de.dhl-track-xy.xyz Open in urlscan Pro
104.223.16.172 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://de.dhl-track-xy.xyz/
Submission: On November 12 via automatic, source certstream-suspicious (November 12th 2023, 2:06:59 pm UTC) — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 12 HTTP transactions. The main IP is 104.223.16.172, located in Los Angeles, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is de.dhl-track-xy.xyz.
TLS certificate: Issued by R3 on November 12th 2023. Valid for: 3 months.

This is the only time de.dhl-track-xy.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	104.223.16.172 104.223.16.172	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
1	2606:4700::68... 2606:4700::6812:1aaa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a02:26f0:350... 2a02:26f0:3500:992::4213	() ()
12	3

10 104.223.16.172 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 104.223.16.172.static.quadranet.com

de.dhl-track-xy.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
j.kjashdkjashd.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1aaa (United States)

ASN13335 (CLOUDFLARENET, US)

api.ipregistry.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:992::4213 (None, ) 1 redirects

ASN- ()

www.dhl.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	dhl-track-xy.xyz de.dhl-track-xy.xyz	164 KB
2	dhl.de 1 redirects www.dhl.de	6 KB
2	kjashdkjashd.buzz j.kjashdkjashd.buzz	4 KB
1	ipregistry.co api.ipregistry.co — Cisco Umbrella Rank: 152658	1 KB
12	4

	Domain	Requested by
8	de.dhl-track-xy.xyz	de.dhl-track-xy.xyz
2	www.dhl.de	1 redirects de.dhl-track-xy.xyz
2	j.kjashdkjashd.buzz	de.dhl-track-xy.xyz
1	api.ipregistry.co	de.dhl-track-xy.xyz
12	4

This site contains no links.

Subject Issuer	Validity	Valid
de.dhl-track-xy.xyz R3	`2023-11-12` - `2024-02-10`	3 months	crt.sh
ipregistry.co Cloudflare Inc ECC CA-3	`2023-10-03` - `2024-10-02`	a year	crt.sh
j.kjashdkjashd.buzz R3	`2023-11-12` - `2024-02-10`	3 months	crt.sh
www.deutschepost.de DPDHL Global TLS CA - I5	`2023-04-26` - `2024-04-25`	a year	crt.sh

This page contains 1 frames:

Frame: https://www.dhl.de/de/privatkunden.html
Frame ID: 279C5E4ECC277CD412782B65879F4E5B
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

12
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

170 kB
Transfer

636 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://www.dhl.de/de/ HTTP 301
https://www.dhl.de/de/privatkunden.html

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
de.dhl-track-xy.xyz/ 1 KB
1 KB 2429ms
179ms Document
text/html 104.223.16.172
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://de.dhl-track-xy.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.223.16.172 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

104.223.16.172.static.quadranet.com

Software

nginx /

Resource Hash

49c4b357da796ed897fd2d55b5c7e31609f98b62fa85c06ef36478b471dafed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 1248
content-type: text/html
date: Sun, 12 Nov 2023 14:06:54 GMT
etag: "65514b3c-4e0"
last-modified: Sun, 12 Nov 2023 22:01:32 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 loading.css
de.dhl-track-xy.xyz/css/ 563 B
767 B 188ms
186ms Stylesheet
text/css 104.223.16.172
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://de.dhl-track-xy.xyz/css/loading.css

Requested by

Host: de.dhl-track-xy.xyz
URL: https://de.dhl-track-xy.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.223.16.172 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

104.223.16.172.static.quadranet.com

Software

nginx /

Resource Hash

343ce0a81a3e204d0d4c212c7567676964bdc7b2deabd62f0f6336420aaf8917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.dhl-track-xy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 14:06:54 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Nov 2023 22:01:32 GMT
server: nginx
etag: "65514b3c-233"
content-type: text/css
cache-control: max-age=43200
accept-ranges: bytes
content-length: 563
expires: Mon, 13 Nov 2023 02:06:54 GMT

GET
H2 200 chunk-vendors.26fbc4c7.js Show response
de.dhl-track-xy.xyz/js/ 325 KB
109 KB 554ms
552ms Script
application/javascript 104.223.16.172
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://de.dhl-track-xy.xyz/js/chunk-vendors.26fbc4c7.js

Requested by

Host: de.dhl-track-xy.xyz
URL: https://de.dhl-track-xy.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.223.16.172 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

104.223.16.172.static.quadranet.com

Software

nginx /

Resource Hash

29371625c6460fb866de9785ac766757105ea17fcfea88f3e0f2852ec04b9b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.dhl-track-xy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 14:06:54 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 12 Nov 2023 22:01:32 GMT
server: nginx
etag: W/"65514b3c-513d2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 13 Nov 2023 02:06:54 GMT

GET
H2 200 app.4eec433d.js Show response
de.dhl-track-xy.xyz/js/ 12 KB
5 KB 536ms
535ms Script
application/javascript 104.223.16.172
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://de.dhl-track-xy.xyz/js/app.4eec433d.js

Requested by

Host: de.dhl-track-xy.xyz
URL: https://de.dhl-track-xy.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.223.16.172 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

104.223.16.172.static.quadranet.com

Software

nginx /

Resource Hash

cef2ecc374e8c51435cf8ee660fcd057bd880e7e4dc15ff7b8b7ca527060b478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.dhl-track-xy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 14:06:54 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 12 Nov 2023 22:01:32 GMT
server: nginx
etag: W/"65514b3c-2e1d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 13 Nov 2023 02:06:54 GMT

GET
H2 200 chunk-vendors.75d0cebf.css
de.dhl-track-xy.xyz/css/ 290 KB
46 KB 374ms
372ms Stylesheet
text/css 104.223.16.172
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://de.dhl-track-xy.xyz/css/chunk-vendors.75d0cebf.css

Requested by

Host: de.dhl-track-xy.xyz
URL: https://de.dhl-track-xy.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.223.16.172 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

104.223.16.172.static.quadranet.com

Software

nginx /

Resource Hash

5503cb29425f49c97e16a256136623e675638917f19292967c1954c752a1de31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.dhl-track-xy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 14:06:54 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 12 Nov 2023 22:01:32 GMT
server: nginx
etag: W/"65514b3c-488a6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 13 Nov 2023 02:06:54 GMT

GET
H2 200 app.75d84a8e.css
de.dhl-track-xy.xyz/css/ 1 KB
1 KB 553ms
551ms Stylesheet
text/css 104.223.16.172
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://de.dhl-track-xy.xyz/css/app.75d84a8e.css

Requested by

Host: de.dhl-track-xy.xyz
URL: https://de.dhl-track-xy.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.223.16.172 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

104.223.16.172.static.quadranet.com

Software

nginx /

Resource Hash

b5bdeacc5fd0023c0c336704c90c3258afe60421972a939bbcd0b463641625a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.dhl-track-xy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 14:06:54 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Nov 2023 22:01:32 GMT
server: nginx
etag: "65514b3c-485"
content-type: text/css
cache-control: max-age=43200
accept-ranges: bytes
content-length: 1157
expires: Mon, 13 Nov 2023 02:06:54 GMT

GET
H2 200 config.json Show response
de.dhl-track-xy.xyz/ 171 B
327 B 180ms
179ms XHR
application/json 104.223.16.172
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://de.dhl-track-xy.xyz/config.json

Requested by

Host: de.dhl-track-xy.xyz
URL: https://de.dhl-track-xy.xyz/js/chunk-vendors.26fbc4c7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.223.16.172 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

104.223.16.172.static.quadranet.com

Software

nginx /

Resource Hash

f62f389c84a2cfb6bc137286151d4a0044110df3da0b8df1308d723b2b98ec92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://de.dhl-track-xy.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 14:06:54 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Nov 2023 22:01:32 GMT
server: nginx
etag: "65514b3c-ab"
content-type: application/json
accept-ranges: bytes
content-length: 171

GET
H2 200 / Show response
api.ipregistry.co/ 2 KB
1 KB 156ms
50ms XHR
application/json 2606:4700::6812:1aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ipregistry.co/?key=9b3qvmn5m1vcnndt

Requested by

Host: de.dhl-track-xy.xyz
URL: https://de.dhl-track-xy.xyz/js/chunk-vendors.26fbc4c7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1aaa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46d515b6113716f3ed5b4c3d71fc6d41d1a3ec167b6fa7a923d068817ff62680

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://de.dhl-track-xy.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 14:06:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
ipregistry-credits-consumed: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
ipregistry-credits-remaining: 30274
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Ipregistry-Credits-Remaining, Ipregistry-Credits-Consumed, Ipregistry-Version, Ipregistry-Pod
ipregistry-version: 1
cf-ray: 824f569ace6e35eb-FRA
alt-svc: h3=":443"; ma=86400
ipregistry-pod: ipregistry-api-b559fb8c9-2cvnk

POST
H2 200 saveIPInfo Show response
j.kjashdkjashd.buzz/IpInfo/ 4 KB
4 KB 264ms
264ms XHR
application/json 104.223.16.172
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://j.kjashdkjashd.buzz/IpInfo/saveIPInfo
Requested by: Host: de.dhl-track-xy.xyz
URL: https://de.dhl-track-xy.xyz/js/chunk-vendors.26fbc4c7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.223.16.172 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.16.172.static.quadranet.com
Software: nginx /
Resource Hash: 07cb2b22d565d0f3704933efcca2fc48aec9f104020bc90972fdaf95a3b7b5ec

Request headers

Accept: application/json, text/plain, */*
Referer: https://de.dhl-track-xy.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://de.dhl-track-xy.xyz
date: Sun, 12 Nov 2023 14:06:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

OPTIONS
H2 200 saveIPInfo
j.kjashdkjashd.buzz/IpInfo/ 0
0 591ms
192ms Preflight 104.223.16.172
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://j.kjashdkjashd.buzz/IpInfo/saveIPInfo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.223.16.172 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.16.172.static.quadranet.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://de.dhl-track-xy.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,DELETE,PUT
access-control-allow-origin: https://de.dhl-track-xy.xyz
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control: no-cache
date: Sun, 12 Nov 2023 14:06:55 GMT
server: nginx
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 config.json Show response
de.dhl-track-xy.xyz/ 171 B
327 B 190ms
189ms XHR
application/json 104.223.16.172
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://de.dhl-track-xy.xyz/config.json

Requested by

Host: de.dhl-track-xy.xyz
URL: https://de.dhl-track-xy.xyz/js/chunk-vendors.26fbc4c7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.223.16.172 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

104.223.16.172.static.quadranet.com

Software

nginx /

Resource Hash

f62f389c84a2cfb6bc137286151d4a0044110df3da0b8df1308d723b2b98ec92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://de.dhl-track-xy.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 14:06:56 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Nov 2023 22:01:32 GMT
server: nginx
etag: "65514b3c-ab"
content-type: application/json
accept-ranges: bytes
content-length: 171

GET
H2

200

privatkunden.html
www.dhl.de/de/
Redirect Chain

https://www.dhl.de/de/
https://www.dhl.de/de/privatkunden.html

0
0

187ms
186ms

Document
text/html

2a02:26f0:3500:992::4213

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dhl.de/de/privatkunden.html

Requested by

Host: de.dhl-track-xy.xyz
URL: https://de.dhl-track-xy.xyz/js/app.4eec433d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:992::4213 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: https://fonts.gstatic.com/ https://cdn.podigee.com/ https://.podigee-cdn.net/ https://.dhl.de/ https://.dhl.com/ https://.deutschepost.de/ https://dpm.demdex.net/ https://.paypal.com/ https://.cardinalcommerce.com/ https://dpcomepost.tt.omtrdc.net/ https://.bing.com/ https://meinservice.my.salesforce.com/ https://meinservice.my.salesforce-sites.com/ https://service.force.com/ https://.zscaler.net/ https://.zscloud.net/ https://.zscalertwo.net/; connect-src 'self' https://cdn.cookielaw.org/ https://.onetrust.com/ https://quality.dpdhl.com/ https://t.leadlab.click/ https://insight.adsrvr.org/ https://assets.adobedtm.com/ https://deutschepostag1.d3.sc.omtrdc.net/ https://maps.googleapis.com/ https://www.googletagmanager.com/ https://meinservice-dhl-sites.secure.force.com/ https://meinservice--rqa.sandbox.my.salesforce.com/ https://meinservice--tl.sandbox.my.salesforce.com/ https://depst-salaut-prod1.pegacloud.net/ https://depst-mara-dt1-decisionhub.pegacloud.net/ https://depst-mara-stg1-decisionhub.pegacloud.net/ https://depst-mara-prod1-decisionhub.pegacloud.net/ https://t.ssl.ak.tiles.virtualearth.net/ https://.dynamic.tiles.ditu.live.com/ https://.braintreegateway.com/ https://.braintree-api.com/ https://braintree-sample-merchant.herokuapp.com/ https://.heidelpay.com/ https://autocomplete2.postdirekt.de/ https://.dhl.de/ https://.dhl.com/ https://.deutschepost.de/ https://dpm.demdex.net/ https://.paypal.com/ https://.cardinalcommerce.com/ https://dpcomepost.tt.omtrdc.net/ https://.bing.com/ https://meinservice.my.salesforce.com/ https://meinservice.my.salesforce-sites.com/ https://service.force.com/ https://.zscaler.net/ https://.zscloud.net/ https://.zscalertwo.net/; img-src https: data:; form-action 'self' https://.dhl.de/ https://.deutschepost.de/ https://www.sofort.com/ https://.dhl.com/ https://meinservice.my.salesforce-sites.com/; frame-ancestors 'self' https://facebook.com/ https://.dhl.de/ https://.dhl.com/ https://.deutschepost.de/ https://deutschepost.elaine-asp.de/ https://.plentymarkets-cloud-de.com/ https://.plentymarkets-cloud-ie.com/ https://dhl.vendidero.de/ https://dhl-paket.plentymarkets-cloud02.com/ https://.billbee.io/ https://.dreamrobot.de/ https://tl-meinservice-dhl.cs107.force.com/; frame-src 'self' https://www.simplydhl.com/ https://deutschepost.elaine-asp.de/ https://www.youtube.com/ https://www.google.com/ https://assets.adobedtm.com/ https://rdevpro-meinservice-dhl.cs160.force.com/ https://gateway.zscalerthree.net/ https://.braintreegateway.com/ https://payment.heidelpay.com/ https://dhlglobalmail.secure.force.com/ https://.dhl.de/ https://.dhl.com/ https://.deutschepost.de/ https://dpm.demdex.net/ https://.paypal.com/ https://.cardinalcommerce.com/ https://dpcomepost.tt.omtrdc.net/ https://.bing.com/ https://meinservice.my.salesforce.com/ https://meinservice.my.salesforce-sites.com/ https://service.force.com/ https://.zscaler.net/ https://.zscloud.net/ https://.zscalertwo.net/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.youtube.com/ https://connect.facebook.net/ https://cdn.cookielaw.org/ https://cookie-cdn.cookiepro.com/ https://geolocation.onetrust.com/ https://assets.adobedtm.com/ https://cdn.tt.omtrdc.net/ https://.google.com/ https://maps.googleapis.com/ https://www.googletagmanager.com/ https://www.gstatic.com/ https://.virtualearth.net/ https://.ditu.live.com/ https://.salesforceliveagent.com/ https://static.lightning.force.com/ https://meinservice--rqa.sandbox.my.salesforce.com/ https://meinservice--tl.sandbox.my.salesforce.com/ https://meinservice-dhl-sites.secure.force.com/ https://assets.braintreegateway.com/ https://static.heidelpay.com/ https://cdn.jsdelivr.net/ https://.dhl.de/ https://.dhl.com/ https://.deutschepost.de/ https://dpm.demdex.net/ https://.paypal.com/ https://.cardinalcommerce.com/ https://dpcomepost.tt.omtrdc.net/ https://.bing.com/ https://meinservice.my.salesforce.com/ https://meinservice.my.salesforce-sites.com/ https://service.force.com/ https://.zscaler.net/ https://.zscloud.net/ https://.zscalertwo.net/; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://assets.adobedtm.com/ https://cdn.cookielaw.org/ https://googletagmanager.com/ https://track.adform.net/ https://www.youtube.com/ https://connect.facebook.net/ https://.virtualearth.net/ https://.ditu.live.com/ https://.salesforceliveagent.com/ https://static.lightning.force.com/ https://meinservice--rqa.sandbox.my.salesforce.com/ https://meinservice--tl.sandbox.my.salesforce.com/ https://assets.braintreegateway.com/ https://cdn.jsdelivr.net/ https://.dhl.de/ https://.dhl.com/ https://.deutschepost.de/ https://dpm.demdex.net/ https://.paypal.com/ https://.cardinalcommerce.com/ https://dpcomepost.tt.omtrdc.net/ https://.bing.com/ https://meinservice.my.salesforce.com/ https://meinservice.my.salesforce-sites.com/ https://service.force.com/ https://.zscaler.net/ https://.zscloud.net/ https://.zscalertwo.net/; style-src 'self' 'unsafe-inline' https://meinservice-dhl-sites.secure.force.com/ https://cdn.tt.omtrdc.net/ https://.dhl.de/ https://.dhl.com/ https://.deutschepost.de/ https://dpm.demdex.net/ https://.paypal.com/ https://.cardinalcommerce.com/ https://dpcomepost.tt.omtrdc.net/ https://.bing.com/ https://meinservice.my.salesforce.com/ https://meinservice.my.salesforce-sites.com/ https://service.force.com/ https://.zscaler.net/ https://.zscloud.net/ https://.zscalertwo.net/;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 17184
content-security-policy: default-src 'self' data: https://fonts.gstatic.com/ https://cdn.podigee.com/ https://*.podigee-cdn.net/ https://*.dhl.de/ https://*.dhl.com/ https://*.deutschepost.de/ https://dpm.demdex.net/ https://*.paypal.com/ https://*.cardinalcommerce.com/ https://dpcomepost.tt.omtrdc.net/ https://*.bing.com/ https://meinservice.my.salesforce.com/ https://meinservice.my.salesforce-sites.com/ https://service.force.com/ https://*.zscaler.net/ https://*.zscloud.net/ https://*.zscalertwo.net/; connect-src 'self' https://cdn.cookielaw.org/ https://*.onetrust.com/ https://quality.dpdhl.com/ https://t.leadlab.click/ https://insight.adsrvr.org/ https://assets.adobedtm.com/ https://deutschepostag1.d3.sc.omtrdc.net/ https://maps.googleapis.com/ https://www.googletagmanager.com/ https://meinservice-dhl-sites.secure.force.com/ https://meinservice--rqa.sandbox.my.salesforce.com/ https://meinservice--tl.sandbox.my.salesforce.com/ https://depst-salaut-prod1.pegacloud.net/ https://depst-mara-dt1-decisionhub.pegacloud.net/ https://depst-mara-stg1-decisionhub.pegacloud.net/ https://depst-mara-prod1-decisionhub.pegacloud.net/ https://t.ssl.ak.tiles.virtualearth.net/ https://*.dynamic.tiles.ditu.live.com/ https://*.braintreegateway.com/ https://*.braintree-api.com/ https://braintree-sample-merchant.herokuapp.com/ https://*.heidelpay.com/ https://autocomplete2.postdirekt.de/ https://*.dhl.de/ https://*.dhl.com/ https://*.deutschepost.de/ https://dpm.demdex.net/ https://*.paypal.com/ https://*.cardinalcommerce.com/ https://dpcomepost.tt.omtrdc.net/ https://*.bing.com/ https://meinservice.my.salesforce.com/ https://meinservice.my.salesforce-sites.com/ https://service.force.com/ https://*.zscaler.net/ https://*.zscloud.net/ https://*.zscalertwo.net/; img-src https: data:; form-action 'self' https://*.dhl.de/ https://*.deutschepost.de/ https://www.sofort.com/ https://*.dhl.com/ https://meinservice.my.salesforce-sites.com/; frame-ancestors 'self' https://facebook.com/ https://*.dhl.de/ https://*.dhl.com/ https://*.deutschepost.de/ https://deutschepost.elaine-asp.de/ https://*.plentymarkets-cloud-de.com/ https://*.plentymarkets-cloud-ie.com/ https://dhl.vendidero.de/ https://dhl-paket.plentymarkets-cloud02.com/ https://*.billbee.io/ https://*.dreamrobot.de/ https://tl-meinservice-dhl.cs107.force.com/; frame-src 'self' https://www.simplydhl.com/ https://deutschepost.elaine-asp.de/ https://www.youtube.com/ https://www.google.com/ https://assets.adobedtm.com/ https://rdevpro-meinservice-dhl.cs160.force.com/ https://gateway.zscalerthree.net/ https://*.braintreegateway.com/ https://payment.heidelpay.com/ https://dhlglobalmail.secure.force.com/ https://*.dhl.de/ https://*.dhl.com/ https://*.deutschepost.de/ https://dpm.demdex.net/ https://*.paypal.com/ https://*.cardinalcommerce.com/ https://dpcomepost.tt.omtrdc.net/ https://*.bing.com/ https://meinservice.my.salesforce.com/ https://meinservice.my.salesforce-sites.com/ https://service.force.com/ https://*.zscaler.net/ https://*.zscloud.net/ https://*.zscalertwo.net/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.youtube.com/ https://connect.facebook.net/ https://cdn.cookielaw.org/ https://cookie-cdn.cookiepro.com/ https://geolocation.onetrust.com/ https://assets.adobedtm.com/ https://cdn.tt.omtrdc.net/ https://*.google.com/ https://maps.googleapis.com/ https://www.googletagmanager.com/ https://www.gstatic.com/ https://*.virtualearth.net/ https://*.ditu.live.com/ https://*.salesforceliveagent.com/ https://static.lightning.force.com/ https://meinservice--rqa.sandbox.my.salesforce.com/ https://meinservice--tl.sandbox.my.salesforce.com/ https://meinservice-dhl-sites.secure.force.com/ https://assets.braintreegateway.com/ https://static.heidelpay.com/ https://cdn.jsdelivr.net/ https://*.dhl.de/ https://*.dhl.com/ https://*.deutschepost.de/ https://dpm.demdex.net/ https://*.paypal.com/ https://*.cardinalcommerce.com/ https://dpcomepost.tt.omtrdc.net/ https://*.bing.com/ https://meinservice.my.salesforce.com/ https://meinservice.my.salesforce-sites.com/ https://service.force.com/ https://*.zscaler.net/ https://*.zscloud.net/ https://*.zscalertwo.net/; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://assets.adobedtm.com/ https://cdn.cookielaw.org/ https://googletagmanager.com/ https://track.adform.net/ https://www.youtube.com/ https://connect.facebook.net/ https://*.virtualearth.net/ https://*.ditu.live.com/ https://*.salesforceliveagent.com/ https://static.lightning.force.com/ https://meinservice--rqa.sandbox.my.salesforce.com/ https://meinservice--tl.sandbox.my.salesforce.com/ https://assets.braintreegateway.com/ https://cdn.jsdelivr.net/ https://*.dhl.de/ https://*.dhl.com/ https://*.deutschepost.de/ https://dpm.demdex.net/ https://*.paypal.com/ https://*.cardinalcommerce.com/ https://dpcomepost.tt.omtrdc.net/ https://*.bing.com/ https://meinservice.my.salesforce.com/ https://meinservice.my.salesforce-sites.com/ https://service.force.com/ https://*.zscaler.net/ https://*.zscloud.net/ https://*.zscalertwo.net/; style-src 'self' 'unsafe-inline' https://meinservice-dhl-sites.secure.force.com/ https://cdn.tt.omtrdc.net/ https://*.dhl.de/ https://*.dhl.com/ https://*.deutschepost.de/ https://dpm.demdex.net/ https://*.paypal.com/ https://*.cardinalcommerce.com/ https://dpcomepost.tt.omtrdc.net/ https://*.bing.com/ https://meinservice.my.salesforce.com/ https://meinservice.my.salesforce-sites.com/ https://service.force.com/ https://*.zscaler.net/ https://*.zscloud.net/ https://*.zscalertwo.net/;
content-type: text/html;charset=UTF-8
date: Sun, 12 Nov 2023 14:06:58 GMT
expires: Sun, 12 Nov 2023 14:06:58 GMT
pragma: no-cache
referrer-policy: same-origin
strict-transport-security: max-age=31556926; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mTOE,3
x-content-type-options: NOSNIFF
x-dns-prefetch-control: off
x-dpwn-is-secure: 1
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=0, no-cache, no-store
content-length: 16734
content-security-policy: default-src 'self' data: https://fonts.gstatic.com/ https://cdn.podigee.com/ https://*.podigee-cdn.net/ https://*.dhl.de/ https://*.dhl.com/ https://*.deutschepost.de/ https://dpm.demdex.net/ https://*.paypal.com/ https://*.cardinalcommerce.com/ https://dpcomepost.tt.omtrdc.net/ https://*.bing.com/ https://meinservice.my.salesforce.com/ https://meinservice.my.salesforce-sites.com/ https://service.force.com/ https://*.zscaler.net/ https://*.zscloud.net/ https://*.zscalertwo.net/; connect-src 'self' https://cdn.cookielaw.org/ https://*.onetrust.com/ https://quality.dpdhl.com/ https://t.leadlab.click/ https://insight.adsrvr.org/ https://assets.adobedtm.com/ https://deutschepostag1.d3.sc.omtrdc.net/ https://maps.googleapis.com/ https://www.googletagmanager.com/ https://meinservice-dhl-sites.secure.force.com/ https://meinservice--rqa.sandbox.my.salesforce.com/ https://meinservice--tl.sandbox.my.salesforce.com/ https://depst-salaut-prod1.pegacloud.net/ https://depst-mara-dt1-decisionhub.pegacloud.net/ https://depst-mara-stg1-decisionhub.pegacloud.net/ https://depst-mara-prod1-decisionhub.pegacloud.net/ https://t.ssl.ak.tiles.virtualearth.net/ https://*.dynamic.tiles.ditu.live.com/ https://*.braintreegateway.com/ https://*.braintree-api.com/ https://braintree-sample-merchant.herokuapp.com/ https://*.heidelpay.com/ https://autocomplete2.postdirekt.de/ https://*.dhl.de/ https://*.dhl.com/ https://*.deutschepost.de/ https://dpm.demdex.net/ https://*.paypal.com/ https://*.cardinalcommerce.com/ https://dpcomepost.tt.omtrdc.net/ https://*.bing.com/ https://meinservice.my.salesforce.com/ https://meinservice.my.salesforce-sites.com/ https://service.force.com/ https://*.zscaler.net/ https://*.zscloud.net/ https://*.zscalertwo.net/; img-src https: data:; form-action 'self' https://*.dhl.de/ https://*.deutschepost.de/ https://www.sofort.com/ https://*.dhl.com/ https://meinservice.my.salesforce-sites.com/; frame-ancestors 'self' https://facebook.com/ https://*.dhl.de/ https://*.dhl.com/ https://*.deutschepost.de/ https://deutschepost.elaine-asp.de/ https://*.plentymarkets-cloud-de.com/ https://*.plentymarkets-cloud-ie.com/ https://dhl.vendidero.de/ https://dhl-paket.plentymarkets-cloud02.com/ https://*.billbee.io/ https://*.dreamrobot.de/ https://tl-meinservice-dhl.cs107.force.com/; frame-src 'self' https://www.simplydhl.com/ https://deutschepost.elaine-asp.de/ https://www.youtube.com/ https://www.google.com/ https://assets.adobedtm.com/ https://rdevpro-meinservice-dhl.cs160.force.com/ https://gateway.zscalerthree.net/ https://*.braintreegateway.com/ https://payment.heidelpay.com/ https://dhlglobalmail.secure.force.com/ https://*.dhl.de/ https://*.dhl.com/ https://*.deutschepost.de/ https://dpm.demdex.net/ https://*.paypal.com/ https://*.cardinalcommerce.com/ https://dpcomepost.tt.omtrdc.net/ https://*.bing.com/ https://meinservice.my.salesforce.com/ https://meinservice.my.salesforce-sites.com/ https://service.force.com/ https://*.zscaler.net/ https://*.zscloud.net/ https://*.zscalertwo.net/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.youtube.com/ https://connect.facebook.net/ https://cdn.cookielaw.org/ https://cookie-cdn.cookiepro.com/ https://geolocation.onetrust.com/ https://assets.adobedtm.com/ https://cdn.tt.omtrdc.net/ https://*.google.com/ https://maps.googleapis.com/ https://www.googletagmanager.com/ https://www.gstatic.com/ https://*.virtualearth.net/ https://*.ditu.live.com/ https://*.salesforceliveagent.com/ https://static.lightning.force.com/ https://meinservice--rqa.sandbox.my.salesforce.com/ https://meinservice--tl.sandbox.my.salesforce.com/ https://meinservice-dhl-sites.secure.force.com/ https://assets.braintreegateway.com/ https://static.heidelpay.com/ https://cdn.jsdelivr.net/ https://*.dhl.de/ https://*.dhl.com/ https://*.deutschepost.de/ https://dpm.demdex.net/ https://*.paypal.com/ https://*.cardinalcommerce.com/ https://dpcomepost.tt.omtrdc.net/ https://*.bing.com/ https://meinservice.my.salesforce.com/ https://meinservice.my.salesforce-sites.com/ https://service.force.com/ https://*.zscaler.net/ https://*.zscloud.net/ https://*.zscalertwo.net/; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://assets.adobedtm.com/ https://cdn.cookielaw.org/ https://googletagmanager.com/ https://track.adform.net/ https://www.youtube.com/ https://connect.facebook.net/ https://*.virtualearth.net/ https://*.ditu.live.com/ https://*.salesforceliveagent.com/ https://static.lightning.force.com/ https://meinservice--rqa.sandbox.my.salesforce.com/ https://meinservice--tl.sandbox.my.salesforce.com/ https://assets.braintreegateway.com/ https://cdn.jsdelivr.net/ https://*.dhl.de/ https://*.dhl.com/ https://*.deutschepost.de/ https://dpm.demdex.net/ https://*.paypal.com/ https://*.cardinalcommerce.com/ https://dpcomepost.tt.omtrdc.net/ https://*.bing.com/ https://meinservice.my.salesforce.com/ https://meinservice.my.salesforce-sites.com/ https://service.force.com/ https://*.zscaler.net/ https://*.zscloud.net/ https://*.zscalertwo.net/; style-src 'self' 'unsafe-inline' https://meinservice-dhl-sites.secure.force.com/ https://cdn.tt.omtrdc.net/ https://*.dhl.de/ https://*.dhl.com/ https://*.deutschepost.de/ https://dpm.demdex.net/ https://*.paypal.com/ https://*.cardinalcommerce.com/ https://dpcomepost.tt.omtrdc.net/ https://*.bing.com/ https://meinservice.my.salesforce.com/ https://meinservice.my.salesforce-sites.com/ https://service.force.com/ https://*.zscaler.net/ https://*.zscloud.net/ https://*.zscalertwo.net/;
content-type: text/html;charset=UTF-8
date: Sun, 12 Nov 2023 14:06:58 GMT
expires: Sun, 12 Nov 2023 14:06:58 GMT
last-modified: Fri, 10 Nov 2023 14:43:07 GMT
location: /de/privatkunden.html
pragma: no-cache
referrer-policy: same-origin
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: NOSNIFF
x-dns-prefetch-control: off
x-dpwn-is-secure: 1
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipregistry.co
de.dhl-track-xy.xyz
j.kjashdkjashd.buzz
www.dhl.de
104.223.16.172
2606:4700::6812:1aaa
2a02:26f0:3500:992::4213
07cb2b22d565d0f3704933efcca2fc48aec9f104020bc90972fdaf95a3b7b5ec
29371625c6460fb866de9785ac766757105ea17fcfea88f3e0f2852ec04b9b9d
343ce0a81a3e204d0d4c212c7567676964bdc7b2deabd62f0f6336420aaf8917
46d515b6113716f3ed5b4c3d71fc6d41d1a3ec167b6fa7a923d068817ff62680
49c4b357da796ed897fd2d55b5c7e31609f98b62fa85c06ef36478b471dafed2
5503cb29425f49c97e16a256136623e675638917f19292967c1954c752a1de31
b5bdeacc5fd0023c0c336704c90c3258afe60421972a939bbcd0b463641625a1
cef2ecc374e8c51435cf8ee660fcd057bd880e7e4dc15ff7b8b7ca527060b478
f62f389c84a2cfb6bc137286151d4a0044110df3da0b8df1308d723b2b98ec92

de.dhl-track-xy.xyz Open in urlscan Pro 104.223.16.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

12 Requests

100 %HTTPS

67 %IPv6

4 Domains

4 Subdomains

3 IPs

1 Countries

170 kBTransfer

636 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

de.dhl-track-xy.xyz Open in urlscan Pro
104.223.16.172 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

170 kB
Transfer

636 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions