-preferences.html?mkt_unsubscribe=1&Unsubscribed=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-mFryC8AZD5ZGbjyqJ3yHBaMwgMeoI63czgtF9ssEAIM=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

078-ert-522.mktoresp.com
ajax.googleapis.com
express-resource.dhl.com
express-resources.dhl.com
express2.dhl.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
munchkin.marketo.net
stackpath.bootstrapcdn.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
104.17.70.206
104.17.72.206
104.17.73.206
130.248.173.59
23.192.243.198
2606:4700::6812:acf
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:810::200a
2a00:1450:4001:812::200a
2a00:1450:4001:812::2016
2a00:1450:4001:81c::2003
2a00:1450:4001:828::2006
2a00:1450:4001:82b::2002
02be04536f6cd17c99d78bbc4f18316f0cfac86631d6d5c34ce3b70bd9ed294a
07ddea756916f790a3815007ea5b8e1aa1fdd93223e0905fbd7464d3d24f83de
124fdecbfa9b9b8af618f1b02a392de88b9f6d8e3cbf13a0aa28cd837521390c
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
16644fafcc07bab6a94419041cec5d961f2268f922b827fc6c0a05652a7f7b60
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e0436271277e8cd5cf1b3100ef000212ea780faca01fe0f5cfa9af929f52e07
252a00cc37c5625a9079caa25891b1e36ff3120c959264c8b4866bc6805180b7
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c1d32941ba5ba311050b5b0eeb338ee064f9b1a6928b7caa86277c6e71b3f05
352b87fea22079fd40b275e2deecacf4e4c0fccb0222e314396709242a4a1c62
365a699eb7b252b0d63bab4ca0acdf44a33b5df5ecc99d53662f2ed258e33bc8
3c7bf000842d5ddc6cb4a69ba851cf1145f4c9c464d014b72788486fa0c69e68
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5379176344e102bc7df2da1bf38bcb36361130664c6a61aad6389ab689228645
5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3
55adacc08f94d8d4e68e5798717f74c088cf392b0568adc70f7917a3a6fa338f
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6915dc65da6f2438ce1a4c9c66bcb8403497cf8e6bc55433485fae67a86d3477
6b3175f84a6bc69cdbd5210f5802166562b517d95a37cb02627f097582158bc4
6f123a87b6a0d2b7dd3fbf96b12a147dd96eeb0101e7a15279d109bb00c0b458
6fe06921b3331aa3a2caad4559d7ebfa772e9aba0a07d695ddf405f2b7dfba77
765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78aa18a1365e5b23af5e1a7403ddfec2a2721d9d91f3601e3b7d3395dd786773
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b9c31e73dec637da27639d3cc4591ac61c3bcf7ea84154de2d9acb7dafd88f3
7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e
7fadd13d20e146be6b7ba067a77a974abfcd7098df041e7c71d3c79c028bde86
85b11a47bd23c1584542dbff49f540b7ec34fedbc2f7756bea1d27d16b392e9b
a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687
ab01abb389869def1527cf1a822db3aeade675563aded76dbd14fc1f48afda2c
b4ee493d8299deb392ae6f809a4a981634ad5db111a0cd10bc745d6620186048
b9649e0e9e5790f8d6b5e69aa4ff9969e8f7d72a84f8501ff9379078005124d8
bfbed28906dcc6d2b53b97a4d754dd968881e73674d140311373ec3fedf5f5ee
c33b869dc23ad7036027fc60a164aa72f433f94d9d8fbdc4a6db0a47afcb6677
d4138a89ea96151898ebb4f9b9c52f356cb7e859862579c41dcb6fb54665ea63
d441841b904d5b5656e572b7cb8b8598e0a2606099a8a066f38f533d2b626fda
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d846373cfe0dad02c6afd697d63ace1843dd9d662c93755eec5da17a4034ec39
df45147182b7bd69a03f4de8dee25ebf443d08268b9e1961ae72dcec76f6a7e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edd9c924156589464a6d67d8255a3c8dfa1b3aa63ae938daab172f5dfd35735c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
f8e5652e2e352cf03a24ae72ef43118cf6fdc65047dc8438b19768e0cafb297f

express-resources.dhl.com Open in urlscan Pro 104.17.73.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

98 %HTTPS

67 %IPv6

10 Domains

15 Subdomains

15 IPs

3 Countries

2248 kBTransfer

5704 kBSize

8 Cookies

12 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

express-resources.dhl.com Open in urlscan Pro
104.17.73.206 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

98 %
HTTPS

67 %
IPv6

10
Domains

15
Subdomains

15
IPs

3
Countries

2248 kB
Transfer

5704 kB
Size

8
Cookies

58 HTTP transactions
0 data transactions