dhl-de.ds3ds.icu Open in urlscan Pro
2606:4700:3035::ac43:8643 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dhl-de.ds3ds.icu/201429238/
Submission: On August 16 via api (August 16th 2022, 9:02:00 pm UTC) from IE — Scanned from DE

Summary HTTP 18 Redirects Links 85 Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3035::ac43:8643, located in United States and belongs to CLOUDFLARENET, US. The main domain is dhl-de.ds3ds.icu.
TLS certificate: Issued by E1 on June 28th 2022. Valid for: 3 months.

This is the only time dhl-de.ds3ds.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3035::ac43:8643	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.208.240.231 23.208.240.231	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:41d0:1:1... 2001:41d0:1:1b00:213:186:33:18	16276 (OVH) (OVH)
1	91.225.160.17 91.225.160.17	56400 (ASSPDCHER...) (ASSPDCHERNEGA ---DataIX---)
18	5

13 2606:4700:3035::ac43:8643 (United States)

ASN13335 (CLOUDFLARENET, US)

dhl-de.ds3ds.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.208.240.231 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-240-231.deploy.static.akamaitechnologies.com

www.dhl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:1:1b00:213:186:33:18 (France)

ASN16276 (OVH, FR)

www.openpricer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.225.160.17 (Odessa, Ukraine)

ASN56400 (ASSPDCHERNEGA ---DataIX---, UA)

flycom.net.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	ds3ds.icu dhl-de.ds3ds.icu	47 KB
2	dhl.com www.dhl.com — Cisco Umbrella Rank: 29870 Failed
1	flycom.net.ua flycom.net.ua	155 KB
1	openpricer.com www.openpricer.com	55 KB
18	4

	Domain	Requested by
13	dhl-de.ds3ds.icu	dhl-de.ds3ds.icu
2	www.dhl.com	dhl-de.ds3ds.icu
1	flycom.net.ua	dhl-de.ds3ds.icu
1	www.openpricer.com	dhl-de.ds3ds.icu
18	4

This site contains links to these domains. Also see Links.

Domain
www.dhl.de
www.dhl.com
www.dpdhl.de
www.deutschepost.de

Subject Issuer	Validity	Valid
*.ds3ds.icu E1	`2022-06-28` - `2022-09-26`	3 months	crt.sh
www.dhl.com DPDHL Global TLS CA - I5	`2022-05-10` - `2023-05-10`	a year	crt.sh
projectsend.openpricer.com R3	`2022-06-02` - `2022-08-31`	3 months	crt.sh
flycom.net.ua R3	`2022-08-11` - `2022-11-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://dhl-de.ds3ds.icu/201429238/
Frame ID: 32F778F1AFA85C33B4CB7F1E1E35CB6A
Requests: 10 HTTP requests in this frame

Frame: https://dhl-de.ds3ds.icu/supportChatFrame/201429238
Frame ID: C8879265C7AA8C44FA9997D2F7D417F6
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DHL Privatkunden - Paketversand und Paketempfang mit DHL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/clientlibs/

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

18
Requests

94 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

4
Countries

256 kB
Transfer

449 kB
Size

1
Cookies

85 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dhl.de/coronavirus
Title: Aktuelle Hinweise zum Coronavirus

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/geschaeftskunden.html
Title: Geschäftskunden

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/kundenkonto/registrierung.html
Title: Sie haben noch kein DHL Kundenkonto? Jetzt kostenlos registrieren

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/online-frankieren.html
Title: Online Frankierung

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/online-frankieren.html?type=AddressBook
Title: Adressbuch

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/online-frankieren.html?type=ShoppingCartHistory
Title: Letzte Käufe

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/online-frankieren.html?type=CouponOverview
Title: Meine Coupon-Codes

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/anmelden/bonusprogramm.html
Title: Bonuspunkte

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/kundenkonto/meine-daten.html
Title: Meine Daten & Services

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden.html
Title: Pakete versenden

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/online-frankieren/versandmarke-kaufen.html
Title: Versandmarke kaufen

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/online-frankieren/sparsets-kaufen.html
Title: Sparsets kaufen

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/online-frankieren/abholung-buchen.html
Title: Abholung buchen

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/online-frankieren/so-funktioniert-es.html
Title: So funktioniert es

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/deutschlandweit-versenden.html
Title: Deutschlandweit versenden

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/deutschlandweit-versenden/preise-national.html
Title: Preisübersicht national

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/deutschlandweit-versenden/paeckchen.html
Title: Päckchen

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/deutschlandweit-versenden/paket.html
Title: Paket

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/deutschlandweit-versenden/express-easy.html
Title: ExpressEasy

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/weltweit-versenden.html
Title: Weltweit versenden

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/weltweit-versenden/preise-international.html
Title: Preisübersicht international

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/weltweit-versenden/paeckchen.html
Title: Päckchen

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/weltweit-versenden/paket.html
Title: Paket

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/weltweit-versenden/express-easy.html
Title: ExpressEasy

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/pakete-abgeben.html
Title: Pakete abgeben

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/pakete-abgeben/standorte-finden.html
Title: Standorte finden

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/pakete-abgeben/pakete-abholen-lassen.html
Title: Pakete abholen lassen

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/pakete-abgeben/pakete-zusteller-mitgeben.html
Title: Paketmitnahme

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-versenden/pakete-abgeben/verpacken.html
Title: Richtig verpacken

Search URL Search Domain Scan URL

URL: https://www.dhl.de/en/privatkunden.html
Title: en

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-empfangen.html
Title: Pakete empfangen

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-empfangen/sendungen-verfolgen.html
Title: Sendungen verfolgen

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-empfangen/sendungen-verfolgen/paketankuendigung.html
Title: Paketankündigung

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-empfangen/sendungen-verfolgen/zustellbenachrichtigung.html
Title: Zustellbenachrichtigung

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-empfangen/sendungen-verfolgen/live-tracking.html
Title: Live-Tracking

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-empfangen/pakete-zuhause-empfangen.html
Title: Zu Hause empfangen

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-empfangen/pakete-zuhause-empfangen/ablageort.html
Title: Ablageort

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-empfangen/pakete-zuhause-empfangen/nachbar.html
Title: Nachbar

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-empfangen/pakete-zuhause-empfangen/liefertag.html
Title: Liefertag

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-empfangen/an-einem-abholort-empfangen.html
Title: An einen Abholort liefern

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-empfangen/an-einem-abholort-empfangen/packstation-empfang.html
Title: DHL Packstation

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-empfangen/an-einem-abholort-empfangen/filiale-empfang.html
Title: Filialen/Paketshops

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-empfangen/an-einem-abholort-empfangen/paketumleitung.html
Title: Pakete umleiten

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-empfangen/express-sendung-empfangen.html
Title: Express-Sendungen

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-empfangen/express-sendung-empfangen/express-sendung-umleiten.html
Title: Vor der Zustellung umleiten

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-empfangen/express-sendung-empfangen/express-sendung-verpasst.html
Title: Sendung verpasst

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/pakete-empfangen/express-sendung-empfangen/faq.html
Title: FAQ Zollpflichtige Sendungen

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice.html
Title: Hilfe und Kontakt

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice/sendungsverfolgung.html
Title: Hilfe rund um mein Paket

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice/sendungsverfolgung/was-bedeutet-mein-sendungsstatus.html
Title: Bedeutung des Sendungsstatus

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice/sendungsverfolgung/paketankuendigung.html
Title: Paketankündigung

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice/sendungsverfolgung/hilfe-zur-paketumleitung.html
Title: Paketumleitung

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice/sendungsverfolgung/zoll.html
Title: Zoll und Einfuhr

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice/sendungsverfolgung/probleme-loesungen.html
Title: Weitere Fragen

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice/empfangen.html
Title: Hilfe zum Paketempfang

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice/empfangen/ablageort-nachbar.html
Title: Ablageort & Nachbar

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice/empfangen/liefertag.html
Title: Liefertag

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice/empfangen/packstation.html
Title: Packstation

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice/empfangen/filiale-direkt.html
Title: Filiale

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice/empfangen/hilfe-ablageort-ohne-klingeln.html
Title: Ablageort ohne Klingel

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice/versenden.html
Title: Hilfe zum Versand

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice/versenden/preise-produkte.html
Title: Preise & Produkte

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice/versenden/of-bezahlung.html
Title: Online frankieren & bezahlen

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice/versenden/standorte.html
Title: DHL Standorte

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice/versenden/packstation.html
Title: Packstation

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/hilfe-kundenservice/uebersicht-zu-den-hilfethemen.html
Title: Übersicht über alle Hilfethemen

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/anmelden.html
Title: DHL Kundenkonto

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/privatkunden/kampagnenseiten/dhl-app.html
Title: Post & DHL App

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/geschaeftskunden/paket.html
Title: Paket

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/geschaeftskunden/express.html
Title: Express

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/geschaeftskunden/logistik.html
Title: Logistik

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/geschaeftskunden/kontakt.html
Title: Kontakt

Search URL Search Domain Scan URL

URL: https://www.dhl.de/dhl-geschaeftskunde-werden
Title: Kunde werden

Search URL Search Domain Scan URL

URL: http://www.dhl.com/
Title: DHL.com

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/geschaeftskunden/ueber-uns.html
Title: Über uns

Search URL Search Domain Scan URL

URL: http://www.dpdhl.de/
Title: Deutsche Post DHL Group

Search URL Search Domain Scan URL

URL: http://www.dpdhl.de/karriere
Title: Karriere

Search URL Search Domain Scan URL

URL: http://www.dpdhl.de/presse
Title: Presse

Search URL Search Domain Scan URL

URL: http://www.dpdhl.de/investoren
Title: Investoren

Search URL Search Domain Scan URL

URL: https://www.deutschepost.de/de/n/nachhaltigkeit.html
Title: Nachhaltigkeit

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/toolbar/footer/sicherheitshinweise.html
Title: Sicherheitshinweise

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/toolbar/footer/impressum/impressum_dhlpaket.html
Title: Impressum

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/toolbar/footer/agb.html
Title: AGB

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/toolbar/footer/rechtliche-hinweise.html
Title: Rechtliche Hinweise

Search URL Search Domain Scan URL

URL: https://www.dhl.de/de/toolbar/footer/datenschutz.html
Title: Datenschutz

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
dhl-de.ds3ds.icu/201429238/ 102 KB
14 KB 258ms
156ms Document
text/html 2606:4700:3035::ac43:8643
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dhl-de.ds3ds.icu/201429238/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8643 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5e5f1e41bf4cc887bc7e28c19a42c674604111b17181c4d8186a8faa2c11b8d2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73bd1ba72aa09bb9-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 16 Aug 2022 21:01:55 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHKdtAiVcvOvr1yz5bzzMmf3wbSnomLhfkg2XMRK8KHRqyJaWxn8xkU9peB5g4M8Y00XoIh8%2BLqVgs%2BIf7Nz6FTJh77okRiPMhlNGuqsbQwdxnNaggHezj2zb7KWugxnW51PrGQRH0MsGQ7x3lFo"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

GET bundle.da701d0ef3398103c6aa5536223a76cc.css
www.dhl.com/etc/clientlibs/dhl/clientlib-all/css/ 0
0

GET
H2 404 bundle-utapi.da701d0ef3398103c6aa5536223a76cc.css
www.dhl.com/etc/clientlibs/dhl/clientlib-all/css/ 0
0 491ms
146ms Stylesheet
text/html 23.208.240.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dhl.com/etc/clientlibs/dhl/clientlib-all/css/bundle-utapi.da701d0ef3398103c6aa5536223a76cc.css
Requested by: Host: dhl-de.ds3ds.icu
URL: https://dhl-de.ds3ds.icu/201429238/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.208.240.231 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-208-240-231.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dhl-de.ds3ds.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 404 dhl-image-8.svg
dhl-de.ds3ds.icu/js/61615221/service/ 174 B
174 B 86ms
79ms Image
text/html 2606:4700:3035::ac43:8643
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dhl-de.ds3ds.icu/js/61615221/service/dhl-image-8.svg

Requested by

Host: dhl-de.ds3ds.icu
URL: https://dhl-de.ds3ds.icu/201429238/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:8643 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

206086d07b4dc289c20e447cadf3023b6f7f8221552cc412079c136cafae7989

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dhl-de.ds3ds.icu/201429238/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 21:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4I3FZ%2F%2FNtywM3skiXreSDahn3rrwKSxtoRo%2BZTUhBo%2B2J5rgAY4E%2BuidCwR6%2FQwMgWonz%2FzfRojT3%2B3CwthaR6uh2ZNKhUvkfwVDiONU8IwhvroCluT%2B3ZPYBbvH5fRumMwSlmuDFlsmcUOxfNuk"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
content-security-policy: default-src 'none'
cf-ray: 73bd1bac49ae9bb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 dhl.jpg
www.openpricer.com/wp-content/uploads/2012/11/ 55 KB
55 KB 229ms
49ms Image
image/jpeg 2001:41d0:1:1b00:213:186:33:18
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.openpricer.com/wp-content/uploads/2012/11/dhl.jpg
Requested by: Host: dhl-de.ds3ds.icu
URL: https://dhl-de.ds3ds.icu/201429238/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:18 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 9e7daf828ab92681934468b4d7fe32b16686b819f7d79079dd55b6b969541c93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dhl-de.ds3ds.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 21:01:56 GMT
last-modified: Fri, 06 Mar 2020 16:12:11 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=900
accept-ranges: bytes
content-length: 55983
expires: Tue, 16 Aug 2022 21:16:56 GMT

GET
H2 404 dhl-image-5.svg
dhl-de.ds3ds.icu/js/61615221/service/ 174 B
174 B 86ms
81ms Image
text/html 2606:4700:3035::ac43:8643
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dhl-de.ds3ds.icu/js/61615221/service/dhl-image-5.svg

Requested by

Host: dhl-de.ds3ds.icu
URL: https://dhl-de.ds3ds.icu/201429238/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:8643 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

88c60a608841ea054b0d785fc9fbb70ba73a13c0fc7e8b44ef286ef2d1c3f2d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dhl-de.ds3ds.icu/201429238/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 21:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSrZjWSASxOcgK4F5WTvvd9wWf7vWwgQSK%2BRH1FO%2FkldaMkvZwKyTCLiDhsI7hrbT2HyupqYbHI%2FnkjdR%2FxBFBSPp1nAFlCnbbNL8xA7AG3%2B%2FLaenNANnUc%2BDWlkZpocm%2FPubMQ68XqE6Cy10i3n"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
content-security-policy: default-src 'none'
cf-ray: 73bd1bac49b39bb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 404 dhl-image-7.svg
dhl-de.ds3ds.icu/js/61615221/service/ 174 B
174 B 115ms
111ms Image
text/html 2606:4700:3035::ac43:8643
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dhl-de.ds3ds.icu/js/61615221/service/dhl-image-7.svg

Requested by

Host: dhl-de.ds3ds.icu
URL: https://dhl-de.ds3ds.icu/201429238/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:8643 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c57c6cbc3ec9b40aa46591db113e45c0c224d4af96a3bd017b2323b47793910d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dhl-de.ds3ds.icu/201429238/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 21:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXM0o0D521suaLLVwGJholmvyRMbhSnudAi1q1w3rq%2FScULWu459whPyDxjy0C5f0sDe829IbzltPOF7FsdimN9AlbP5%2BIffIOgtWO0sFX9ZpWfCQDyrhLwFjGb4oTvbGUBtxRg1M9p2mJB4J8jJ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
content-security-policy: default-src 'none'
cf-ray: 73bd1bac49b59bb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 404 dhl-image-6.svg
dhl-de.ds3ds.icu/js/61615221/service/ 174 B
174 B 113ms
109ms Image
text/html 2606:4700:3035::ac43:8643
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dhl-de.ds3ds.icu/js/61615221/service/dhl-image-6.svg

Requested by

Host: dhl-de.ds3ds.icu
URL: https://dhl-de.ds3ds.icu/201429238/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:8643 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e1a9e1c5c0a13a94f65f585cff410a86c3281b06a8f726c8502925d0ff614233

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dhl-de.ds3ds.icu/201429238/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 21:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U04tn1Hrjhrml3OKFD9PyGsdck2YpXliY37G283Us87oJTz6E%2BO%2BErAAbrRr5lH0tbyGIO%2Farief2gO4Nh%2FckWrrVcb0irF8GWkZ1pgGcoFW%2FO9UH2rOJkabd21plNtHH6kNl0Bl7U9y2bmqRzCu"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
content-security-policy: default-src 'none'
cf-ray: 73bd1bac49b79bb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 404 dhl-image-1.svg
dhl-de.ds3ds.icu/js/61615221/service/ 174 B
174 B 115ms
112ms Image
text/html 2606:4700:3035::ac43:8643
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dhl-de.ds3ds.icu/js/61615221/service/dhl-image-1.svg

Requested by

Host: dhl-de.ds3ds.icu
URL: https://dhl-de.ds3ds.icu/201429238/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:8643 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

13ed1bcbc8206c83870b4576ed345a413ea781787d5025ece82f9ca34a520672

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dhl-de.ds3ds.icu/201429238/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 21:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLHaMZZVFesbaAMrYenA8TQktTsQ4GIh75Xw%2BQYYQN0UCcBf6Uw30ZqzqnWFgSOb%2FEsaWe9OgpivSiNSuspxfdZpp9UZl7HVVUw7rxJJMpHGFiHm6PPJGSAcyqkcs%2F4m%2Bf3XWReqIyKtBivIV%2Ft9"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
content-security-policy: default-src 'none'
cf-ray: 73bd1bac49b99bb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 404 bundle.da701d0ef3398103c6aa5536223a76cc.css
www.dhl.com/etc/clientlibs/dhl/clientlib-all/css/ 0
0 596ms
293ms Stylesheet
text/html 23.208.240.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dhl.com/etc/clientlibs/dhl/clientlib-all/css/bundle.da701d0ef3398103c6aa5536223a76cc.css
Requested by: Host: dhl-de.ds3ds.icu
URL: https://dhl-de.ds3ds.icu/201429238/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.208.240.231 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-208-240-231.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dhl-de.ds3ds.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 201429238 Show response
dhl-de.ds3ds.icu/supportChatFrame/ Frame C887 23 KB
7 KB 131ms
131ms Document
text/html 2606:4700:3035::ac43:8643
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dhl-de.ds3ds.icu/supportChatFrame/201429238
Requested by: Host: dhl-de.ds3ds.icu
URL: https://dhl-de.ds3ds.icu/201429238/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8643 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d8d6749a28a8dc8f09566f6f276eab7bbca1957d83a3f47b1281a0e63844c317

Request headers

Referer: https://dhl-de.ds3ds.icu/201429238/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73bd1bac79fc9bb9-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 16 Aug 2022 21:01:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FD8urXtUXyB%2FyyD0iLMt59YnPbzlOIg2XIS8uq0c7WSv2DyzDIR%2B7V4Z70IxANkFO25qLScsDKWH%2BHpoDneP%2FE0urfK1PvmlMuw4LThBi%2F4ZqknkgE2d7SAY%2FIvkegcKY3MiiRnumkrBnpddpkgQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

GET
H3 200 support_chat.css
dhl-de.ds3ds.icu/css/ Frame C887 97 KB
16 KB 88ms
87ms Stylesheet
text/css 2606:4700:3035::ac43:8643
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dhl-de.ds3ds.icu/css/support_chat.css
Requested by: Host: dhl-de.ds3ds.icu
URL: https://dhl-de.ds3ds.icu/supportChatFrame/201429238
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8643 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5a6150db74c3f33743e1cca2e048a4f2e61ef322fdec540dca13777853f0faca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dhl-de.ds3ds.icu/supportChatFrame/201429238
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 21:01:56 GMT
content-encoding: br
etag: W/"1843a-17b3e127450"
cf-cache-status: EXPIRED
last-modified: Fri, 13 Aug 2021 05:53:22 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BRdGZdm72V%2BYLQgOlFPm1%2FqU2j0%2FRL6j6SeAghaOH%2Bb7ot0rKKQ4bqrHQg7VVl3GUbKpQ7Q0gceTmN60j7QuZYhNs2BvaiRo4MOAHj9x4GiWB6%2FxSJAkZ0lAvtn4hhi0KDbmPnTfutaSpJChNX7"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73bd1bad997f92a5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK hp-girl-2a.png
flycom.net.ua/wp-content/uploads/2016/12/ Frame C887 154 KB
155 KB 635ms
135ms Image
image/png 91.225.160.17
ASSPDCHERNEGA ---...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flycom.net.ua/wp-content/uploads/2016/12/hp-girl-2a.png
Requested by: Host: dhl-de.ds3ds.icu
URL: https://dhl-de.ds3ds.icu/supportChatFrame/201429238
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.225.160.17 Odessa, Ukraine, ASN56400 (ASSPDCHERNEGA ---DataIX---, UA),
Reverse DNS
Software: nginx /
Resource Hash: c117b1ff6b3f98af0a1c9ebf3e88455de656a6f2a2c81dcc9d5482fbf772c239

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dhl-de.ds3ds.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 21:01:57 GMT
Last-Modified: Mon, 24 Dec 2018 11:17:38 GMT
Server: nginx
ETag: "5c20c052-2696e"
Content-Type: image/png
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 158062
Expires: Fri, 26 Aug 2022 21:01:57 GMT

GET
H3 200 axios.min.js Show response
dhl-de.ds3ds.icu/js/ Frame C887 14 KB
6 KB 75ms
74ms Script
application/javascript 2606:4700:3035::ac43:8643
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dhl-de.ds3ds.icu/js/axios.min.js
Requested by: Host: dhl-de.ds3ds.icu
URL: https://dhl-de.ds3ds.icu/supportChatFrame/201429238
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8643 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dhl-de.ds3ds.icu/supportChatFrame/201429238
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 21:01:56 GMT
content-encoding: br
etag: W/"3813-17b3e127450"
cf-cache-status: EXPIRED
last-modified: Fri, 13 Aug 2021 05:53:22 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPZtqXXD0HbEXaGMS%2FBHsBbSFb17m3%2BYzHBoN0tz4ojZPNklu2UHZAY2%2BuGNMbc56TQMmpqRvGmVFJHHxObmx7rxtTBConRWv1zD7qCC1uPuAJTK7sAAn51qu7MMk%2Fcj17ayOdo2OhO3uBf3Ty65"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73bd1bad998192a5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 support.js Show response
dhl-de.ds3ds.icu/js/ Frame C887 3 KB
1 KB 75ms
74ms Script
application/javascript 2606:4700:3035::ac43:8643
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dhl-de.ds3ds.icu/js/support.js
Requested by: Host: dhl-de.ds3ds.icu
URL: https://dhl-de.ds3ds.icu/supportChatFrame/201429238
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8643 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8c1db9f821aff832259b875e5b14b7321430065d7851a53602a2cded37c2f3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dhl-de.ds3ds.icu/supportChatFrame/201429238
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 21:01:56 GMT
content-encoding: br
etag: W/"acb-17b3e127450"
cf-cache-status: EXPIRED
last-modified: Fri, 13 Aug 2021 05:53:22 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIuk5%2FSfoAF98wTmmAxcY4PYnyBIKuqgkroVhSJvlmTL3hdAwfcGflC3AJveHpWlgTlKTsotvRNc%2Fr1pblaPdfvPCG8t8Xwz53AWDSb404VDfbFrTXMde3d7lrVMzO%2B%2BpPgSRnAPPOdui1Z7ZAZf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73bd1bad998392a5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 getMessages Show response
dhl-de.ds3ds.icu/api/support/ Frame C887 15 B
561 B 148ms
148ms XHR
application/json 2606:4700:3035::ac43:8643
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dhl-de.ds3ds.icu/api/support/getMessages
Requested by: Host: dhl-de.ds3ds.icu
URL: https://dhl-de.ds3ds.icu/js/axios.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8643 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a

Request headers

Accept: application/json, text/plain, */*
Referer: https://dhl-de.ds3ds.icu/supportChatFrame/201429238
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 16 Aug 2022 21:01:56 GMT
etag: W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk"
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2OxDcRKq06sTetsBEt518Z9yzcwz6aBIyR1XuZO5JhFedYcHaRE855Khr6P9uFygQcaOEoEWud%2BibjzjcnQggeD1%2F40h8syn5uXOmoYnGy0OtGZLAciuDfsBV8ISLFSQvCmKV65HjKEORrwrKOO"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 73bd1bae5a6192a5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15

POST
H3 200 getMessages Show response
dhl-de.ds3ds.icu/api/support/ Frame C887 15 B
562 B 108ms
107ms XHR
application/json 2606:4700:3035::ac43:8643
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dhl-de.ds3ds.icu/api/support/getMessages
Requested by: Host: dhl-de.ds3ds.icu
URL: https://dhl-de.ds3ds.icu/js/axios.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8643 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a

Request headers

Accept: application/json, text/plain, */*
Referer: https://dhl-de.ds3ds.icu/supportChatFrame/201429238
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 16 Aug 2022 21:01:58 GMT
etag: W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk"
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fj9497uYxHlcy34OgVw2lleVfY6a3JeKllGflM10t7i88DgMRrrojvhPLrCx1vRVgr04M%2Fbi2ojoCIDTCJF1xwUqwJYezpE0%2F8f2w3H4tkRL7p8qkLOtn5daE%2B0cLNMZejqDe7SEO5JrI0tYuxKc"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 73bd1bba1f0092a5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15

POST
H3 200 getMessages Show response
dhl-de.ds3ds.icu/api/support/ Frame C887 15 B
564 B 124ms
123ms XHR
application/json 2606:4700:3035::ac43:8643
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dhl-de.ds3ds.icu/api/support/getMessages
Requested by: Host: dhl-de.ds3ds.icu
URL: https://dhl-de.ds3ds.icu/js/axios.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8643 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a

Request headers

Accept: application/json, text/plain, */*
Referer: https://dhl-de.ds3ds.icu/supportChatFrame/201429238
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 16 Aug 2022 21:02:00 GMT
etag: W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk"
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJxOct6yrlG4Lhb39AFHOwmJa%2BYXlUjC7s9IwZ1gtZJIX2KmQAc1y7W%2FEc00Kx5S3s07EuFlrTt%2B35uB5BQJjm%2BIaEjkixaO592JXIGaHCSTaouzpcR95KqOmefTfrQWXASAkY3D7QCVSKiTefps"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 73bd1bc4289092a5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.dhl.com
URL: https://www.dhl.com/etc/clientlibs/dhl/clientlib-all/css/bundle.da701d0ef3398103c6aa5536223a76cc.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dhl-de.ds3ds.icu/	1969-12-31 23:59:59	Name: connect.sid Value: s%3A8SygDUrnZciBqZ0WA2GqxGkJhgTpgPxv.xM1Scy1Kzwe2pdvGKZ2jIED3V8DCu1yZl9ZN5Q6OQd0

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://dhl-de.ds3ds.icu/201429238/(Line 6) Message: A preload for 'https://www.dhl.com/etc/clientlibs/dhl/clientlib-all/css/bundle.da701d0ef3398103c6aa5536223a76cc.css' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network	error	URL: https://www.dhl.com/etc/clientlibs/dhl/clientlib-all/css/bundle-utapi.da701d0ef3398103c6aa5536223a76cc.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.dhl.com/etc/clientlibs/dhl/clientlib-all/css/bundle.da701d0ef3398103c6aa5536223a76cc.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dhl-de.ds3ds.icu/js/61615221/service/dhl-image-8.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dhl-de.ds3ds.icu/js/61615221/service/dhl-image-5.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dhl-de.ds3ds.icu/js/61615221/service/dhl-image-6.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dhl-de.ds3ds.icu/js/61615221/service/dhl-image-7.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dhl-de.ds3ds.icu/js/61615221/service/dhl-image-1.svg Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://dhl-de.ds3ds.icu/201429238/ Message: Access to CSS stylesheet at 'https://www.dhl.com/etc/clientlibs/dhl/clientlib-all/css/bundle.da701d0ef3398103c6aa5536223a76cc.css' from origin 'https://dhl-de.ds3ds.icu' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.dhl.com/etc/clientlibs/dhl/clientlib-all/css/bundle.da701d0ef3398103c6aa5536223a76cc.css Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dhl-de.ds3ds.icu
flycom.net.ua
www.dhl.com
www.openpricer.com
www.dhl.com
2001:41d0:1:1b00:213:186:33:18
23.208.240.231
2606:4700:3035::ac43:8643
91.225.160.17
13ed1bcbc8206c83870b4576ed345a413ea781787d5025ece82f9ca34a520672
206086d07b4dc289c20e447cadf3023b6f7f8221552cc412079c136cafae7989
24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1
5a6150db74c3f33743e1cca2e048a4f2e61ef322fdec540dca13777853f0faca
5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a
5e5f1e41bf4cc887bc7e28c19a42c674604111b17181c4d8186a8faa2c11b8d2
88c60a608841ea054b0d785fc9fbb70ba73a13c0fc7e8b44ef286ef2d1c3f2d7
8c1db9f821aff832259b875e5b14b7321430065d7851a53602a2cded37c2f3fa
9e7daf828ab92681934468b4d7fe32b16686b819f7d79079dd55b6b969541c93
c117b1ff6b3f98af0a1c9ebf3e88455de656a6f2a2c81dcc9d5482fbf772c239
c57c6cbc3ec9b40aa46591db113e45c0c224d4af96a3bd017b2323b47793910d
d8d6749a28a8dc8f09566f6f276eab7bbca1957d83a3f47b1281a0e63844c317
e1a9e1c5c0a13a94f65f585cff410a86c3281b06a8f726c8502925d0ff614233

dhl-de.ds3ds.icu Open in urlscan Pro 2606:4700:3035::ac43:8643 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

94 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

5 IPs

4 Countries

256 kBTransfer

449 kBSize

1 Cookies

85 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

1 Cookies

10 Console Messages

Indicators

dhl-de.ds3ds.icu Open in urlscan Pro
2606:4700:3035::ac43:8643 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

94 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

4
Countries

256 kB
Transfer

449 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!