yaaddaa.com Open in urlscan Pro
95.217.53.137  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/ Page URL
2. https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/just.php?id= Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response yaaddaa.com/wp-content/plugins/newsletter/js/dhl/	2 KB 1 KB	273ms 73ms	Document text/html	95.217.53.137 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.53.137 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS server.extrahostpro.net Software Apache / Resource Hash 36644ab8354b5a0800976c18a144cc0ea8d3fdd3cf425a9dc9259f0cef1d6e7f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Host yaaddaa.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 10:32:12 GMT Server Apache Cache-Control max-age=60, private, proxy-revalidate Expires Sat, 13 Feb 2021 10:32:12 GMT Vary Accept-Encoding,User-Agent Content-Encoding gzip X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block Content-Length 831 Keep-Alive timeout=5, max=300 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	bootstrap.min.css ondemand.dhl.com/css/libs/	105 KB 18 KB	196ms 64ms	Stylesheet text/css	104.111.238.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ondemand.dhl.com/css/libs/bootstrap.min.css Requested by Host: yaaddaa.com URL: https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.238.101 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-238-101.deploy.static.akamaitechnologies.com Software / Resource Hash ef6367358d81c660649a0553478149d048ca1014103d6a39e468852a4489aa3b Request headers Referer https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 10:32:12 GMT Content-Encoding gzip Last-Modified Tue, 08 Dec 2020 02:15:52 GMT Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 18506
GET H/1.1	200 OK	odd-welcome.css yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/	12 KB 3 KB	70ms 69ms	Stylesheet text/css	95.217.53.137 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/odd-welcome.css Requested by Host: yaaddaa.com URL: https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.53.137 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS server.extrahostpro.net Software Apache / Resource Hash 0b82b4a5eebfa49aeec936dbf5f1afc6153c2260f3aa7e00d4ba4df943965787 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 10:32:12 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Thu, 14 Jan 2021 07:54:43 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type text/css Cache-Control max-age=172800, proxy-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=299 Content-Length 2591 X-XSS-Protection 1; mode=block Expires Sat, 13 Feb 2021 10:32:12 GMT
GET H/1.1	200 OK	dhl_logo_transparent.png yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/	2 KB 2 KB	144ms 73ms	Image image/png	95.217.53.137 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/dhl_logo_transparent.png Requested by Host: yaaddaa.com URL: https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.53.137 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS server.extrahostpro.net Software Apache / Resource Hash 35b8eca53271516f3d66a3dd8f89e1366edb87adad26015424148de71dfcce46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 10:32:12 GMT X-Content-Type-Options nosniff Last-Modified Thu, 14 Jan 2021 07:54:43 GMT Server Apache Content-Type image/png Cache-Control max-age=604800, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=298 Content-Length 1940 X-XSS-Protection 1; mode=block Expires Fri, 14 Jan 2022 10:32:12 GMT
GET H/1.1	200 OK	default.gif yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/	37 KB 37 KB	178ms 61ms	Image image/gif	95.217.53.137 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/default.gif Requested by Host: yaaddaa.com URL: https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.53.137 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS server.extrahostpro.net Software Apache / Resource Hash 5d1041b1b769883a8232207d589a6492e0d3d4dc1ecca5e0b654cefc2316218c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 10:32:12 GMT X-Content-Type-Options nosniff Last-Modified Thu, 14 Jan 2021 07:54:43 GMT Server Apache Content-Type image/gif Cache-Control max-age=604800, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=300 Content-Length 37378 X-XSS-Protection 1; mode=block Expires Fri, 14 Jan 2022 10:32:12 GMT
GET H/1.1	200 OK	DHL_footer_logo.png yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/	724 B 1 KB	183ms 64ms	Image image/png	95.217.53.137 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/DHL_footer_logo.png Requested by Host: yaaddaa.com URL: https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.53.137 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS server.extrahostpro.net Software Apache / Resource Hash 38c387b0151772ae21faabbfed1281b46163aa484168d870440f82b64e736063 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 10:32:12 GMT X-Content-Type-Options nosniff Last-Modified Thu, 14 Jan 2021 07:54:43 GMT Server Apache Content-Type image/png Cache-Control max-age=604800, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=300 Content-Length 724 X-XSS-Protection 1; mode=block Expires Fri, 14 Jan 2022 10:32:12 GMT
GET H/1.1	200 OK	background.png yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/	138 KB 139 KB	64ms 63ms	Image image/png	95.217.53.137 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/background.png Requested by Host: yaaddaa.com URL: https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/odd-welcome.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.53.137 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS server.extrahostpro.net Software Apache / Resource Hash c3ccf07705cecac2e92b60347745f320a5fa2bb9141f0f54efd02240ae964ab5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/odd-welcome.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 10:32:12 GMT X-Content-Type-Options nosniff Last-Modified Thu, 14 Jan 2021 07:54:43 GMT Server Apache Content-Type image/png Cache-Control max-age=604800, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=299 Content-Length 141441 X-XSS-Protection 1; mode=block Expires Fri, 14 Jan 2022 10:32:12 GMT
GET H/1.1	404 Not Found	FrutigerLTW04-55Roman.woff yaaddaa.com/css/fonts/frutigerltw04/	0 0	205ms 205ms	Font text/html	95.217.53.137 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://yaaddaa.com/css/fonts/frutigerltw04/FrutigerLTW04-55Roman.woff Requested by Host: yaaddaa.com URL: https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/odd-welcome.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.53.137 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS server.extrahostpro.net Software Apache / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Origin https://yaaddaa.com Referer https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/odd-welcome.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 10:32:12 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server Apache Vary Accept-Encoding,User-Agent Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0, max-age=60, private, proxy-revalidate Connection Keep-Alive Link <https://yaaddaa.com/wp-json/>; rel="https://api.w.org/" Content-Length 4452 X-XSS-Protection 1; mode=block Keep-Alive timeout=5, max=297 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	FrutigerLTW04-77BlackCond.woff yaaddaa.com/css/fonts/frutigerltw04/	0 0	207ms 207ms	Font text/html	95.217.53.137 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://yaaddaa.com/css/fonts/frutigerltw04/FrutigerLTW04-77BlackCond.woff Requested by Host: yaaddaa.com URL: https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/odd-welcome.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.53.137 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS server.extrahostpro.net Software Apache / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Origin https://yaaddaa.com Referer https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/odd-welcome.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 10:32:12 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server Apache Vary Accept-Encoding,User-Agent Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0, max-age=60, private, proxy-revalidate Connection Keep-Alive Link <https://yaaddaa.com/wp-json/>; rel="https://api.w.org/" Content-Length 4452 X-XSS-Protection 1; mode=block Keep-Alive timeout=5, max=300 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	200 OK	Primary Request just.php Show response yaaddaa.com/wp-content/plugins/newsletter/js/dhl/	5 KB 2 KB	186ms 64ms	Document text/html	95.217.53.137 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/just.php?id= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.53.137 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS server.extrahostpro.net Software Apache / Resource Hash 150a98dd6c2870bc09f4dd181734f82563275d041f9855b36d2800adb9834646 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Host yaaddaa.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-origin Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/ Response headers Date Thu, 14 Jan 2021 10:32:22 GMT Server Apache Cache-Control max-age=60, private, proxy-revalidate Expires Sat, 13 Feb 2021 10:32:22 GMT Vary Accept-Encoding,User-Agent Content-Encoding gzip X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block Content-Length 1695 Keep-Alive timeout=5, max=300 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	layout.css yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/	1 KB 928 B	63ms 62ms	Stylesheet text/css	95.217.53.137 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/layout.css Requested by Host: yaaddaa.com URL: https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/just.php?id= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.53.137 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS server.extrahostpro.net Software Apache / Resource Hash af7f14e6c8e65f74dac6afda27be4ce7512db2a778ec42c36f55a1ed363fc7d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/just.php?id= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 10:32:23 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Thu, 14 Jan 2021 07:54:43 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type text/css Cache-Control max-age=172800, proxy-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=299 Content-Length 474 X-XSS-Protection 1; mode=block Expires Sat, 13 Feb 2021 10:32:23 GMT
GET H/1.1	200 OK	main.css yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/	115 KB 21 KB	129ms 65ms	Stylesheet text/css	95.217.53.137 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/main.css Requested by Host: yaaddaa.com URL: https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/just.php?id= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.53.137 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS server.extrahostpro.net Software Apache / Resource Hash e1796b77370214d59bebab84fd2ea825e0073707bbbc18b796f5372b2329ceaa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/just.php?id= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 10:32:23 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Thu, 14 Jan 2021 07:54:43 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type text/css Cache-Control max-age=172800, proxy-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=298 Content-Length 21382 X-XSS-Protection 1; mode=block Expires Sat, 13 Feb 2021 10:32:23 GMT
GET H/1.1	200 OK	dhl_logo_transparent.png yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/	2 KB 2 KB	184ms 64ms	Image image/png	95.217.53.137 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/dhl_logo_transparent.png Requested by Host: yaaddaa.com URL: https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/just.php?id= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.53.137 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS server.extrahostpro.net Software Apache / Resource Hash 35b8eca53271516f3d66a3dd8f89e1366edb87adad26015424148de71dfcce46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/just.php?id= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 10:32:23 GMT X-Content-Type-Options nosniff Last-Modified Thu, 14 Jan 2021 07:54:43 GMT Server Apache Content-Type image/png Cache-Control max-age=604800, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=300 Content-Length 1940 X-XSS-Protection 1; mode=block Expires Fri, 14 Jan 2022 10:32:23 GMT
GET H/1.1	200 OK	DHL_footer_logo.png yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/	724 B 1 KB	187ms 65ms	Image image/png	95.217.53.137 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/DHL_footer_logo.png Requested by Host: yaaddaa.com URL: https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/just.php?id= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.53.137 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS server.extrahostpro.net Software Apache / Resource Hash 38c387b0151772ae21faabbfed1281b46163aa484168d870440f82b64e736063 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/just.php?id= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 10:32:23 GMT X-Content-Type-Options nosniff Last-Modified Thu, 14 Jan 2021 07:54:43 GMT Server Apache Content-Type image/png Cache-Control max-age=604800, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=300 Content-Length 724 X-XSS-Protection 1; mode=block Expires Fri, 14 Jan 2022 10:32:23 GMT
GET H/1.1	200 OK	bg.jpg yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/	130 KB 131 KB	192ms 67ms	Image image/jpeg	95.217.53.137 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/bg.jpg Requested by Host: yaaddaa.com URL: https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/just.php?id= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.53.137 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS server.extrahostpro.net Software Apache / Resource Hash dfdf92496fc1abae8e8594b3264bf2b3a9083d91a4ac26b5d26abfa59ecaa566 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/just.php?id= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 10:32:23 GMT X-Content-Type-Options nosniff Last-Modified Thu, 14 Jan 2021 07:54:43 GMT Server Apache Content-Type image/jpeg Cache-Control max-age=604800, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=300 Content-Length 133249 X-XSS-Protection 1; mode=block Expires Fri, 14 Jan 2022 10:32:23 GMT
GET H/1.1	200 OK	bg-header.png yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/	988 B 1 KB	62ms 62ms	Image image/png	95.217.53.137 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/bg-header.png Requested by Host: yaaddaa.com URL: https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.53.137 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS server.extrahostpro.net Software Apache / Resource Hash 73d0a320b24bf8d072eaf30904a5b2ccf96579329e30723296d4a80a167a555d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 10:32:23 GMT X-Content-Type-Options nosniff Last-Modified Thu, 14 Jan 2021 07:54:43 GMT Server Apache Content-Type image/png Cache-Control max-age=604800, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=297 Content-Length 988 X-XSS-Protection 1; mode=block Expires Fri, 14 Jan 2022 10:32:23 GMT
GET H/1.1	404 Not Found	servicelink_separator.gif yaaddaa.com/wp-content/plugins/newsletter/js/dhl/images/	16 KB 16 KB	142ms 142ms	Image text/html	95.217.53.137 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/images/servicelink_separator.gif Requested by Host: yaaddaa.com URL: https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.53.137 , Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS server.extrahostpro.net Software Apache / Resource Hash 03fa08493ba989cff3c8a488808534a8952d8d815d39f0a4d0b84cc255f183dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://yaaddaa.com/wp-content/plugins/newsletter/js/dhl/img/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 10:32:23 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server Apache Vary Accept-Encoding,User-Agent Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0, max-age=60, private, proxy-revalidate Connection Keep-Alive Link <https://yaaddaa.com/wp-json/>; rel="https://api.w.org/" Content-Length 4452 X-XSS-Protection 1; mode=block Keep-Alive timeout=5, max=300 Expires Wed, 11 Jan 1984 05:00:00 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ondemand.dhl.com
yaaddaa.com
104.111.238.101
95.217.53.137
03fa08493ba989cff3c8a488808534a8952d8d815d39f0a4d0b84cc255f183dc
0b82b4a5eebfa49aeec936dbf5f1afc6153c2260f3aa7e00d4ba4df943965787
150a98dd6c2870bc09f4dd181734f82563275d041f9855b36d2800adb9834646
35b8eca53271516f3d66a3dd8f89e1366edb87adad26015424148de71dfcce46
36644ab8354b5a0800976c18a144cc0ea8d3fdd3cf425a9dc9259f0cef1d6e7f
38c387b0151772ae21faabbfed1281b46163aa484168d870440f82b64e736063
5d1041b1b769883a8232207d589a6492e0d3d4dc1ecca5e0b654cefc2316218c
73d0a320b24bf8d072eaf30904a5b2ccf96579329e30723296d4a80a167a555d
af7f14e6c8e65f74dac6afda27be4ce7512db2a778ec42c36f55a1ed363fc7d8
c3ccf07705cecac2e92b60347745f320a5fa2bb9141f0f54efd02240ae964ab5
dfdf92496fc1abae8e8594b3264bf2b3a9083d91a4ac26b5d26abfa59ecaa566
e1796b77370214d59bebab84fd2ea825e0073707bbbc18b796f5372b2329ceaa
ef6367358d81c660649a0553478149d048ca1014103d6a39e468852a4489aa3b