dhl-news.com - urlscan.io

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 6 HTTP transactions. The main IP is 104.16.210.86, located in and belongs to CLOUDFLARENET, US. The main domain is dhl-news.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 8th 2021. Valid for: a year.

This is the only time dhl-news.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	104.16.210.86 104.16.210.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:bb98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:170... 2a02:26f0:1700:f::1737:a1b1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.204.175.1 52.204.175.1	14618 (AMAZON-AES) (AMAZON-AES)
6	4

2 104.16.210.86 (None, )

ASN13335 (CLOUDFLARENET, US)

dhl-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:bb98 (United States)

ASN13335 (CLOUDFLARENET, US)

i.emlfiles4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:f::1737:a1b1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

3655c9b7d0e4c7eb8e62-f41b8e4824d18971b72e44324f6764b3.r43.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.204.175.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-175-1.compute-1.amazonaws.com

pixel.monitor1.returnpath.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	emlfiles4.com i.emlfiles4.com	27 KB
2	dhl-news.com dhl-news.com	6 KB
1	returnpath.net pixel.monitor1.returnpath.net	109 B
1	rackcdn.com 3655c9b7d0e4c7eb8e62-f41b8e4824d18971b72e44324f6764b3.r43.cf1.rackcdn.com	7 KB
6	4

	Domain	Requested by
2	i.emlfiles4.com	dhl-news.com
2	dhl-news.com	dhl-news.com
1	pixel.monitor1.returnpath.net	dhl-news.com
1	3655c9b7d0e4c7eb8e62-f41b8e4824d18971b72e44324f6764b3.r43.cf1.rackcdn.com	dhl-news.com
6	4

This site contains no links.

Subject Issuer	Validity	Valid
dhl-news.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
i.emlfiles4.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
pixel.monitor1.returnpath.net Amazon	`2021-09-10` - `2022-10-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dhl-news.com/9WI-7HYY8-E714FE08CA8E046B7QSCDOA876672DF79CB6BB/cr.aspx
Frame ID: 074FB98E5537FF88AE4F06AE198DFFFE
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Use correct postal codes to avoid delays

Page Statistics

6
Requests

83 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

40 kB
Transfer

55 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request cr.aspx Show response dhl-news.com/9WI-7HYY8-E714FE08CA8E046B7QSCDOA876672DF79CB6BB/	22 KB 6 KB	359ms 202ms	Document text/html	104.16.210.86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dhl-news.com/9WI-7HYY8-E714FE08CA8E046B7QSCDOA876672DF79CB6BB/cr.aspx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.210.86 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c541fdfaa77a7ad4ae2b55e02bb1d7dac3d9185048140f676a7c03bfac97035c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Mon, 13 Dec 2021 10:45:36 GMT content-type text/html; charset=utf-8 content-length 5823 cache-control private content-encoding gzip vary Accept-Encoding x-dm-activity-id a83407bc77de406d9a8223059b92b698 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6bce9a96cf334063-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	w660_12360095_masthead.jpg i.emlfiles4.com/cmpimg/4/3/8/2/1/files/imagecache/12595760/	26 KB 27 KB	72ms 25ms	Image image/webp	2606:4700::6810:bb98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.emlfiles4.com/cmpimg/4/3/8/2/1/files/imagecache/12595760/w660_12360095_masthead.jpg Requested by Host: dhl-news.com URL: https://dhl-news.com/9WI-7HYY8-E714FE08CA8E046B7QSCDOA876672DF79CB6BB/cr.aspx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:bb98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9385c7652040cb855529a4510a4a920682ecd6ddbb813d31d8955f5b80cadf4e` Request headers Accept-Language de-DE,de;q=0.9 Referer https://dhl-news.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 13 Dec 2021 10:45:36 GMT cf-cache-status HIT age 6206 cf-polished qual=85, origFmt=jpeg, origSize=54716 cf-ray 6bce9a9868210742-FRA content-disposition inline; filename="w660_12360095_masthead.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 27114 x-amz-id-2 3+Z0FadsPJu2g5Nqkn7hdmu43SmkW8Sn+qz8wm2XMOSzo9eTWtBFznejANUjdeGzK0E1GwiBuhY= last-modified Tue, 17 Aug 2021 02:15:03 GMT server cloudflare etag "6011e7062c872abf3161288dacc33a8e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept x-amz-request-id WXMV8831TPMN2VHK x-amz-version-id null accept-ranges bytes content-type image/webp cf-bgj imgq:85,h2pri
GET H2	200	s.gif i.emlfiles4.com/cmpimg/t/	34 B 562 B	71ms 24ms	Image image/webp	2606:4700::6810:bb98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.emlfiles4.com/cmpimg/t/s.gif Requested by Host: dhl-news.com URL: https://dhl-news.com/9WI-7HYY8-E714FE08CA8E046B7QSCDOA876672DF79CB6BB/cr.aspx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:bb98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65` Request headers Accept-Language de-DE,de;q=0.9 Referer https://dhl-news.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 13 Dec 2021 10:45:36 GMT cf-cache-status HIT age 5127 cf-polished origFmt=gif, origSize=43 cf-ray 6bce9a9878230742-FRA content-disposition inline; filename="s.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 34 x-amz-id-2 DZFwjbawY8Udh0pUt+vd5phcgMJT7qpitEBWhCb80Twicl8kxXx10GZXeaOguLfES+oJ1HcXt8Q= last-modified Mon, 27 Oct 2014 09:21:49 GMT server cloudflare etag "325472601571f31e1bf00674c368d335" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept x-amz-request-id QRA1ZXFV8QBC5PVM x-amz-version-id null accept-ranges bytes content-type image/webp cf-bgj imgq:85,h2pri
GET H/1.1	200 OK	v2-dpdhl_group_one_line_logo_rgb_black-2019.png 3655c9b7d0e4c7eb8e62-f41b8e4824d18971b72e44324f6764b3.r43.cf1.rackcdn.com/global/imagelib/uncategorized/	6 KB 7 KB	774ms 576ms	Image image/png	2a02:26f0:1700:f::1737:a1b1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://3655c9b7d0e4c7eb8e62-f41b8e4824d18971b72e44324f6764b3.r43.cf1.rackcdn.com/global/imagelib/uncategorized/v2-dpdhl_group_one_line_logo_rgb_black-2019.png Requested by Host: dhl-news.com URL: https://dhl-news.com/9WI-7HYY8-E714FE08CA8E046B7QSCDOA876672DF79CB6BB/cr.aspx Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:26f0:1700:f::1737:a1b1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `b89c948e47e359579d28b11560a80aec3052a4cd423addbec3fa02f46775044a` Request headers Accept-Language de-DE,de;q=0.9 Referer https://dhl-news.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 13 Dec 2021 10:45:37 GMT Last-Modified Thu, 02 May 2019 09:20:33 GMT X-Trans-Id txd3665763de6d4f8abb4ef-0061b72451dfw1 ETag 52b3f783faf2d0470c32ea2942857f5b Content-Type image/png X-Timestamp 1556788832.02394 Cache-Control public, max-age=43165 Connection keep-alive Accept-Ranges bytes Content-Length 6517 Expires Mon, 13 Dec 2021 22:45:02 GMT
GET H2	200	pixel.gif pixel.monitor1.returnpath.net/	43 B 109 B	325ms 102ms	Image image/gif	52.204.175.1 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.monitor1.returnpath.net/pixel.gif?r=3133ce0cebc58decf13461106a9914a87a89538b Requested by Host: dhl-news.com URL: https://dhl-news.com/9WI-7HYY8-E714FE08CA8E046B7QSCDOA876672DF79CB6BB/cr.aspx Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.204.175.1 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-204-175-1.compute-1.amazonaws.com Software / Resource Hash `b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b` Request headers Accept-Language de-DE,de;q=0.9 Referer https://dhl-news.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 13 Dec 2021 10:45:36 GMT content-length 43 content-type image/gif
GET H2	200	o.gif dhl-news.com/9WI-7HYY8-7QSCDO/	43 B 171 B	129ms 128ms	Image image/gif	104.16.210.86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dhl-news.com/9WI-7HYY8-7QSCDO/o.gif Requested by Host: dhl-news.com URL: https://dhl-news.com/9WI-7HYY8-E714FE08CA8E046B7QSCDOA876672DF79CB6BB/cr.aspx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.210.86 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7` Request headers Accept-Language de-DE,de;q=0.9 Referer https://dhl-news.com/9WI-7HYY8-E714FE08CA8E046B7QSCDOA876672DF79CB6BB/cr.aspx User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 13 Dec 2021 10:45:36 GMT cf-cache-status MISS last-modified Mon, 13 Dec 2021 10:45:36 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif x-dm-activity-id b2ba65d82e7f403481b99adfa1279267 cache-control private accept-ranges bytes cf-ray 6bce9a982a524063-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 43

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://dhl-news.com/9WI-7HYY8-E714FE08CA8E046B7QSCDOA876672DF79CB6BB/cr.aspx Message: Mixed Content: The page at 'https://dhl-news.com/9WI-7HYY8-E714FE08CA8E046B7QSCDOA876672DF79CB6BB/cr.aspx' was loaded over HTTPS, but requested an insecure element 'http://3655c9b7d0e4c7eb8e62-f41b8e4824d18971b72e44324f6764b3.r43.cf1.rackcdn.com/global/imagelib/uncategorized/v2-dpdhl_group_one_line_logo_rgb_black-2019.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dhl-news.com/9WI-7HYY8-E714FE08CA8E046B7QSCDOA876672DF79CB6BB/cr.aspx Message: Mixed Content: The page at 'https://dhl-news.com/9WI-7HYY8-E714FE08CA8E046B7QSCDOA876672DF79CB6BB/cr.aspx' was loaded over HTTPS, but requested an insecure element 'http://3655c9b7d0e4c7eb8e62-f41b8e4824d18971b72e44324f6764b3.r43.cf1.rackcdn.com/global/imagelib/uncategorized/v2-dpdhl_group_one_line_logo_rgb_black-2019.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3655c9b7d0e4c7eb8e62-f41b8e4824d18971b72e44324f6764b3.r43.cf1.rackcdn.com
dhl-news.com
i.emlfiles4.com
pixel.monitor1.returnpath.net
104.16.210.86
2606:4700::6810:bb98
2a02:26f0:1700:f::1737:a1b1
52.204.175.1
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
9385c7652040cb855529a4510a4a920682ecd6ddbb813d31d8955f5b80cadf4e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b89c948e47e359579d28b11560a80aec3052a4cd423addbec3fa02f46775044a
c541fdfaa77a7ad4ae2b55e02bb1d7dac3d9185048140f676a7c03bfac97035c

dhl-news.com Open in urlscan Pro 104.16.210.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

83 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

40 kBTransfer

55 kBSize

0 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

dhl-news.com Open in urlscan Pro
104.16.210.86 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

40 kB
Transfer

55 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions