payment.dht-team.co Open in urlscan Pro
143.95.42.191 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lnkiy.in/orRWe
Effective URL:
https://payment.dht-team.co/de/928-020-1514e3.xml?89243843275894327985643726758943729856437285894327584372958437297543892754...
Submission: On October 17 via manual (October 17th 2023, 10:15:05 am UTC) from DE — Scanned from DE

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 17 domains to perform 54 HTTP transactions. The main IP is 143.95.42.191, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is payment.dht-team.co.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on September 20th 2023. Valid for: 3 months.

This is the only time payment.dht-team.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	65.1.132.182 65.1.132.182	16509 (AMAZON-02) (AMAZON-02)
1 1	2607:f1c0:100... 2607:f1c0:100f:f000::265	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
19	143.95.42.191 143.95.42.191	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a02:26f0:480... 2a02:26f0:480:48d::4b3f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	99.86.4.2 99.86.4.2	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:249... 2600:9000:2490:e000:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.209.106.135 52.209.106.135	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2 4	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:d000:1f:af3f:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	3.69.18.113 3.69.18.113	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
54	19

1 65.1.132.182 (Mumbai, India) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-65-1-132-182.ap-south-1.compute.amazonaws.com

lnkiy.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f1c0:100f:f000::265 (United States) 1 redirects

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

cdn-shopfy-com.instrument-ofgod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 143.95.42.191 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: kefka.asoshared.com

payment.dht-team.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:480:48d::4b3f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.dhl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-2.fra6.r.cloudfront.net

web.btncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:e000:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.106.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-106-135.eu-west-1.compute.amazonaws.com

resources.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.132 (United States)

ASN54113 (FASTLY, US)

pt.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

8666735.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:d000:1f:af3f:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

lantern.roeyecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

9910951.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.18.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-18-113.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	dht-team.co payment.dht-team.co	529 KB
8	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 8666735.fls.doubleclick.net — Cisco Umbrella Rank: 14040 9910951.fls.doubleclick.net — Cisco Umbrella Rank: 14055	7 KB
6	dhl.com www.dhl.com — Cisco Umbrella Rank: 52339	10 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 118	1 KB
4	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1808 insight.adsrvr.org — Cisco Umbrella Rank: 665	5 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 427	14 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6147	563 B
1	agkn.com d.agkn.com — Cisco Umbrella Rank: 796	761 B
1	roeyecdn.com lantern.roeyecdn.com — Cisco Umbrella Rank: 11046	2 KB
1	ispot.tv pt.ispot.tv — Cisco Umbrella Rank: 2717	314 B
1	xg4ken.com resources.xg4ken.com — Cisco Umbrella Rank: 7112	4 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4597	11 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	95 KB
1	btncdn.com web.btncdn.com — Cisco Umbrella Rank: 14478	8 KB
1	instrument-ofgod.com 1 redirects cdn-shopfy-com.instrument-ofgod.com	179 B
1	lnkiy.in 1 redirects lnkiy.in	234 B
0	google-analytics.com Failed www.google-analytics.com Failed
54	17

	Domain	Requested by
19	payment.dht-team.co	payment.dht-team.co
6	www.dhl.com	payment.dht-team.co
4	8666735.fls.doubleclick.net	2 redirects payment.dht-team.co
4	bat.bing.com	payment.dht-team.co
3	adservice.google.com	9910951.fls.doubleclick.net 8666735.fls.doubleclick.net
2	insight.adsrvr.org	js.adsrvr.org
2	js.adsrvr.org	8666735.fls.doubleclick.net
2	www.google.de	payment.dht-team.co
2	www.google.com	payment.dht-team.co
2	9910951.fls.doubleclick.net	1 redirects payment.dht-team.co
2	googleads.g.doubleclick.net	payment.dht-team.co www.googletagmanager.com
1	d.agkn.com	payment.dht-team.co
1	lantern.roeyecdn.com	www.dwin1.com
1	pt.ispot.tv	payment.dht-team.co
1	resources.xg4ken.com	payment.dht-team.co
1	www.dwin1.com	payment.dht-team.co
1	www.googletagmanager.com	payment.dht-team.co
1	web.btncdn.com	payment.dht-team.co
1	cdn-shopfy-com.instrument-ofgod.com	1 redirects
1	lnkiy.in	1 redirects
0	www.google-analytics.com Failed	payment.dht-team.co
54	21

This site contains no links.

Subject Issuer	Validity	Valid
payment.dht-team.co ZeroSSL RSA Domain Secure Site CA	`2023-09-20` - `2023-12-19`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
www.dhl.com DPDHL Global TLS CA - I5	`2023-07-31` - `2024-07-30`	a year	crt.sh
*.btncdn.com Amazon RSA 2048 M01	`2023-03-07` - `2024-04-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.dwin1.com Amazon RSA 2048 M02	`2023-02-28` - `2023-12-01`	9 months	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2022-10-18` - `2023-11-19`	a year	crt.sh
*.ispot.tv R3	`2023-09-11` - `2023-12-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.roeyecdn.com Amazon RSA 2048 M01	`2023-10-04` - `2024-10-30`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://payment.dht-team.co/de/928-020-1514e3.xml?8924384327589432798564372675894372985643728589432758437295843729754389275489327934223443
Frame ID: 0CC09233267BD0B3F9069DB558058C1C
Requests: 1 HTTP requests in this frame

Frame: https://payment.dht-team.co/de/loading.php
Frame ID: F40AA23C601B2926FA906AAF7B95D390
Requests: 42 HTTP requests in this frame

Frame: https://8666735.fls.doubleclick.net/activityi;dc_pre=CIm4tN7s_IEDFV3eOwIdEpwDIQ;src=8666735;type=count0;cat=etsy_000;ord=1;num=4504124644220;gtm=45He3360;auiddc=810030362.1678301810;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin
Frame ID: 556E6ACA6DB8AF15B422A41D48E22C37
Requests: 3 HTTP requests in this frame

Frame: https://9910951.fls.doubleclick.net/activityi;dc_pre=CMGttN7s_IEDFWAHogMdm3IKlA;src=9910951;type=remarkt;cat=unive0;ord=924532843983;gtm=45He3360;auiddc=810030362.1678301810;u2=%2Fsignin;u3=undefined;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin
Frame ID: EE1A54BEBB91F7D24D92E5B766D289D3
Requests: 2 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/10898/?che=1678301831&gauid=1892876889.1678301812
Frame ID: 2A499610B9D9AAF41B1CA170BD26BC72
Requests: 1 HTTP requests in this frame

Frame: https://payment.dht-team.co/de/.enterprise/anchor?ar=1&k=6Ldgkr0ZAAAAAGnf08YhMemepXW29Ux9rtJCcBD3&co=aHR0cHM6Ly93d3cuZXRzeS5jb206NDQz&hl=en&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&badge=none&cb=krw4vjrdvnm8
Frame ID: 169D33EE36A17F3F5F9C4945DE2B7B9F
Requests: 1 HTTP requests in this frame

Frame: https://8666735.fls.doubleclick.net/activityi;dc_pre=CJO3tN7s_IEDFfPWOwId2TgI5A;src=8666735;type=count0;cat=etsy_000;ord=1;num=8728631824305;gtm=2wg3u0;auiddc=2108056226.1649650686;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin
Frame ID: 53CD6450843FA1D8CB42DB4D33A41F86
Requests: 3 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=r09jr34&ref=https%3A%2F%2Fpayment.dht-team.co%2F&upid=c6e9qnb&upv=1.1.0
Frame ID: 01419BA9C29D58E49B9D8D1B15B94C90
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=r09jr34&ref=https%3A%2F%2Fpayment.dht-team.co%2F&upid=c6e9qnb&upv=1.1.0
Frame ID: EB9D5AE2F091322FBCCD7A1445DF33FA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Global Logistics and International Shipping

Page URL History Show full URLs

http://lnkiy.in/orRWe HTTP 302
https://cdn-shopfy-com.instrument-ofgod.com/red.php?3498432329839843893489 HTTP 302
https://payment.dht-team.co/de/928-020-1514e3.xml?892438432758943279856437267589437298564372858943275843... Page URL

Detected technologies

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

96 %
HTTPS

50 %
IPv6

17
Domains

21
Subdomains

19
IPs

4
Countries

686 kB
Transfer

2683 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lnkiy.in/orRWe HTTP 302
https://cdn-shopfy-com.instrument-ofgod.com/red.php?3498432329839843893489 HTTP 302
https://payment.dht-team.co/de/928-020-1514e3.xml?8924384327589432798564372675894372985643728589432758437295843729754389275489327934223443 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://8666735.fls.doubleclick.net/activityi;src=8666735;type=count0;cat=etsy_000;ord=1;num=4504124644220;gtm=45He3360;auiddc=810030362.1678301810;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin HTTP 302
https://8666735.fls.doubleclick.net/activityi;dc_pre=CIm4tN7s_IEDFV3eOwIdEpwDIQ;src=8666735;type=count0;cat=etsy_000;ord=1;num=4504124644220;gtm=45He3360;auiddc=810030362.1678301810;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin

Request Chain 32

https://9910951.fls.doubleclick.net/activityi;src=9910951;type=remarkt;cat=unive0;ord=924532843983;gtm=45He3360;auiddc=810030362.1678301810;u2=%2Fsignin;u3=undefined;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin HTTP 302
https://9910951.fls.doubleclick.net/activityi;dc_pre=CMGttN7s_IEDFWAHogMdm3IKlA;src=9910951;type=remarkt;cat=unive0;ord=924532843983;gtm=45He3360;auiddc=810030362.1678301810;u2=%2Fsignin;u3=undefined;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin

Request Chain 37

https://8666735.fls.doubleclick.net/activityi;src=8666735;type=count0;cat=etsy_000;ord=1;num=8728631824305;gtm=2wg3u0;auiddc=2108056226.1649650686;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin HTTP 302
https://8666735.fls.doubleclick.net/activityi;dc_pre=CJO3tN7s_IEDFfPWOwId2TgI5A;src=8666735;type=count0;cat=etsy_000;ord=1;num=8728631824305;gtm=2wg3u0;auiddc=2108056226.1649650686;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin

54 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 928-020-1514e3.xml Show response
payment.dht-team.co/de/
Redirect Chain

http://lnkiy.in/orRWe
https://cdn-shopfy-com.instrument-ofgod.com/red.php?3498432329839843893489
https://payment.dht-team.co/de/928-020-1514e3.xml?8924384327589432798564372675894372985643728589432758437295843729754389275489327934223443

2 KB
1 KB

1596ms
219ms

Document
application/xml

143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dht-team.co/de/928-020-1514e3.xml?8924384327589432798564372675894372985643728589432758437295843729754389275489327934223443
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash: 593caba8549269a8e8fa6d9240192363cb4930594ca90607eca738079b61d100

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 1093
content-type: application/xml
date: Tue, 17 Oct 2023 10:15:00 GMT
last-modified: Sat, 14 Oct 2023 00:12:57 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

content-type: text/html; charset=UTF-8
date: Tue, 17 Oct 2023 10:14:58 GMT
location: https://payment.dht-team.co/de/928-020-1514e3.xml?8924384327589432798564372675894372985643728589432758437295843729754389275489327934223443
server: Apache

GET
H2 200 loading.php Show response
payment.dht-team.co/de/ Frame F40A 89 KB
31 KB 1691ms
1690ms Document
text/html 143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dht-team.co/de/loading.php
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/928-020-1514e3.xml?8924384327589432798564372675894372985643728589432758437295843729754389275489327934223443
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash: 0ea0f559448a68c6e241066799da531a9d147cf6aea50884be6a866d3b7992b6

Request headers

Referer: https://payment.dht-team.co/de/928-020-1514e3.xml?8924384327589432798564372675894372985643728589432758437295843729754389275489327934223443
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 17 Oct 2023 10:15:00 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 b4.css
payment.dht-team.co/de/ Frame F40A 660 KB
144 KB 452ms
450ms Stylesheet
text/css 143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dht-team.co/de/b4.css
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash: 24f3d354c636ee236c442c7c92095a858249bbeaad896a83c92aefe48497e028

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/de/loading.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:15:02 GMT
content-encoding: gzip
last-modified: Sat, 14 Oct 2023 00:12:44 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 204 20013160.js Show response
bat.bing.com/p/action/ Frame F40A 0
335 B 91ms
47ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/20013160.js

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 17 Oct 2023 10:15:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3C2C87B167BA467A9FE3EA38988E1096 Ref B: FRA31EDGE0218 Ref C: 2023-10-17T10:15:02Z
x-cache: CONFIG_NOCACHE

GET
H2 200 3.css
payment.dht-team.co/de/ Frame F40A 11 KB
3 KB 239ms
237ms Stylesheet
text/css 143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dht-team.co/de/3.css
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash: ec7bb7b4278d416d414e6344d594e4d1fb69de8e14ba2985c19a7bca72842abd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/de/loading.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:15:02 GMT
content-encoding: gzip
last-modified: Sat, 14 Oct 2023 00:12:55 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3453

GET
H2 200 x1.css
payment.dht-team.co/de/ Frame F40A 280 KB
48 KB 228ms
227ms Stylesheet
text/css 143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dht-team.co/de/x1.css
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash: 1ffd3136ddf587a4f24d0f8e74161a62783346fb8fed0f9403ad0494100706e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/de/loading.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:15:02 GMT
content-encoding: gzip
last-modified: Sat, 14 Oct 2023 00:12:52 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 x2.css
payment.dht-team.co/de/ Frame F40A 60 KB
12 KB 238ms
237ms Stylesheet
text/css 143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dht-team.co/de/x2.css
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash: 247bb5e826ecf8e3d7a9fee27c6b115ce6acd01369118e8db4afeec12d85b8af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/de/loading.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:15:02 GMT
content-encoding: gzip
last-modified: Sat, 14 Oct 2023 00:12:52 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 12596

GET
H2 200 x3.css
payment.dht-team.co/de/ Frame F40A 2 KB
713 B 449ms
447ms Stylesheet
text/css 143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dht-team.co/de/x3.css
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash: c639f0ae77b70ace470e72367d53d11072b99bb2a295a005442c9f894d2afdc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/de/loading.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:15:02 GMT
content-encoding: gzip
last-modified: Sat, 14 Oct 2023 00:12:52 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 681

GET
H2 200 x4.css
payment.dht-team.co/de/ Frame F40A 2 KB
878 B 239ms
238ms Stylesheet
text/css 143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dht-team.co/de/x4.css
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash: da1b381ea5c532e786884805a0076b306ab00f3ce8f3ecfe52b42d3d14519876

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/de/loading.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:15:02 GMT
content-encoding: gzip
last-modified: Sat, 14 Oct 2023 00:12:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 823

GET
H2 200 43.css
payment.dht-team.co/de/ Frame F40A 660 KB
144 KB 451ms
449ms Stylesheet
text/css 143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dht-team.co/de/43.css
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash: 24f3d354c636ee236c442c7c92095a858249bbeaad896a83c92aefe48497e028

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/de/loading.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:15:02 GMT
content-encoding: gzip
last-modified: Sat, 14 Oct 2023 00:12:42 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 dhl-logo.svg
www.dhl.com/content/dam/dhl/global/core/images/logos/ Frame F40A 2 KB
1 KB 174ms
41ms Image
image/svg+xml 2a02:26f0:480:48d::4b3f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhl.com/content/dam/dhl/global/core/images/logos/dhl-logo.svg

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:48d::4b3f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 17 Oct 2023 10:15:02 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-akamai-cache: Hit from child
content-length: 722
referrer-policy: same-origin
last-modified: Thu, 12 Oct 2023 19:21:02 GMT
etag: "643-60789d735506b-gzip"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800, stale-while-revalidate=86400
permissions-policy: microphone=(),camera=()
accept-ranges: bytes
expires: Tue, 24 Oct 2023 10:15:02 GMT

GET
H2 200 2.css
payment.dht-team.co/de/ Frame F40A 345 KB
62 KB 450ms
449ms Stylesheet
text/css 143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dht-team.co/de/2.css
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash: 5536947016ce3af3beac18cbe5bd528006410381c8b97b67e8886cd06cf26e56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/de/loading.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:15:02 GMT
content-encoding: gzip
last-modified: Sat, 14 Oct 2023 00:12:56 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 laod.gif
payment.dht-team.co/de/ Frame F40A 17 KB
17 KB 237ms
234ms Image
image/gif 143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.dht-team.co/de/laod.gif
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash: ce6a239fde88d8fb01c7a10d6f7b27d1bc23f5462d02f5ebb4927479fa32a302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/de/loading.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:15:02 GMT
last-modified: Sat, 14 Oct 2023 05:57:27 GMT
server: Apache
accept-ranges: bytes
content-length: 17585
content-type: image/gif

GET
H2 200 bat.js Show response
bat.bing.com/ Frame F40A 44 KB
13 KB 88ms
47ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 17 Oct 2023 10:15:02 GMT
last-modified: Thu, 12 Oct 2023 17:36:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3AB130952CA04945922F52E69978AB02 Ref B: FRA31EDGE0218 Ref C: 2023-10-17T10:15:02Z
etag: "808ec9ad32fdd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12978

GET
H/1.1 200
OK button.js Show response
web.btncdn.com/v1/ Frame F40A 19 KB
8 KB 83ms
20ms Script
application/javascript 99.86.4.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.btncdn.com/v1/button.js
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-2.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cead3ec262b19eab66896b105af98bc13a04e856bfa3c8994378d4ebdcdb2a71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: tfcxMwwN8WFDkY3IIcOKqPAVtWvfuYVl
Content-Encoding: gzip
Via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
Date: Tue, 17 Oct 2023 04:58:28 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 18994
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 17:31:48 GMT
Server: AmazonS3
ETag: W/"c720002805746dabed07fffad3441370"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
X-Amz-Cf-Id: Ujf2-OkTxR9idBKS0vBZ_8V5aM24tvEE1vCwArw_M8fnGOymhyNoIw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame F40A 341 KB
95 KB 74ms
28ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KWW5SS

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24465845a26852c35a623082733f18c47560578135d0faf4763e001f528e6e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:15:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97335
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 17 Oct 2023 10:15:02 GMT

GET
H2 404 .enterprise.js
payment.dht-team.co/de/ Frame F40A 0
0 861ms
860ms Script
text/html 143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dht-team.co/de/.enterprise.js?onload=EtsyRenderRecaptcha1437762502&render=6Ldgkr0ZAAAAAGnf08YhMemepXW29Ux9rtJCcBD3&hl=en&badge=none
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/de/loading.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:15:02 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 16:43:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 462

GET
H2 200 6220.js Show response
www.dwin1.com/ Frame F40A 39 KB
11 KB 100ms
21ms Script
application/javascript 2600:9000:2490:e000:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/6220.js
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:e000:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23ad12034cde0ec000977e48b371861e240d5eade6e9109f25b4e1dfbebf7811

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: 7k03VbnCN8mR.375oCTBBNcEv.Eg.NaD
content-encoding: gzip
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
date: Tue, 17 Oct 2023 10:05:36 GMT
x-amz-cf-pop: FRA56-P6
age: 569
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 13 Oct 2023 11:50:54 GMT
server: AmazonS3
etag: W/"69fdd2305724cda478d7578a7127417d"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: vzhriGlpbsFaP-ExFzgPRkF2aUFYFIc2Y5p9Qvr8J5XWuEqRkLkyCQ==

GET
H2 200 ktag.js Show response
resources.xg4ken.com/js/v2/ Frame F40A 9 KB
4 KB 352ms
44ms Script
application/javascript 52.209.106.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N3E88-3EB

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.106.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-106-135.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6269bafb85bd4d4fed6589655f7e0b8b612397226168098f95d3507848075f6d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:15:02 GMT
content-encoding: gzip
last-modified: Mon, 14 Nov 2022 12:23:07 GMT
server: nginx
etag: "6372332b-dd8"
content-type: application/javascript
cache-control: max-age=86400, public
content-length: 3544
x-xss-protection: 1; mode=block
expires: Wed, 18 Oct 2023 10:15:02 GMT

GET
H2 200 TC-3512-1.gif
pt.ispot.tv/v2/ Frame F40A 43 B
314 B 81ms
19ms Image
image/gif 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.ispot.tv/v2/TC-3512-1.gif?app=web&type=visit&customdata=customer_new&cid=EHVPhNER8GQYnTckchNbkNvrxvrR&uid=undefined
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 17 Oct 2023 10:15:02 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 43
expires: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1001213127/ Frame F40A 3 KB
2 KB 82ms
33ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1001213127/?random=1685150597578&cv=11&fst=1685150597578&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1920&u_h=1080&url=http%3A%2F%2Flocalhost%2FDHL%2520pages%2Femail.html&ref=http%3A%2F%2Flocalhost%2FDHL%2520pages%2F&hn=www.googleadservices.com&frm=0&tiba=DHL%20-%20Login%20Page&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B113.0.5672.127%7CChromium%3B113.0.5672.127%7CNot-A.Brand%3B24.0.0.0&uamb=0&uap=Windows&uapv=15.0.0&uaw=0&data=ecomm_prodid%3D%3Becomm_pagetype%3Dother%3Becomm_totalvalue%3D%3Becomm_rec_prodid%3D%3Becomm_category%3D%3Becomm_pvalue%3D%3Becomm_quantity%3D%3Ba%3D%3Bg%3D%3Bhasaccount%3Dfalse%3Bcqs%3D%3Brp%3D%3Bly%3D%3Bhs%3D%3B_google_crm_id%3D&rfmt=3&fmt=4

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13404ece2d917c4204c147e436a70f726657347f6d9a284a599eec4f80948585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 10:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1419
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 jquery.js
payment.dht-team.co/de/ Frame F40A 0
0 222ms
220ms Script
text/html 143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dht-team.co/de/jquery.js
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/de/loading.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:15:02 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 16:43:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 462

GET
H2 204 0
bat.bing.com/action/ Frame F40A 0
286 B 42ms
41ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=20013160&tm=gtm002&Ver=2&mid=9b4fe03d-5a05-4e50-9dd7-df8b0679b41d&sid=4a5c5080fc2b11edbaf7af41c3df18da&vid=47fd46d0f0f411ed9e88c173434cd4aa&vids=0&msclkid=N&uach=pv%3D15.0.0&pi=918639831&lg=en&sw=1920&sh=1080&sc=24&tl=DHL%20-%20Login%20Page&p=http%3A%2F%2Flocalhost%2FDHL%2520pages%2Femail.html&r=http%3A%2F%2Flocalhost%2FDHL%2520pages%2F&lt=1517&evt=pageLoad&sv=1&rn=688028

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Oct 2023 10:15:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0A6058479A204ABEB00D07B4D37D0209 Ref B: FRA31EDGE0218 Ref C: 2023-10-17T10:15:02Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 glo-footer-logo.svg
www.dhl.com/content/dam/dhl/global/core/images/logos/ Frame F40A 4 KB
3 KB 172ms
42ms Image
image/svg+xml 2a02:26f0:480:48d::4b3f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhl.com/content/dam/dhl/global/core/images/logos/glo-footer-logo.svg

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:48d::4b3f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

90fb9be0fae070f08d943401c91c851f70f58ceaf874f4e75aeed2ac3c5a38da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 17 Oct 2023 10:15:02 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-akamai-cache: Hit from child
content-length: 1997
referrer-policy: same-origin
last-modified: Fri, 13 Oct 2023 04:14:28 GMT
etag: "1197-607914ae45540-gzip"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800, stale-while-revalidate=86400
permissions-policy: microphone=(),camera=()
accept-ranges: bytes
expires: Tue, 24 Oct 2023 10:15:02 GMT

GET
H2 200 youtube-new.svg
www.dhl.com/content/dam/dhl/global/core/images/logos/ Frame F40A 1 KB
1 KB 170ms
40ms Image
image/svg+xml 2a02:26f0:480:48d::4b3f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhl.com/content/dam/dhl/global/core/images/logos/youtube-new.svg

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:48d::4b3f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

acd3eaf2b608fb48f9915964c36772b322ad91106508c4490e2a72122db4d347

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 17 Oct 2023 10:15:02 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-akamai-cache: Hit from child
content-length: 614
referrer-policy: same-origin
last-modified: Fri, 13 Oct 2023 12:01:27 GMT
etag: "584-60797d0f18e2c-gzip"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800, stale-while-revalidate=86400
permissions-policy: microphone=(),camera=()
accept-ranges: bytes
expires: Tue, 24 Oct 2023 10:15:02 GMT

GET
H2 200 facebook-new.svg
www.dhl.com/content/dam/dhl/global/core/images/logos/ Frame F40A 1 KB
1 KB 88ms
42ms Image
image/svg+xml 2a02:26f0:480:48d::4b3f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhl.com/content/dam/dhl/global/core/images/logos/facebook-new.svg

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:48d::4b3f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

43027752f5a04142e6518a4fd8ef54e7e73cfba7820da9c03c1ad38835f04fe2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 17 Oct 2023 10:15:02 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-akamai-cache: Hit from child
content-length: 698
referrer-policy: same-origin
last-modified: Fri, 13 Oct 2023 06:50:57 GMT
etag: "57e-607937a87c9cf-gzip"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800, stale-while-revalidate=86400
permissions-policy: microphone=(),camera=()
accept-ranges: bytes
expires: Tue, 24 Oct 2023 10:15:02 GMT

GET
H2 200 linkedIn-new.svg
www.dhl.com/content/dam/dhl/global/core/images/logos/ Frame F40A 2 KB
1 KB 84ms
43ms Image
image/svg+xml 2a02:26f0:480:48d::4b3f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhl.com/content/dam/dhl/global/core/images/logos/linkedIn-new.svg

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:48d::4b3f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c32f1a0f5b093b6b2c8f5df0bf93856359769ee6bbab40975043cd133711d528

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 17 Oct 2023 10:15:02 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-akamai-cache: Hit from child
content-length: 738
referrer-policy: same-origin
last-modified: Thu, 12 Oct 2023 20:03:39 GMT
etag: "66f-6078a6f9cb85b-gzip"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800, stale-while-revalidate=86400
permissions-policy: microphone=(),camera=()
accept-ranges: bytes
expires: Tue, 24 Oct 2023 10:15:02 GMT

GET
H2 200 instagram-new.svg
www.dhl.com/content/dam/dhl/global/core/images/logos/ Frame F40A 4 KB
2 KB 85ms
44ms Image
image/svg+xml 2a02:26f0:480:48d::4b3f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhl.com/content/dam/dhl/global/core/images/logos/instagram-new.svg

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:48d::4b3f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f01c2e1870fcd75ceca3b4c42c3110cb0aa4b933b562cf3d2c7ddd20ce03c7ee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 17 Oct 2023 10:15:02 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-akamai-cache: Hit from child
content-length: 1608
referrer-policy: same-origin
last-modified: Thu, 12 Oct 2023 15:02:14 GMT
etag: "119c-6078639a3b562-gzip"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800, stale-while-revalidate=86400
permissions-policy: microphone=(),camera=()
accept-ranges: bytes
expires: Tue, 24 Oct 2023 10:15:02 GMT

GET
DATA 200
OK truncated
/ Frame F40A 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/gif

GET js
www.googletagmanager.com/gtag/ Frame F40A 0
0

GET analytics.js
www.google-analytics.com/ Frame F40A 0
0

GET
H2

200

activityi;dc_pre=CIm4tN7s_IEDFV3eOwIdEpwDIQ;src=8666735;type=count0;cat=etsy_000;ord=1;num=4504124644220;gtm=45He3360;auiddc=810030362.1678301810;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin Show response
8666735.fls.doubleclick.net/ Frame 556E
Redirect Chain

https://8666735.fls.doubleclick.net/activityi;src=8666735;type=count0;cat=etsy_000;ord=1;num=4504124644220;gtm=45He3360;auiddc=810030362.1678301810;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin?
https://8666735.fls.doubleclick.net/activityi;dc_pre=CIm4tN7s_IEDFV3eOwIdEpwDIQ;src=8666735;type=count0;cat=etsy_000;ord=1;num=4504124644220;gtm=45He3360;auiddc=810030362.1678301810;~oref=https%3A%...

868 B
702 B

70ms
64ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8666735.fls.doubleclick.net/activityi;dc_pre=CIm4tN7s_IEDFV3eOwIdEpwDIQ;src=8666735;type=count0;cat=etsy_000;ord=1;num=4504124644220;gtm=45He3360;auiddc=810030362.1678301810;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin?

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

eb1e4d609a28eb5984724b26f81f904d9ce95bd188b5cb63e2f8e4c967c9f28a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payment.dht-team.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 403
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 10:15:03 GMT
expires: Tue, 17 Oct 2023 10:15:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 10:15:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8666735.fls.doubleclick.net/activityi;dc_pre=CIm4tN7s_IEDFV3eOwIdEpwDIQ;src=8666735;type=count0;cat=etsy_000;ord=1;num=4504124644220;gtm=45He3360;auiddc=810030362.1678301810;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 lantern_global_6220.min.js Show response
lantern.roeyecdn.com/ Frame F40A 2 KB
2 KB 101ms
21ms Script
application/octet-stream 2600:9000:20eb:d000:1f:af3f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lantern.roeyecdn.com/lantern_global_6220.min.js
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/6220.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:d000:1f:af3f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b304c42a6a7c9aaf31b2226f7ec1cf8acdc85d764cc337409f0cbc8f8a7f0efc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:02:34 GMT
x-amz-version-id: yEpHuh_2NDh2JivWWf7FmzF09noGps50
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
last-modified: Mon, 25 Sep 2023 14:46:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 83550
etag: "a7cf0a0eb134bbe1e9941858586752fe"
x-cache: Hit from cloudfront
content-type: application/octet-stream
content-length: 1800
x-amz-cf-id: UNN2qYTMzwmkA0tQEdrLM0KEsGznLAOkaALHP9OhuWE_LBwX8y-sIg==

GET
H2

200

activityi;dc_pre=CMGttN7s_IEDFWAHogMdm3IKlA;src=9910951;type=remarkt;cat=unive0;ord=924532843983;gtm=45He3360;auiddc=810030362.1678301810;u2=%2Fsignin;u3=undefined;~oref=https%3A%2F%2Fwww.etsy.com%... Show response
9910951.fls.doubleclick.net/ Frame EE1A
Redirect Chain

https://9910951.fls.doubleclick.net/activityi;src=9910951;type=remarkt;cat=unive0;ord=924532843983;gtm=45He3360;auiddc=810030362.1678301810;u2=%2Fsignin;u3=undefined;~oref=https%3A%2F%2Fwww.etsy.co...
https://9910951.fls.doubleclick.net/activityi;dc_pre=CMGttN7s_IEDFWAHogMdm3IKlA;src=9910951;type=remarkt;cat=unive0;ord=924532843983;gtm=45He3360;auiddc=810030362.1678301810;u2=%2Fsignin;u3=undefin...

422 B
582 B

63ms
61ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9910951.fls.doubleclick.net/activityi;dc_pre=CMGttN7s_IEDFWAHogMdm3IKlA;src=9910951;type=remarkt;cat=unive0;ord=924532843983;gtm=45He3360;auiddc=810030362.1678301810;u2=%2Fsignin;u3=undefined;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin?

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

c467548d03b751e617bc0570f2be651ceeb25c6a3ab3ccb1871a6172df9a7040

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payment.dht-team.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 10:15:03 GMT
expires: Tue, 17 Oct 2023 10:15:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 10:15:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9910951.fls.doubleclick.net/activityi;dc_pre=CMGttN7s_IEDFWAHogMdm3IKlA;src=9910951;type=remarkt;cat=unive0;ord=924532843983;gtm=45He3360;auiddc=810030362.1678301810;u2=%2Fsignin;u3=undefined;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 loading.php
payment.dht-team.co/de/ Frame F40A 64 KB
64 KB 917ms
917ms Image
text/html 143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.dht-team.co/de/loading.php
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/de/loading.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:15:03 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 404 Graphik-Regular-Web.woff2
payment.dht-team.co/assets/type/ Frame F40A 0
0 216ms
215ms Font
text/html 143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dht-team.co/assets/type/Graphik-Regular-Web.woff2?v=220104
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/x1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash

Request headers

Referer: https://payment.dht-team.co/de/x1.css
Origin: https://payment.dht-team.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:15:03 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 16:43:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 462

GET
H/1.1 200 / Show response
d.agkn.com/iframe/10898/ Frame 2A49 223 B
761 B 85ms
22ms Document
text/html 3.69.18.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/10898/?che=1678301831&gauid=1892876889.1678301812
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.18.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-18-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 52a1d0f52f460e327988c355867521b4de4af61472d94935afb22dd20cfea935

Request headers

Referer: https://payment.dht-team.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 223
Content-Type: text/html;charset=UTF-8
Date: Tue, 17 Oct 2023 10:15:02 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache

GET
H2 406 anchor Show response
payment.dht-team.co/de/.enterprise/ Frame 169D 226 B
279 B 213ms
213ms Document
text/html 143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dht-team.co/de/.enterprise/anchor?ar=1&k=6Ldgkr0ZAAAAAGnf08YhMemepXW29Ux9rtJCcBD3&co=aHR0cHM6Ly93d3cuZXRzeS5jb206NDQz&hl=en&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&badge=none&cb=krw4vjrdvnm8
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash: 80a265bed528211aa708dcd58f7a95db36eeb7f873c6fe4ddab0b3a1dc0973a4

Request headers

Referer: https://payment.dht-team.co/de/loading.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 226
content-type: text/html; charset=iso-8859-1
date: Tue, 17 Oct 2023 10:15:03 GMT
server: Apache

GET
H2

200

activityi;dc_pre=CJO3tN7s_IEDFfPWOwId2TgI5A;src=8666735;type=count0;cat=etsy_000;ord=1;num=8728631824305;gtm=2wg3u0;auiddc=2108056226.1649650686;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin Show response
8666735.fls.doubleclick.net/ Frame 53CD
Redirect Chain

https://8666735.fls.doubleclick.net/activityi;src=8666735;type=count0;cat=etsy_000;ord=1;num=8728631824305;gtm=2wg3u0;auiddc=2108056226.1649650686;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin?
https://8666735.fls.doubleclick.net/activityi;dc_pre=CJO3tN7s_IEDFfPWOwId2TgI5A;src=8666735;type=count0;cat=etsy_000;ord=1;num=8728631824305;gtm=2wg3u0;auiddc=2108056226.1649650686;~oref=https%3A%2...

866 B
740 B

69ms
64ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8666735.fls.doubleclick.net/activityi;dc_pre=CJO3tN7s_IEDFfPWOwId2TgI5A;src=8666735;type=count0;cat=etsy_000;ord=1;num=8728631824305;gtm=2wg3u0;auiddc=2108056226.1649650686;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin?

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

8286a3d97b70fee043b119492edc61fcc45b47dbdf17ce123d98c32466ad5e05

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payment.dht-team.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 10:15:03 GMT
expires: Tue, 17 Oct 2023 10:15:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 10:15:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8666735.fls.doubleclick.net/activityi;dc_pre=CJO3tN7s_IEDFfPWOwId2TgI5A;src=8666735;type=count0;cat=etsy_000;ord=1;num=8728631824305;gtm=2wg3u0;auiddc=2108056226.1649650686;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 404 Graphik-Medium-Web.woff2
payment.dht-team.co/assets/type/ Frame F40A 0
0 214ms
214ms Font
text/html 143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dht-team.co/assets/type/Graphik-Medium-Web.woff2?v=220104
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/x1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash

Request headers

Referer: https://payment.dht-team.co/de/x1.css
Origin: https://payment.dht-team.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:15:03 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 16:43:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 462

GET
H2 200 /
www.google.com/pagead/1p-user-list/1001213127/ Frame F40A 42 B
455 B 76ms
31ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1001213127/?random=1685150597578&cv=11&fst=1685149200000&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1920&u_h=1080&url=http%3A%2F%2Flocalhost%2FDHL%2520pages%2Femail.html&ref=http%3A%2F%2Flocalhost%2FDHL%2520pages%2F&frm=0&tiba=DHL%20-%20Login%20Page&data=ecomm_prodid%3D%3Becomm_pagetype%3Dother%3Becomm_totalvalue%3D%3Becomm_rec_prodid%3D%3Becomm_category%3D%3Becomm_pvalue%3D%3Becomm_quantity%3D%3Ba%3D%3Bg%3D%3Bhasaccount%3Dfalse%3Bcqs%3D%3Brp%3D%3Bly%3D%3Bhs%3D%3B_google_crm_id%3D&fmt=3&is_vtc=1&random=417222820&rmt_tld=0&ipr=y

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 10:15:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1001213127/ Frame F40A 42 B
455 B 82ms
33ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1001213127/?random=1685150597578&cv=11&fst=1685149200000&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1920&u_h=1080&url=http%3A%2F%2Flocalhost%2FDHL%2520pages%2Femail.html&ref=http%3A%2F%2Flocalhost%2FDHL%2520pages%2F&frm=0&tiba=DHL%20-%20Login%20Page&data=ecomm_prodid%3D%3Becomm_pagetype%3Dother%3Becomm_totalvalue%3D%3Becomm_rec_prodid%3D%3Becomm_category%3D%3Becomm_pvalue%3D%3Becomm_quantity%3D%3Ba%3D%3Bg%3D%3Bhasaccount%3Dfalse%3Bcqs%3D%3Brp%3D%3Bly%3D%3Bhs%3D%3B_google_crm_id%3D&fmt=3&is_vtc=1&random=417222820&rmt_tld=1&ipr=y

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 10:15:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1001213127/ Frame F40A 4 KB
2 KB 781ms
781ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1001213127/?random=1697537703292&cv=11&fst=1697537703292&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayment.dht-team.co%2Fde%2F928-020-1514e3.xml%3F8924384327589432798564372675894372985643728589432758437295843729754389275489327934223443&ref=https%3A%2F%2Fpayment.dht-team.co%2Fde%2F928-020-1514e3.xml%3F8924384327589432798564372675894372985643728589432758437295843729754389275489327934223443&hn=www.googleadservices.com&frm=1&tiba=DHL%20-%20Login%20Page&uamb=0&uaw=0&data=ecomm_prodid%3D%3Becomm_pagetype%3Dother%3Becomm_totalvalue%3D%3Becomm_rec_prodid%3D%3Becomm_category%3D%3Becomm_pvalue%3D%3Becomm_quantity%3D%3Ba%3D%3Bg%3D%3Bhasaccount%3Dfalse%3Bcqs%3D%3Brp%3D%3Bly%3D%3Bhs%3D%3B_google_crm_id%3D&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWW5SS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92885317dd549550b4b84b9db2c355e257092bed71a60c647b4e21b81de5388e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 10:15:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1477
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ Frame F40A 0
122 B 46ms
45ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=20013160&tm=gtm002&Ver=2&mid=3087fd7f-9f2e-43c9-9333-f1f359a3e2d1&sid=097cb9b06cd611ee8c9d61f2f101b6c7&vid=097cd5d06cd611ee9c2fb1edf1c5c591&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=DHL%20-%20Login%20Page&p=https%3A%2F%2Fpayment.dht-team.co%2Fde%2F928-020-1514e3.xml%3F8924384327589432798564372675894372985643728589432758437295843729754389275489327934223443&r=&lt=2677&evt=pageLoad&ifm=1&sv=1&rn=332934

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Oct 2023 10:15:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EBDF1459EBF6414FB4C2B762DD7C4C65 Ref B: FRA31EDGE0218 Ref C: 2023-10-17T10:15:03Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CMGttN7s_IEDFWAHogMdm3IKlA;src=9910951;type=remarkt;cat=unive0;ord=924532843983;gtm=45He3360;auiddc=*;u2=%2Fsignin;u3=undefined;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin
adservice.google.com/ddm/fls/z/ Frame EE1A 42 B
107 B 105ms
59ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMGttN7s_IEDFWAHogMdm3IKlA;src=9910951;type=remarkt;cat=unive0;ord=924532843983;gtm=45He3360;auiddc=*;u2=%2Fsignin;u3=undefined;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin

Requested by

Host: 9910951.fls.doubleclick.net
URL: https://9910951.fls.doubleclick.net/activityi;dc_pre=CMGttN7s_IEDFWAHogMdm3IKlA;src=9910951;type=remarkt;cat=unive0;ord=924532843983;gtm=45He3360;auiddc=810030362.1678301810;u2=%2Fsignin;u3=undefined;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9910951.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 10:15:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 53CD 5 KB
3 KB 69ms
20ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: 8666735.fls.doubleclick.net
URL: https://8666735.fls.doubleclick.net/activityi;dc_pre=CJO3tN7s_IEDFfPWOwId2TgI5A;src=8666735;type=count0;cat=etsy_000;ord=1;num=8728631824305;gtm=2wg3u0;auiddc=2108056226.1649650686;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8666735.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Tue, 17 Oct 2023 03:51:17 GMT
Content-Encoding: gzip
Via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 23027
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: NhYxf8Pvl5Kk6OCx693MimkiAnCB_Ue3zTe03_Cg16pEm9Iu3kvvCQ==

GET
H2 200 dc_pre=CJO3tN7s_IEDFfPWOwId2TgI5A;src=8666735;type=count0;cat=etsy_000;ord=1;num=8728631824305;gtm=2wg3u0;auiddc=*;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin
adservice.google.com/ddm/fls/z/ Frame 53CD 42 B
107 B 102ms
58ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJO3tN7s_IEDFfPWOwId2TgI5A;src=8666735;type=count0;cat=etsy_000;ord=1;num=8728631824305;gtm=2wg3u0;auiddc=*;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin

Requested by

Host: 8666735.fls.doubleclick.net
URL: https://8666735.fls.doubleclick.net/activityi;dc_pre=CJO3tN7s_IEDFfPWOwId2TgI5A;src=8666735;type=count0;cat=etsy_000;ord=1;num=8728631824305;gtm=2wg3u0;auiddc=2108056226.1649650686;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8666735.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 10:15:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 556E 5 KB
3 KB 62ms
20ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: 8666735.fls.doubleclick.net
URL: https://8666735.fls.doubleclick.net/activityi;dc_pre=CIm4tN7s_IEDFV3eOwIdEpwDIQ;src=8666735;type=count0;cat=etsy_000;ord=1;num=4504124644220;gtm=45He3360;auiddc=810030362.1678301810;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8666735.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Tue, 17 Oct 2023 03:51:17 GMT
Content-Encoding: gzip
Via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 23027
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: -J8Vv8NRJI2p1Iy6bkDSObC30qx5hy0qwERrixExP7TGHYGwcvJYOA==

GET
H2 200 dc_pre=CIm4tN7s_IEDFV3eOwIdEpwDIQ;src=8666735;type=count0;cat=etsy_000;ord=1;num=4504124644220;gtm=45He3360;auiddc=*;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin
adservice.google.com/ddm/fls/z/ Frame 556E 42 B
401 B 92ms
56ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIm4tN7s_IEDFV3eOwIdEpwDIQ;src=8666735;type=count0;cat=etsy_000;ord=1;num=4504124644220;gtm=45He3360;auiddc=*;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin

Requested by

Host: 8666735.fls.doubleclick.net
URL: https://8666735.fls.doubleclick.net/activityi;dc_pre=CIm4tN7s_IEDFV3eOwIdEpwDIQ;src=8666735;type=count0;cat=etsy_000;ord=1;num=4504124644220;gtm=45He3360;auiddc=810030362.1678301810;~oref=https%3A%2F%2Fwww.etsy.com%2Fsignin?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8666735.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 10:15:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 Graphik-Regular-Web.woff
payment.dht-team.co/assets/type/ Frame F40A 0
0 216ms
215ms Font
text/html 143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dht-team.co/assets/type/Graphik-Regular-Web.woff?v=220104
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/x1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash

Request headers

Referer: https://payment.dht-team.co/de/x1.css
Origin: https://payment.dht-team.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:15:03 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 16:43:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 462

GET
H2 404 Graphik-Medium-Web.woff
payment.dht-team.co/assets/type/ Frame F40A 0
0 217ms
217ms Font
text/html 143.95.42.191
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.dht-team.co/assets/type/Graphik-Medium-Web.woff?v=220104
Requested by: Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/x1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.42.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: kefka.asoshared.com
Software: Apache /
Resource Hash

Request headers

Referer: https://payment.dht-team.co/de/x1.css
Origin: https://payment.dht-team.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:15:03 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 16:43:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 462

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 0141 0
60 B 147ms
45ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=r09jr34&ref=https%3A%2F%2Fpayment.dht-team.co%2F&upid=c6e9qnb&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8666735.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Tue, 17 Oct 2023 10:15:03 GMT
server: Kestrel

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame EB9D 0
59 B 146ms
46ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=r09jr34&ref=https%3A%2F%2Fpayment.dht-team.co%2F&upid=c6e9qnb&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8666735.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Tue, 17 Oct 2023 10:15:03 GMT
server: Kestrel

GET
H2 200 /
www.google.com/pagead/1p-user-list/1001213127/ Frame F40A 42 B
108 B 35ms
33ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1001213127/?random=1697537703292&cv=11&fst=1697536800000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayment.dht-team.co%2Fde%2F928-020-1514e3.xml%3F8924384327589432798564372675894372985643728589432758437295843729754389275489327934223443&ref=https%3A%2F%2Fpayment.dht-team.co%2Fde%2F928-020-1514e3.xml%3F8924384327589432798564372675894372985643728589432758437295843729754389275489327934223443&frm=1&tiba=DHL%20-%20Login%20Page&data=ecomm_prodid%3D%3Becomm_pagetype%3Dother%3Becomm_totalvalue%3D%3Becomm_rec_prodid%3D%3Becomm_category%3D%3Becomm_pvalue%3D%3Becomm_quantity%3D%3Ba%3D%3Bg%3D%3Bhasaccount%3Dfalse%3Bcqs%3D%3Brp%3D%3Bly%3D%3Bhs%3D%3B_google_crm_id%3D&fmt=3&is_vtc=1&random=603040926&rmt_tld=0&ipr=y

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 10:15:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1001213127/ Frame F40A 42 B
108 B 33ms
32ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1001213127/?random=1697537703292&cv=11&fst=1697536800000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayment.dht-team.co%2Fde%2F928-020-1514e3.xml%3F8924384327589432798564372675894372985643728589432758437295843729754389275489327934223443&ref=https%3A%2F%2Fpayment.dht-team.co%2Fde%2F928-020-1514e3.xml%3F8924384327589432798564372675894372985643728589432758437295843729754389275489327934223443&frm=1&tiba=DHL%20-%20Login%20Page&data=ecomm_prodid%3D%3Becomm_pagetype%3Dother%3Becomm_totalvalue%3D%3Becomm_rec_prodid%3D%3Becomm_category%3D%3Becomm_pvalue%3D%3Becomm_quantity%3D%3Ba%3D%3Bg%3D%3Bhasaccount%3Dfalse%3Bcqs%3D%3Brp%3D%3Bly%3D%3Bhs%3D%3B_google_crm_id%3D&fmt=3&is_vtc=1&random=603040926&rmt_tld=1&ipr=y

Requested by

Host: payment.dht-team.co
URL: https://payment.dht-team.co/de/loading.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.dht-team.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 10:15:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-KR3J610VYM&l=dataLayer&cx=c

Domain: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| _0x1fe6 function| _0x257c

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lnkiy.in/	1969-12-31 23:59:59	Name: JSESSIONID Value: 9D183C2F89067BEAD18CDEEAB76598C0
.ispot.tv/	1970-01-21 01:08:17	Name: pt Value: v2:8ad5f5e719865388fd78473688b02f19a80a29d24658e29bf94211559ff6193b\|a2dd6076afc8417c6a3098b7d43b9c70ffa1ecc2112ecee5f7a14986632aa339
.bing.com/	1970-01-21 00:53:53	Name: MUID Value: 2577DD6AD62C67FF3260CEC7D7A76639
.dht-team.co/	1970-01-20 15:33:44	Name: _uetsid Value: 097cb9b06cd611ee8c9d61f2f101b6c7
.dht-team.co/	1970-01-21 00:53:53	Name: _uetvid Value: 097cd5d06cd611ee9c2fb1edf1c5c591
.agkn.com/	1970-01-21 00:17:53	Name: ab Value: 0001%3AH9zDZylGaiQ0OU7in%2Fn559Uz3WIfOssw
.agkn.com/	1970-01-21 00:17:53	Name: u Value: C\|0CAAswRsnLMEbJwAAAAAAAUC-AAAAAA
.doubleclick.net/	1970-01-21 00:53:53	Name: IDE Value: AHWqTUmkldEJ2w93JbK5r7rr3HeDf2p9F-3ILBrm4ZMYNrRhiqnl5tp5tibwk0AT

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://payment.dht-team.co/de/jquery.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://payment.dht-team.co/de/.enterprise.js?onload=EtsyRenderRecaptcha1437762502&render=6Ldgkr0ZAAAAAGnf08YhMemepXW29Ux9rtJCcBD3&hl=en&badge=none Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://payment.dht-team.co/de/loading.php Message: Mixed Content: The page at 'https://payment.dht-team.co/de/928-020-1514e3.xml?8924384327589432798564372675894372985643728589432758437295843729754389275489327934223443' was loaded over HTTPS, but requested an insecure script 'http://www.googletagmanager.com/gtag/js?id=G-KR3J610VYM&l=dataLayer&cx=c'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://payment.dht-team.co/de/loading.php Message: Mixed Content: The page at 'https://payment.dht-team.co/de/928-020-1514e3.xml?8924384327589432798564372675894372985643728589432758437295843729754389275489327934223443' was loaded over HTTPS, but requested an insecure script 'http://www.google-analytics.com/analytics.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://payment.dht-team.co/assets/type/Graphik-Regular-Web.woff2?v=220104 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://payment.dht-team.co/de/.enterprise/anchor?ar=1&k=6Ldgkr0ZAAAAAGnf08YhMemepXW29Ux9rtJCcBD3&co=aHR0cHM6Ly93d3cuZXRzeS5jb206NDQz&hl=en&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&badge=none&cb=krw4vjrdvnm8 Message: Failed to load resource: the server responded with a status of 406 ()
network	error	URL: https://payment.dht-team.co/assets/type/Graphik-Medium-Web.woff2?v=220104 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://payment.dht-team.co/assets/type/Graphik-Regular-Web.woff?v=220104 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://payment.dht-team.co/assets/type/Graphik-Medium-Web.woff?v=220104 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8666735.fls.doubleclick.net
9910951.fls.doubleclick.net
adservice.google.com
bat.bing.com
cdn-shopfy-com.instrument-ofgod.com
d.agkn.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
lantern.roeyecdn.com
lnkiy.in
payment.dht-team.co
pt.ispot.tv
resources.xg4ken.com
web.btncdn.com
www.dhl.com
www.dwin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.google-analytics.com
www.googletagmanager.com
108.138.15.119
142.250.186.38
142.250.186.70
143.95.42.191
151.101.2.132
2600:9000:20eb:d000:1f:af3f:8a40:93a1
2600:9000:2490:e000:f:8ce2:fb80:93a1
2607:f1c0:100f:f000::265
2620:1ec:c11::200
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2008
2a02:26f0:480:48d::4b3f
3.33.220.150
3.69.18.113
52.209.106.135
65.1.132.182
99.86.4.2
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
0ea0f559448a68c6e241066799da531a9d147cf6aea50884be6a866d3b7992b6
13404ece2d917c4204c147e436a70f726657347f6d9a284a599eec4f80948585
1ffd3136ddf587a4f24d0f8e74161a62783346fb8fed0f9403ad0494100706e6
23ad12034cde0ec000977e48b371861e240d5eade6e9109f25b4e1dfbebf7811
24465845a26852c35a623082733f18c47560578135d0faf4763e001f528e6e22
247bb5e826ecf8e3d7a9fee27c6b115ce6acd01369118e8db4afeec12d85b8af
24f3d354c636ee236c442c7c92095a858249bbeaad896a83c92aefe48497e028
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
43027752f5a04142e6518a4fd8ef54e7e73cfba7820da9c03c1ad38835f04fe2
52a1d0f52f460e327988c355867521b4de4af61472d94935afb22dd20cfea935
5536947016ce3af3beac18cbe5bd528006410381c8b97b67e8886cd06cf26e56
593caba8549269a8e8fa6d9240192363cb4930594ca90607eca738079b61d100
6269bafb85bd4d4fed6589655f7e0b8b612397226168098f95d3507848075f6d
80a265bed528211aa708dcd58f7a95db36eeb7f873c6fe4ddab0b3a1dc0973a4
8286a3d97b70fee043b119492edc61fcc45b47dbdf17ce123d98c32466ad5e05
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
90fb9be0fae070f08d943401c91c851f70f58ceaf874f4e75aeed2ac3c5a38da
92885317dd549550b4b84b9db2c355e257092bed71a60c647b4e21b81de5388e
a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574
acd3eaf2b608fb48f9915964c36772b322ad91106508c4490e2a72122db4d347
b304c42a6a7c9aaf31b2226f7ec1cf8acdc85d764cc337409f0cbc8f8a7f0efc
c32f1a0f5b093b6b2c8f5df0bf93856359769ee6bbab40975043cd133711d528
c467548d03b751e617bc0570f2be651ceeb25c6a3ab3ccb1871a6172df9a7040
c639f0ae77b70ace470e72367d53d11072b99bb2a295a005442c9f894d2afdc2
ce6a239fde88d8fb01c7a10d6f7b27d1bc23f5462d02f5ebb4927479fa32a302
cead3ec262b19eab66896b105af98bc13a04e856bfa3c8994378d4ebdcdb2a71
da1b381ea5c532e786884805a0076b306ab00f3ce8f3ecfe52b42d3d14519876
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb1e4d609a28eb5984724b26f81f904d9ce95bd188b5cb63e2f8e4c967c9f28a
ec7bb7b4278d416d414e6344d594e4d1fb69de8e14ba2985c19a7bca72842abd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01c2e1870fcd75ceca3b4c42c3110cb0aa4b933b562cf3d2c7ddd20ce03c7ee

payment.dht-team.co Open in urlscan Pro 143.95.42.191 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

96 %HTTPS

50 %IPv6

17 Domains

21 Subdomains

19 IPs

4 Countries

686 kBTransfer

2683 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

payment.dht-team.co Open in urlscan Pro
143.95.42.191 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

96 %
HTTPS

50 %
IPv6

17
Domains

21
Subdomains

19
IPs

4
Countries

686 kB
Transfer

2683 kB
Size

8
Cookies

54 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!