urlscan.io logo urlscan.io
SecurityTrails logo

www.eon.so Open in urlscan Pro
198.54.115.84  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.eon.so/hu.dhl.account/dhl/
Effective URL: https://www.eon.so/hu.dhl.account/dhl/
Submission: On August 27 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 5 domains to perform 26 HTTP transactions. The main IP is 198.54.115.84, located in Los Angeles, United States and belongs to NAMECHEAP-NET, US. The main domain is www.eon.so.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 20th 2020. Valid for: a year.
This is the only time www.eon.so was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

IP Address AS Autonomous System
1 2 198.54.115.84 22612 (NAMECHEAP...)
17 104.111.230.139 16625 (AKAMAI-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
26 7
2    198.54.115.84 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server207-2.web-hosting.com
www.eon.so
17    104.111.230.139 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-139.deploy.static.akamaitechnologies.com
mydhl.express.dhl
1    2a02:26f0:6c00:28a::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
assets.adobedtm.com
1    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
17 mydhl.express.dhl www.eon.so
mydhl.express.dhl
2 www.eon.so 1 redirects
1 www.gstatic.com www.eon.so
1 ajax.googleapis.com www.eon.so
1 translate.googleapis.com www.eon.so
1 assets.adobedtm.com www.eon.so
26 6

This site contains links to these domains. Also see Links.

Domain
mydhl.express.dhl
oso.dhl.com
Subject Issuer Validity Valid
eon.so
Sectigo RSA Domain Validation Secure Server CA		 2020-08-20 -
2021-08-20		 a year crt.sh
mydhl.express.dhl
DPDHL Global TLS CA - I5		 2020-08-19 -
2021-08-19		 a year crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA		 2019-10-22 -
2021-10-01		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.eon.so/hu.dhl.account/dhl/
Frame ID: B63BC1D5090729C73EB3292A07D99BD8
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.eon.so/hu.dhl.account/dhl/ HTTP 301
    https://www.eon.so/hu.dhl.account/dhl/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

26
Requests

85 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

7
IPs

4
Countries

978 kB
Transfer

3752 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.eon.so/hu.dhl.account/dhl/ HTTP 301
    https://www.eon.so/hu.dhl.account/dhl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.eon.so/hu.dhl.account/dhl/
Redirect Chain
  • http://www.eon.so/hu.dhl.account/dhl/
  • https://www.eon.so/hu.dhl.account/dhl/
899 KB
101 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.eon.so/hu.dhl.account/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.115.84 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server207-2.web-hosting.com
Software
Apache /
Resource Hash
53d333cd2d47627efdd62c429976f10306029e2ff4743d025ce40bbb132acc5c

Request headers

:method
GET
:authority
www.eon.so
:scheme
https
:path
/hu.dhl.account/dhl/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 27 Aug 2020 04:52:52 GMT
server
Apache
last-modified
Mon, 24 Aug 2020 21:59:30 GMT
accept-ranges
none
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html

Redirect headers

Date
Thu, 27 Aug 2020 04:52:51 GMT
Server
Apache
Location
https://www.eon.so/hu.dhl.account/dhl/
Content-Length
246
Content-Type
text/html; charset=iso-8859-1
ewf-base.dae7e8ebce001d436791f9f4d23155d71a0df53c12165ed847468180dd045cb3.css
mydhl.express.dhl/etc/clientlibs/dhl/global/public/stylesheets/ 		246 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mydhl.express.dhl/etc/clientlibs/dhl/global/public/stylesheets/ewf-base.dae7e8ebce001d436791f9f4d23155d71a0df53c12165ed847468180dd045cb3.css
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-139.deploy.static.akamaitechnologies.com
Software
nginx/1.15.7 /
Resource Hash
dae7e8ebce001d436791f9f4d23155d71a0df53c12165ed847468180dd045cb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 Aug 2020 23:15:44 GMT
Server
nginx/1.15.7
ETag
"3d66d-5ad6b6a8f9d38-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=29030400, public
Date
Thu, 27 Aug 2020 04:52:52 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47476
X-dynaTrace
PT=1669390062;PA=-318768957;PS=1899481076
Expires
Fri, 23 Jul 2021 23:17:24 GMT
ewf-components.0630161e47cb64c83b67a48f1c3892171e39f60aa62a2edeceda8375e546bcdc.css
mydhl.express.dhl/etc/clientlibs/dhl/global/public/stylesheets/ 		210 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mydhl.express.dhl/etc/clientlibs/dhl/global/public/stylesheets/ewf-components.0630161e47cb64c83b67a48f1c3892171e39f60aa62a2edeceda8375e546bcdc.css
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-139.deploy.static.akamaitechnologies.com
Software
nginx/1.15.7 /
Resource Hash
0630161e47cb64c83b67a48f1c3892171e39f60aa62a2edeceda8375e546bcdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 Aug 2020 23:16:20 GMT
Server
nginx/1.15.7
ETag
"346b7-5ad6b6cb0c0c6-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=29030400, public
Date
Thu, 27 Aug 2020 04:52:52 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45151
X-dynaTrace
PT=1669378843;PA=-318768957;PS=1899481076
Expires
Fri, 23 Jul 2021 23:16:31 GMT
ewf-cosmetic.b58565c38476d68a546119d65a2c1c3f8b4950ec1516e0bb57f3421eca576d65.css
mydhl.express.dhl/etc/clientlibs/dhl/global/public/stylesheets/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mydhl.express.dhl/etc/clientlibs/dhl/global/public/stylesheets/ewf-cosmetic.b58565c38476d68a546119d65a2c1c3f8b4950ec1516e0bb57f3421eca576d65.css
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-139.deploy.static.akamaitechnologies.com
Software
nginx/1.15.7 /
Resource Hash
b58565c38476d68a546119d65a2c1c3f8b4950ec1516e0bb57f3421eca576d65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 Aug 2020 23:13:53 GMT
Server
nginx/1.15.7
ETag
"19f4-5ad6b63fa1bc5-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=29030400, public
Date
Thu, 27 Aug 2020 04:52:52 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1861
X-dynaTrace
PT=1674650339;PA=-318768957;PS=1899481076
Expires
Sun, 25 Jul 2021 18:29:56 GMT
jquery.min.js
mydhl.express.dhl/etc.clientlibs/clientlibs/granite/ 		111 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mydhl.express.dhl/etc.clientlibs/clientlibs/granite/jquery.min.js
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-139.deploy.static.akamaitechnologies.com
Software
nginx/1.15.7 /
Resource Hash
b397476bcbcf8c9eae3f82007cc4f9495661b367e02e6d3dea6e15f0610ef20a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 Aug 2020 23:13:53 GMT
Server
nginx/1.15.7
ETag
"1baa2-5ad6b63fa23d5-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=29030400, public
Date
Thu, 27 Aug 2020 04:52:52 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43562
X-dynaTrace
PT=723047828;PA=-970081665;PS=1899481076
Expires
Tue, 27 Jul 2021 13:41:10 GMT
data-layer.min.js
mydhl.express.dhl/etc/clientlibs/dhl/ 		965 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mydhl.express.dhl/etc/clientlibs/dhl/data-layer.min.js
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-139.deploy.static.akamaitechnologies.com
Software
nginx/1.15.7 /
Resource Hash
d8ed58a1503354e09d550d8ad0dc5425e30d55a77871d8c70783c0ab7e12453a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 Aug 2020 23:13:53 GMT
Server
nginx/1.15.7
ETag
"3c5-5ad6b63fa17de-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=29030400, public
Date
Thu, 27 Aug 2020 04:52:52 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
525
X-dynaTrace
PT=600146745;PA=-970081665;PS=1899481076
Expires
Sun, 25 Jul 2021 18:28:49 GMT
launch-EN4beec7cc9b7a4e3bb4c409bc54b5fbc2.min.js
mydhl.express.dhl//assets.adobedtm.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://mydhl.express.dhl//assets.adobedtm.com/launch-EN4beec7cc9b7a4e3bb4c409bc54b5fbc2.min.js
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP6989456eab6f4f618b15e82840ffd69b/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP6989456eab6f4f618b15e82840ffd69b/AppMeasurement.min.js
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
d8b202fcb71f89cc175a962403911ee3da6d9736dd79b4ae3f4d5b972400bee2

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 27 Aug 2020 04:52:52 GMT
content-encoding
gzip
last-modified
Wed, 17 Jul 2019 21:32:04 GMT
server
Apache
status
200
etag
"fdc98c35f4bd77deab73aab133e4f8bd:1563399124"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eon.so
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
13098
expires
Thu, 27 Aug 2020 05:52:52 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 27 Aug 2020 04:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2581
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3619
x-xss-protection
0
last-modified
Wed, 12 Feb 2020 21:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 27 Aug 2020 05:09:51 GMT
dhl_express_logo_transparent.png
mydhl.express.dhl/content/dam/ewf/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mydhl.express.dhl/content/dam/ewf/logos/dhl_express_logo_transparent.png
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-139.deploy.static.akamaitechnologies.com
Software
nginx/1.15.7 /
Resource Hash
35b8eca53271516f3d66a3dd8f89e1366edb87adad26015424148de71dfcce46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Fri, 21 Aug 2020 23:11:31 GMT
Server
nginx/1.15.7
ETag
"794-5ad6b5b751e09"
Content-Type
image/png
Cache-Control
max-age=604800, public
Date
Thu, 27 Aug 2020 04:52:52 GMT
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1940
X-dynaTrace
PT=1341023824;PA=1560363091;PS=1899481076
Expires
Mon, 31 Aug 2020 16:04:33 GMT
flags.32c.png
mydhl.express.dhl/etc/clientlibs/dhl/global/public/img/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mydhl.express.dhl/etc/clientlibs/dhl/global/public/img/flags.32c.png
Requested by
Host: mydhl.express.dhl
URL: https://mydhl.express.dhl/etc/clientlibs/dhl/global/public/stylesheets/ewf-base.dae7e8ebce001d436791f9f4d23155d71a0df53c12165ed847468180dd045cb3.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-139.deploy.static.akamaitechnologies.com
Software
nginx/1.15.7 /
Resource Hash
71cd76e19df0aad70f2e9b57c162a03070836e1056ca8b3353511ee87b2ae08a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://mydhl.express.dhl/etc/clientlibs/dhl/global/public/stylesheets/ewf-base.dae7e8ebce001d436791f9f4d23155d71a0df53c12165ed847468180dd045cb3.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Fri, 21 Aug 2020 23:16:25 GMT
Server
nginx/1.15.7
ETag
"19ce1-5ad6b6cff9755"
Content-Type
image/png
Cache-Control
max-age=604800, public
Date
Thu, 27 Aug 2020 04:52:52 GMT
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
105697
X-dynaTrace
PT=594776673;PA=-970081665;PS=1899481076
Expires
Fri, 28 Aug 2020 23:16:31 GMT
dhl.woff
mydhl.express.dhl/etc/clientlibs/dhl/global/public/fonts/ 		0
0
dhl-icon.woff
mydhl.express.dhl/etc/clientlibs/dhl/global/public/fonts/ 		0
0
dhl-icon.ttf
mydhl.express.dhl/etc/clientlibs/dhl/global/public/fonts/ 		0
0
dhl.ttf
mydhl.express.dhl/etc/clientlibs/dhl/global/public/fonts/ 		0
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 09:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243930
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Aug 2021 09:07:23 GMT
footer-logo.png
mydhl.express.dhl/content/dam/ewf/logos/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mydhl.express.dhl/content/dam/ewf/logos/footer-logo.png
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-139.deploy.static.akamaitechnologies.com
Software
nginx/1.15.7 /
Resource Hash
baed8711f954b7a12fd77083f6bedaa1277f31e99b378ea6cda883474077355e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Fri, 21 Aug 2020 23:13:54 GMT
Server
nginx/1.15.7
ETag
"196a-5ad6b63fa42d5"
Content-Type
image/png
Cache-Control
max-age=604800, public
Date
Thu, 27 Aug 2020 04:52:53 GMT
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6506
X-dynaTrace
PT=1669390065;PA=-318768957;PS=1899481076
Expires
Fri, 28 Aug 2020 23:17:24 GMT
manifest.d7170fa804948b25f163ca8646bda373910d19293ea44309fffc2a4d2a3e6666.js
mydhl.express.dhl/etc/clientlibs/dhl/global/build/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mydhl.express.dhl/etc/clientlibs/dhl/global/build/manifest.d7170fa804948b25f163ca8646bda373910d19293ea44309fffc2a4d2a3e6666.js
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-139.deploy.static.akamaitechnologies.com
Software
nginx/1.15.7 /
Resource Hash
d7170fa804948b25f163ca8646bda373910d19293ea44309fffc2a4d2a3e6666
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 Aug 2020 23:13:58 GMT
Server
nginx/1.15.7
ETag
"808-5ad6b6443aa6d-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=29030400, public
Date
Thu, 27 Aug 2020 04:52:53 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1126
X-dynaTrace
PT=594784374;PA=-970081665;PS=1899481076
Expires
Fri, 23 Jul 2021 23:17:08 GMT
chunk.958e951291dc0d1ee38e10910691b25fd136c70d5ccbe3da654f9c12f973fade.js
mydhl.express.dhl/etc/clientlibs/dhl/global/build/ 		1 MB
340 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mydhl.express.dhl/etc/clientlibs/dhl/global/build/chunk.958e951291dc0d1ee38e10910691b25fd136c70d5ccbe3da654f9c12f973fade.js
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-139.deploy.static.akamaitechnologies.com
Software
nginx/1.15.7 /
Resource Hash
958e951291dc0d1ee38e10910691b25fd136c70d5ccbe3da654f9c12f973fade
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 Aug 2020 23:16:19 GMT
Server
nginx/1.15.7
ETag
"1274ae-5ad6b6ca464e1-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=29030400, public
Date
Thu, 27 Aug 2020 04:52:53 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
347832
X-dynaTrace
PT=594776432;PA=-970081665;PS=1899481076
Expires
Fri, 23 Jul 2021 23:16:31 GMT
vendors.c2d374fe772aa6461d2a439ba06f23fe281a007eb795a55be784666e9ea69223.js
mydhl.express.dhl/etc/clientlibs/dhl/global/build/ 		29 B
565 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mydhl.express.dhl/etc/clientlibs/dhl/global/build/vendors.c2d374fe772aa6461d2a439ba06f23fe281a007eb795a55be784666e9ea69223.js
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-139.deploy.static.akamaitechnologies.com
Software
nginx/1.15.7 /
Resource Hash
c2d374fe772aa6461d2a439ba06f23fe281a007eb795a55be784666e9ea69223
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 Aug 2020 23:16:18 GMT
Server
nginx/1.15.7
ETag
"1d-5ad6b6c9a6a0f"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=29030400, public
Date
Thu, 27 Aug 2020 04:52:53 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47
X-dynaTrace
PT=1674648053;PA=-318768957;PS=1899481076
Expires
Sun, 25 Jul 2021 18:28:53 GMT
common.b3513d83b3686c16fcde53dbfa3810b07a405a3fcfe976868ab612ce1e39114b.js
mydhl.express.dhl/etc/clientlibs/dhl/global/build/ 		72 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mydhl.express.dhl/etc/clientlibs/dhl/global/build/common.b3513d83b3686c16fcde53dbfa3810b07a405a3fcfe976868ab612ce1e39114b.js
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-139.deploy.static.akamaitechnologies.com
Software
nginx/1.15.7 /
Resource Hash
b3513d83b3686c16fcde53dbfa3810b07a405a3fcfe976868ab612ce1e39114b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 Aug 2020 23:16:19 GMT
Server
nginx/1.15.7
ETag
"11ea5-5ad6b6ca5c46d-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=29030400, public
Date
Thu, 27 Aug 2020 04:52:53 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20997
X-dynaTrace
PT=600146750;PA=-970081665;PS=1899481076
Expires
Sun, 25 Jul 2021 18:28:50 GMT
dashboard.88ddb5d8f5c84734787cc966b7e3641b88acfff62005992582038aa486aca874.js
mydhl.express.dhl/etc/clientlibs/dhl/global/build/ 		96 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mydhl.express.dhl/etc/clientlibs/dhl/global/build/dashboard.88ddb5d8f5c84734787cc966b7e3641b88acfff62005992582038aa486aca874.js
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-139.deploy.static.akamaitechnologies.com
Software
nginx/1.15.7 /
Resource Hash
88ddb5d8f5c84734787cc966b7e3641b88acfff62005992582038aa486aca874
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 Aug 2020 23:12:58 GMT
Server
nginx/1.15.7
ETag
"18017-5ad6b60b17421-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=29030400, public
Date
Thu, 27 Aug 2020 04:52:53 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27968
X-dynaTrace
PT=1674648813;PA=-318768957;PS=1899481076
Expires
Sun, 25 Jul 2021 18:29:09 GMT
ewf.hu.hu.populateDictionariesCallback.9d8cd1a579d4250ed5bd621e4a1ccc2089d0a72320947ffb13f712d8ea4be40a.js
mydhl.express.dhl/etc/dhl/dictionary/ 		678 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mydhl.express.dhl/etc/dhl/dictionary/ewf.hu.hu.populateDictionariesCallback.9d8cd1a579d4250ed5bd621e4a1ccc2089d0a72320947ffb13f712d8ea4be40a.js
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-139.deploy.static.akamaitechnologies.com
Software
nginx/1.15.7 /
Resource Hash
65d59222ce5c33eb5c7ce30e6382c8cf165b1edf0030f379afad9d24fbc000f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
Last-Modified
Wed, 26 Aug 2020 03:34:08 GMT
Server
nginx/1.15.7
ETag
W/"a9678-5adbf7e0eeccd-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=29030400, public
Date
Thu, 27 Aug 2020 04:52:53 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
188709
X-dynaTrace
PT=1760893887;PA=-833578732;PS=1899481076
Expires
Wed, 28 Jul 2021 03:34:06 GMT
regexp.populateRegexpCallback.9d8cd1a579d4250ed5bd621e4a1ccc2089d0a72320947ffb13f712d8ea4be40a.js
mydhl.express.dhl/etc/dhl/dictionary/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mydhl.express.dhl/etc/dhl/dictionary/regexp.populateRegexpCallback.9d8cd1a579d4250ed5bd621e4a1ccc2089d0a72320947ffb13f712d8ea4be40a.js
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-139.deploy.static.akamaitechnologies.com
Software
nginx/1.15.7 /
Resource Hash
d47a2cdb1f23417b00d6a1869877c1138be6ccf0a8d93926ca0b6d8a1c4812d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 Aug 2020 23:13:58 GMT
Server
nginx/1.15.7
ETag
"bd7-5ad6b6443e5ac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=29030400, public
Date
Thu, 27 Aug 2020 04:52:53 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1405
X-dynaTrace
PT=600147617;PA=-970081665;PS=1899481076
Expires
Sun, 25 Jul 2021 18:29:13 GMT
whoami
mydhl.express.dhl/api/auth/ 		847 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mydhl.express.dhl/api/auth/whoami?callback=populateUserInfoCallback
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-139.deploy.static.akamaitechnologies.com
Software
nginx/1.15.7 /
Resource Hash
099f8ecc1caa8a2d95dd7793c81bd70a96a7661565bacd2e7c239e9490ffd8a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DC-Name
PRG
Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Trace-Token
czchols4045.prg-dc.dhl.com-12145127
Server
nginx/1.15.7
Date
Thu, 27 Aug 2020 04:52:53 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Biz-Transaction-Id
1298845919660179456
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
847
X-dynaTrace
PT=1879501234;PA=-318768957;PS=1899481076
Expires
0
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		825 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: www.eon.so
URL: https://www.eon.so/hu.dhl.account/dhl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eon.so/hu.dhl.account/dhl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 20 Aug 2020 12:14:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
578301
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
825
x-xss-protection
0
expires
Fri, 20 Aug 2021 12:14:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mydhl.express.dhl
URL
https://mydhl.express.dhl/etc/clientlibs/dhl/global/public/fonts/dhl.woff
Domain
mydhl.express.dhl
URL
https://mydhl.express.dhl/etc/clientlibs/dhl/global/public/fonts/dhl-icon.woff
Domain
mydhl.express.dhl
URL
https://mydhl.express.dhl/etc/clientlibs/dhl/global/public/fonts/dhl-icon.ttf
Domain
mydhl.express.dhl
URL
https://mydhl.express.dhl/etc/clientlibs/dhl/global/public/fonts/dhl.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes string| pageName object| dataLayer function| $ function| jQuery object| matched object| browser function| constructDataLayerUser function| pushDataLayerEvent string| CKEDITOR_BASEPATH function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| isNumber function| webpackJsonp function| populateDictionariesCallback function| populateUserInfoCallback function| populateRegexpCallback function| handleWhoAmIFail object| messages object| appRegexps object| userInfo

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.adobedtm.com
mydhl.express.dhl
translate.googleapis.com
www.eon.so
www.gstatic.com
mydhl.express.dhl
104.111.230.139
198.54.115.84
2a00:1450:4001:800::200a
2a00:1450:4001:819::200a
2a00:1450:4001:81b::2003
2a02:26f0:6c00:28a::1e80
0630161e47cb64c83b67a48f1c3892171e39f60aa62a2edeceda8375e546bcdc
099f8ecc1caa8a2d95dd7793c81bd70a96a7661565bacd2e7c239e9490ffd8a3
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
35b8eca53271516f3d66a3dd8f89e1366edb87adad26015424148de71dfcce46
53d333cd2d47627efdd62c429976f10306029e2ff4743d025ce40bbb132acc5c
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
65d59222ce5c33eb5c7ce30e6382c8cf165b1edf0030f379afad9d24fbc000f2
71cd76e19df0aad70f2e9b57c162a03070836e1056ca8b3353511ee87b2ae08a
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
88ddb5d8f5c84734787cc966b7e3641b88acfff62005992582038aa486aca874
958e951291dc0d1ee38e10910691b25fd136c70d5ccbe3da654f9c12f973fade
b3513d83b3686c16fcde53dbfa3810b07a405a3fcfe976868ab612ce1e39114b
b397476bcbcf8c9eae3f82007cc4f9495661b367e02e6d3dea6e15f0610ef20a
b58565c38476d68a546119d65a2c1c3f8b4950ec1516e0bb57f3421eca576d65
baed8711f954b7a12fd77083f6bedaa1277f31e99b378ea6cda883474077355e
c2d374fe772aa6461d2a439ba06f23fe281a007eb795a55be784666e9ea69223
d47a2cdb1f23417b00d6a1869877c1138be6ccf0a8d93926ca0b6d8a1c4812d7
d7170fa804948b25f163ca8646bda373910d19293ea44309fffc2a4d2a3e6666
d8b202fcb71f89cc175a962403911ee3da6d9736dd79b4ae3f4d5b972400bee2
d8ed58a1503354e09d550d8ad0dc5425e30d55a77871d8c70783c0ab7e12453a
dae7e8ebce001d436791f9f4d23155d71a0df53c12165ed847468180dd045cb3