Submitted URL: https://sl.dpdhl-surveys.com/nxlhjunoyw?l=en&urlVar01=UK
Effective URL: https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
Submission: On February 13 via manual from HK

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 13 HTTP transactions. The main IP is 78.31.119.106, located in Uithoorn, Netherlands and belongs to NL-BIT BIT BV, NL. The main domain is surveys.dpdhl.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 2nd 2019. Valid for: 2 years.
This is the only time surveys.dpdhl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 78.31.119.106 12859 (NL-BIT BI...)
3 194.9.85.152 31424 (NEXELLENT...)
5 78.31.119.109 12859 (NL-BIT BI...)
1 2a00:1450:400... 15169 (GOOGLE)
13 5
Domain Requested by
5 eu-clients.survalyzer.com surveys.dpdhl.com
3 dpdhl.datacoll.net surveys.dpdhl.com
2 surveys.dpdhl.com surveys.dpdhl.com
1 fonts.googleapis.com surveys.dpdhl.com
1 sl.dpdhl-surveys.com 1 redirects surveys.dpdhl.com
13 5

This site contains links to these domains. Also see Links.

Domain
sl.dpdhl-surveys.com
Subject Issuer Validity Valid
*.dpdhl.com
Sectigo RSA Domain Validation Secure Server CA
2019-12-02 -
2021-12-02
2 years crt.sh
*.datacoll.net
RapidSSL RSA CA 2018
2019-05-27 -
2020-06-25
a year crt.sh
*.survalyzer.com
RapidSSL TLS RSA CA G1
2018-06-12 -
2020-06-06
2 years crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-01-21 -
2020-04-14
3 months crt.sh

This page contains 1 frames:

Primary Page: https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
Frame ID: BE46FBAEB338DED2578FC94557460909
Requests: 13 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://sl.dpdhl-surveys.com/nxlhjunoyw?l=en&urlVar01=UK HTTP 302
    https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

13
Requests

85 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

48 kB
Transfer

153 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sl.dpdhl-surveys.com/nxlhjunoyw?l=en&urlVar01=UK HTTP 302
    https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set nxlhjunoyw
surveys.dpdhl.com/
Redirect Chain
  • https://sl.dpdhl-surveys.com/nxlhjunoyw?l=en&urlVar01=UK
  • https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
6 KB
2 KB
Document
General
Full URL
https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.31.119.106 Uithoorn, Netherlands, ASN12859 (NL-BIT BIT BV, NL),
Reverse DNS
tobajas-alias.site4u.nl
Software
/
Resource Hash
8b323d6492918e493f775893a06db638abf7ad8e415b4c7fd940708f5c7ebc28
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Host
surveys.dpdhl.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
.ASPXBrowserOverride=; expires=Wed, 12-Feb-2020 11:55:05 GMT; path=/; secure; HttpOnly
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="P3P not supported"
Date
Thu, 13 Feb 2020 11:55:06 GMT
Connection
close
Content-Length
1617

Redirect headers

Cache-Control
no-cache
Content-length
0
Location
https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
Connection
close
elements.css
dpdhl.datacoll.net/content/
44 KB
11 KB
Stylesheet
General
Full URL
https://dpdhl.datacoll.net/content/elements.css
Requested by
Host: surveys.dpdhl.com
URL: https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.9.85.152 , Netherlands, ASN31424 (NEXELLENT-AS AS31424 is operated by:, CH),
Reverse DNS
zodiac-alias.site4u.nl
Software
/
Resource Hash
729dd278cc90cbf60b40260c8fc672293e1f85d4e9faaeb76eb714a03ac48626
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Encoding
gzip
Last-Modified
Wed, 29 Jan 2020 03:11:12 GMT
ETag
"0486ec251d6d51:0"
Vary
Accept-Encoding
P3P
CP="P3P not supported"
Date
Thu, 13 Feb 2020 11:55:05 GMT
Connection
close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
11108
X-XSS-Protection
1; mode=block
defaultvariables.css
dpdhl.datacoll.net/content/
8 KB
2 KB
Stylesheet
General
Full URL
https://dpdhl.datacoll.net/content/defaultvariables.css
Requested by
Host: surveys.dpdhl.com
URL: https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.9.85.152 , Netherlands, ASN31424 (NEXELLENT-AS AS31424 is operated by:, CH),
Reverse DNS
zodiac-alias.site4u.nl
Software
/
Resource Hash
d1d335b59cc875ae22743a6ca3e630a93839f9ec6e4db2ad15a05691cffb4e5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Encoding
gzip
Last-Modified
Wed, 29 Jan 2020 03:04:46 GMT
ETag
"05b5bdc50d6d51:0"
Vary
Accept-Encoding
P3P
CP="P3P not supported"
Date
Thu, 13 Feb 2020 11:55:06 GMT
Connection
close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
1260
X-XSS-Protection
1; mode=block
site.css
dpdhl.datacoll.net/content/
98 B
591 B
Stylesheet
General
Full URL
https://dpdhl.datacoll.net/content/site.css
Requested by
Host: surveys.dpdhl.com
URL: https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.9.85.152 , Netherlands, ASN31424 (NEXELLENT-AS AS31424 is operated by:, CH),
Reverse DNS
zodiac-alias.site4u.nl
Software
/
Resource Hash
8563cf42fda4534170d274e73141e16476a9c074460f6a60a988c7cecdbdceb9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Encoding
gzip
Last-Modified
Wed, 29 Jan 2020 03:01:04 GMT
ETag
"0d885850d6d51:0"
Vary
Accept-Encoding
P3P
CP="P3P not supported"
Date
Thu, 13 Feb 2020 11:55:05 GMT
Connection
close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
196
X-XSS-Protection
1; mode=block
style.css
eu-clients.survalyzer.com/dpdhl/survalyzer/DGF/assets/css/
18 KB
4 KB
Stylesheet
General
Full URL
https://eu-clients.survalyzer.com/dpdhl/survalyzer/DGF/assets/css/style.css
Requested by
Host: surveys.dpdhl.com
URL: https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.31.119.109 Uithoorn, Netherlands, ASN12859 (NL-BIT BIT BV, NL),
Reverse DNS
dima.site4u.nl
Software
/
Resource Hash
2aa1c4176e50093d21b35e15792063bd7d6a8fb93802cd6d6800215ff5b620c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 10:01:01 GMT
etag
"492d50d1bae3d41:0"
vary
Accept-Encoding
content-type
text/css
status
200
date
Thu, 13 Feb 2020 11:55:06 GMT
accept-ranges
bytes
content-length
4240
css
fonts.googleapis.com/
767 B
478 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: surveys.dpdhl.com
URL: https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Feb 2020 11:55:06 GMT
server
ESF
date
Thu, 13 Feb 2020 11:55:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Feb 2020 11:55:06 GMT
css-custom
surveys.dpdhl.com/
65 KB
18 KB
Stylesheet
General
Full URL
https://surveys.dpdhl.com/css-custom?v=fjfqB7V-qYw8HM68zoxOiNNThYckmwChnDG732kwDdI1
Requested by
Host: surveys.dpdhl.com
URL: https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.31.119.106 Uithoorn, Netherlands, ASN12859 (NL-BIT BIT BV, NL),
Reverse DNS
tobajas-alias.site4u.nl
Software
/
Resource Hash
c5cc6a4dd42d475f084be05a39f52a8c3baa1acbee6bf2d9f9a8315b21f14305
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Encoding
gzip
Last-Modified
Thu, 13 Feb 2020 11:55:06 GMT
Date
Thu, 13 Feb 2020 11:55:06 GMT
Vary
User-Agent,Accept-Encoding
P3P
CP="P3P not supported"
Cache-Control
public
Connection
close
Content-Type
text/css; charset=utf-8
Content-Length
18371
X-XSS-Protection
1; mode=block
Expires
Fri, 12 Feb 2021 11:55:06 GMT
official_dhllogo.svg
eu-clients.survalyzer.com/dpdhl/survalyzer/dhl-group/assets/img/
2 KB
2 KB
Image
General
Full URL
https://eu-clients.survalyzer.com/dpdhl/survalyzer/dhl-group/assets/img/official_dhllogo.svg
Requested by
Host: surveys.dpdhl.com
URL: https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.31.119.109 Uithoorn, Netherlands, ASN12859 (NL-BIT BIT BV, NL),
Reverse DNS
dima.site4u.nl
Software
/
Resource Hash
bb6821bb8cce2e571b87295519170e2032a8e1747d56937b558ec3f5779d2b59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 26 Mar 2019 10:01:04 GMT
etag
"b739f6d2bae3d41:0"
content-type
image/svg+xml
status
200
date
Thu, 13 Feb 2020 11:55:06 GMT
accept-ranges
bytes
content-length
1621
footer-logo.png
eu-clients.survalyzer.com/dpdhl/survalyzer/dhl-group/assets/img/
2 KB
3 KB
Image
General
Full URL
https://eu-clients.survalyzer.com/dpdhl/survalyzer/dhl-group/assets/img/footer-logo.png
Requested by
Host: surveys.dpdhl.com
URL: https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.31.119.109 Uithoorn, Netherlands, ASN12859 (NL-BIT BIT BV, NL),
Reverse DNS
dima.site4u.nl
Software
/
Resource Hash
e54575ab08465b69999d0ebd9c93cd4d9ed64f2ea639911dd7f5839a8db2f4b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 26 Mar 2019 10:01:04 GMT
etag
"28b2cdd2bae3d41:0"
content-type
image/png
status
200
date
Thu, 13 Feb 2020 11:55:06 GMT
accept-ranges
bytes
content-length
2543
MRSC.png
eu-clients.survalyzer.com/dpdhl/survalyzer/dhl-group/assets/img/
4 KB
4 KB
Image
General
Full URL
https://eu-clients.survalyzer.com/dpdhl/survalyzer/dhl-group/assets/img/MRSC.png
Requested by
Host: surveys.dpdhl.com
URL: https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.31.119.109 Uithoorn, Netherlands, ASN12859 (NL-BIT BIT BV, NL),
Reverse DNS
dima.site4u.nl
Software
/
Resource Hash
b06e0b8907ed4299d2385b09d00ee038501071cdb76ab17236ac177b3941c647
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 26 Mar 2019 10:01:04 GMT
etag
"5ad7f3d2bae3d41:0"
content-type
image/png
status
200
date
Thu, 13 Feb 2020 11:55:06 GMT
accept-ranges
bytes
content-length
3987
text.counter.js
eu-clients.survalyzer.com/dpdhl/custom-textcounter/
2 KB
1 KB
Script
General
Full URL
https://eu-clients.survalyzer.com/dpdhl/custom-textcounter/text.counter.js
Requested by
Host: surveys.dpdhl.com
URL: https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.31.119.109 Uithoorn, Netherlands, ASN12859 (NL-BIT BIT BV, NL),
Reverse DNS
dima.site4u.nl
Software
/
Resource Hash
b9c0ad08e3067327bb8f5ee7c317b545e1d7f3bae902981df3c790f7e3c78b1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://surveys.dpdhl.com/nxlhjunoyw?l=en&urlVar01=UK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Mon, 20 May 2019 13:21:27 GMT
etag
"9467e2edefd51:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
date
Thu, 13 Feb 2020 11:55:06 GMT
accept-ranges
bytes
content-length
889
0c584202-0b52-4802-92c2-3ba6b05a43c9.woff
sl.dpdhl-surveys.com/_clients/dpdhl/survalyzer/standard/assets/fonts/
0
0

bf3f91cd-dde7-4219-912c-787de8db2704.woff
sl.dpdhl-surveys.com/_clients/dpdhl/survalyzer/standard/assets/fonts/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sl.dpdhl-surveys.com
URL
https://sl.dpdhl-surveys.com/_clients/dpdhl/survalyzer/standard/assets/fonts/0c584202-0b52-4802-92c2-3ba6b05a43c9.woff
Domain
sl.dpdhl-surveys.com
URL
https://sl.dpdhl-surveys.com/_clients/dpdhl/survalyzer/standard/assets/fonts/bf3f91cd-dde7-4219-912c-787de8db2704.woff

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| changeCounter function| textCounter

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block