dhl-news.com Open in urlscan Pro
104.16.209.86 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx
Submission: On November 19 via api (November 19th 2019, 5:50:31 pm UTC) from BE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 9 HTTP transactions. The main IP is 104.16.209.86, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is dhl-news.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 9th 2019. Valid for: a year.

This is the only time dhl-news.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	104.16.209.86 104.16.209.86	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
6	2606:4700::68... 2606:4700::6810:b798	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	54.85.173.31 54.85.173.31	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
9	3

2 104.16.209.86 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

dhl-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:b798 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

i.emlfiles4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.173.31 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-85-173-31.compute-1.amazonaws.com

pixel.monitor1.returnpath.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	emlfiles4.com i.emlfiles4.com	457 KB
2	dhl-news.com dhl-news.com	7 KB
1	returnpath.net pixel.monitor1.returnpath.net	108 B
9	3

	Domain	Requested by
6	i.emlfiles4.com	dhl-news.com
2	dhl-news.com	dhl-news.com
1	pixel.monitor1.returnpath.net	dhl-news.com
9	3

This site contains no links.

Subject Issuer	Validity	Valid
dhl-news.com CloudFlare Inc ECC CA-2	`2019-09-09` - `2020-09-08`	a year	crt.sh
i.emlfiles4.com CloudFlare Inc ECC CA-2	`2019-08-28` - `2020-08-27`	a year	crt.sh
pixel.monitor1.returnpath.net Amazon	`2019-11-06` - `2020-12-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx
Frame ID: C6D45731C0E0651B2F4E27B8DB6D6818
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

9
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

464 kB
Transfer

482 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request cr.aspx Show response dhl-news.com/627-6LCKH-C65Z8FQD3B/	26 KB 7 KB	266ms 216ms	Document text/html	104.16.209.86 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.209.86 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `1fa0c19aab88f7c1b4c1597016da7cd0bd70e94b3302b9f2283e6c89846a2843` Request headers :method GET :authority dhl-news.com :scheme https :path /627-6LCKH-C65Z8FQD3B/cr.aspx pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Sec-Fetch-User ?1 Response headers status 200 date Tue, 19 Nov 2019 17:50:14 GMT content-type text/html; charset=utf-8 content-length 6313 set-cookie __cfduid=db633d5e7516000470bcbc33bc53b96551574185814; expires=Wed, 18-Nov-20 17:50:14 GMT; path=/; domain=.dhl-news.com; HttpOnly cache-control private content-encoding gzip vary Accept-Encoding x-dm-activity-id cbf9a3e47bd14671acd3e41093f2df58 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5384067dea87642b-FRA
GET H2	200	s.gif i.emlfiles4.com/cmpimg/t/	43 B 509 B	75ms 28ms	Image image/gif	2606:4700::6810:b798 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://i.emlfiles4.com/cmpimg/t/s.gif Requested by Host: dhl-news.com URL: https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:b798 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b` Request headers Referer https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Tue, 19 Nov 2019 17:50:14 GMT cf-cache-status HIT last-modified Mon, 27 Oct 2014 09:21:49 GMT server cloudflare age 3554 etag "325472601571f31e1bf00674c368d335" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif status 200 x-amz-request-id F5356CDEE82180DD accept-ranges bytes cf-ray 5384067f9ff55970-VIE content-length 43 x-amz-id-2 osqV1419+bnaddenJv0AZ+EuwJXqXSNquMhVTUeTs8121OF1ZxL/Q7nRpiYi9/nP6j6IFLPkMyo=
GET H2	200	11033349_sinttestv2.png i.emlfiles4.com/cmpimg/5/5/8/7/files/	447 KB 448 KB	165ms 118ms	Image image/png	2606:4700::6810:b798 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://i.emlfiles4.com/cmpimg/5/5/8/7/files/11033349_sinttestv2.png Requested by Host: dhl-news.com URL: https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:b798 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `b654ea08a5d6e547a53f5ec32e506f2a0ac6689f1116496aa329599bbfd72ac8` Request headers Referer https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Tue, 19 Nov 2019 17:50:15 GMT cf-cache-status REVALIDATED last-modified Tue, 01 Oct 2019 07:03:03 GMT server cloudflare x-amz-request-id 9C00DFD480787DD5 etag "ad23b496c93fe3777de5d03e8bd00751" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 accept-ranges bytes cf-ray 5384067f9ff75970-VIE content-length 457777 x-amz-id-2 0LEU+Bko5avTjVySZaBLs5HGZev8KRDcak+rA6zphhn9q8T+tOqtGRU8E2uISsik8WUOWf6ULRE=
GET H2	200	facebook.png i.emlfiles4.com/cmpimg/sys/socnet/	1 KB 2 KB	79ms 33ms	Image image/png	2606:4700::6810:b798 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://i.emlfiles4.com/cmpimg/sys/socnet/facebook.png Requested by Host: dhl-news.com URL: https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:b798 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `07134251d4ed015574fbddb010c8c78535dc6656b6e78390c8e71120fb315b68` Request headers Referer https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Tue, 19 Nov 2019 17:50:14 GMT cf-cache-status HIT last-modified Tue, 28 Oct 2014 16:40:56 GMT server cloudflare age 5920 etag "56d9d7b82dc31f03373b5288b07e80e8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 x-amz-request-id 0B022CD6180A247F accept-ranges bytes cf-ray 5384067f9ff85970-VIE content-length 1465 x-amz-id-2 THjzYfq3H3bXPT273JTq+6xdpqj8xENZzH+WCi3GfU1wx7ErCybSvESPpxGC/TTKa0Vy5C51dTY=
GET H2	200	linkedin2.png i.emlfiles4.com/cmpimg/sys/socnet/	2 KB 2 KB	78ms 33ms	Image image/png	2606:4700::6810:b798 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://i.emlfiles4.com/cmpimg/sys/socnet/linkedin2.png Requested by Host: dhl-news.com URL: https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:b798 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `7bf8f3cf854fe1843e28747dca273102200ed467b53e58adc3f47c5ab0736ba3` Request headers Referer https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Tue, 19 Nov 2019 17:50:14 GMT cf-cache-status HIT last-modified Fri, 14 Nov 2014 11:21:54 GMT server cloudflare age 6719 etag "e00d174bff89a34582a22c73a80baba6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 x-amz-request-id CC55879C3B490150 accept-ranges bytes cf-ray 5384067f9ff95970-VIE content-length 1631 x-amz-id-2 UK5ffFbN1C3Kvo+9rdGEl509YBstgVU8CrgmiL8RbruMj/WsF2iLGYnHEMDUFYEQwfGwXDrA13w=
GET H2	200	instagram.png i.emlfiles4.com/cmpimg/sys/socnet/	2 KB 3 KB	75ms 30ms	Image image/png	2606:4700::6810:b798 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://i.emlfiles4.com/cmpimg/sys/socnet/instagram.png Requested by Host: dhl-news.com URL: https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:b798 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `7453c6539653757c1fbc9b3784de739b0f8a94937ac861aabcbf69e4918f72e3` Request headers Referer https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Tue, 19 Nov 2019 17:50:14 GMT cf-cache-status HIT last-modified Wed, 25 May 2016 08:24:25 GMT server cloudflare age 3761 etag "30f9e6720e269724988903513ac17b6c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 x-amz-request-id 3BCD2BC506C5E0CE accept-ranges bytes cf-ray 5384067f9ffa5970-VIE content-length 2423 x-amz-id-2 vqz0wn1+ryQVCcpM3xzYOdcgqQd1cQ55WpGumASw+xgfSZwHMznUkBQsfgspLllD+KI5VQpDWuY=
GET H2	200	4399136_redarrow.png i.emlfiles4.com/cmpimg/5/2/1/1/4/files/	3 KB 3 KB	96ms 51ms	Image image/png	2606:4700::6810:b798 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://i.emlfiles4.com/cmpimg/5/2/1/1/4/files/4399136_redarrow.png Requested by Host: dhl-news.com URL: https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:b798 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `00e4fa23e86b170fb009bef6f0fdb70064cd29ca17fd8595da986dd5d640e0fa` Request headers Referer https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Tue, 19 Nov 2019 17:50:15 GMT cf-cache-status HIT last-modified Tue, 25 Feb 2014 13:44:21 GMT server cloudflare x-amz-request-id 01EC3597EA17C9D0 etag "b7d51ece1c0df09e920b4b2b3e5d7be9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 accept-ranges bytes cf-ray 5384067f9ffb5970-VIE content-length 2880 x-amz-id-2 GCVfaR9OqSu4vyV3TyG8G7KDDF05Q+AlUUdBWT2zzAsUaNjW/R1lTislj5vf+MHSNXV320DMNcY=
GET H2	200	pixel.gif pixel.monitor1.returnpath.net/	43 B 108 B	269ms 87ms	Image image/gif	54.85.173.31 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.monitor1.returnpath.net/pixel.gif?r=3133ce0cebc58decf13461106a9914a87a89538b Requested by Host: dhl-news.com URL: https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.85.173.31 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-85-173-31.compute-1.amazonaws.com Software / Resource Hash `b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b` Request headers Referer https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers status 200 date Tue, 19 Nov 2019 17:50:15 GMT content-length 43 content-type image/gif
GET H2	200	o.gif dhl-news.com/627-6LCKH-5Z8FQD/	43 B 169 B	103ms 103ms	Image image/gif	104.16.209.86 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://dhl-news.com/627-6LCKH-5Z8FQD/o.gif Requested by Host: dhl-news.com URL: https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.209.86 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7` Request headers Referer https://dhl-news.com/627-6LCKH-C65Z8FQD3B/cr.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Tue, 19 Nov 2019 17:50:15 GMT cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif status 200 cache-control private accept-ranges bytes cf-ray 5384067f4bfa642b-FRA content-length 43 x-dm-activity-id 2fdb50c4032246989ff6dc09a433ccc1

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dhl-news.com/	1970-01-19 14:02:01	Name: __cfduid Value: db633d5e7516000470bcbc33bc53b96551574185814

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dhl-news.com
i.emlfiles4.com
pixel.monitor1.returnpath.net
104.16.209.86
2606:4700::6810:b798
54.85.173.31
00e4fa23e86b170fb009bef6f0fdb70064cd29ca17fd8595da986dd5d640e0fa
07134251d4ed015574fbddb010c8c78535dc6656b6e78390c8e71120fb315b68
1fa0c19aab88f7c1b4c1597016da7cd0bd70e94b3302b9f2283e6c89846a2843
7453c6539653757c1fbc9b3784de739b0f8a94937ac861aabcbf69e4918f72e3
7bf8f3cf854fe1843e28747dca273102200ed467b53e58adc3f47c5ab0736ba3
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b654ea08a5d6e547a53f5ec32e506f2a0ac6689f1116496aa329599bbfd72ac8

dhl-news.com Open in urlscan Pro 104.16.209.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

464 kBTransfer

482 kBSize

1 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

dhl-news.com Open in urlscan Pro
104.16.209.86 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

464 kB
Transfer

482 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions