Report - dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470

Report Overview

Visitedpublic

2023-08-21 18:37:14

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-08-21 05:21:24	922 B	424 kB	104.17.25.14
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-08-21 06:40:49	430 B	31 kB	69.16.175.10
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-08-21 05:14:12	935 B	51 kB	151.101.129.229
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-08-21 05:10:42	2.0 kB	4.2 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-08-21 07:18:39	1.6 kB	72 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-08-21 06:43:34	482 B	3.7 kB	142.250.74.74
dhl-kundenservice-dhl-de.justns.ru	unknown	2014-07-12	2023-07-17 02:35:19	2023-07-23 04:46:56	4.0 kB	19 kB	91.229.90.148

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-08-21	medium	justns.ru	Sinkholed
2023-08-21	medium	justns.ru	Sinkholed
2023-08-21	medium	justns.ru	Sinkholed
2023-08-21	medium	justns.ru	Sinkholed
2023-08-21	medium	justns.ru	Sinkholed
2023-08-21	medium	justns.ru	Sinkholed
2023-08-21	medium	justns.ru	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js	ScriptElement	8.3 kB	2023-03-07	2025-08-02
URL cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js IP / ASN 104.17.25.14 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 6934 Size 8.3 kB (8327 bytes) MD5 cc290e6c3aeecf5021dd82ad8df2512a SHA1 fb983aecd3940e8ebbfe5e74c8099cee9223c957 SHA256 2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995 Format Code Loading...

	dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/media/js/js.js	ScriptElement	29 B	2023-03-07	2025-07-30
URL dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/media/js/js.js IP / ASN 91.229.90.148 #51659 LLC Baxet Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-07-30 Times Seen 438 Size 29 B (29 bytes) MD5 dcea589058820765286c215198981177 SHA1 85039198b5dbfa1001d795baa2c75fef03019874 SHA256 f4fdc1abf40fd24896bc44d0753494cfeaf5a40160847ca1b904a28d68a2a726 Format Code Loading...

	code.jquery.com/jquery-3.6.1.min.js	ScriptElement	90 kB	2023-03-07	2025-08-02
URL code.jquery.com/jquery-3.6.1.min.js IP / ASN 69.16.175.10 #20446 STACKPATH-CDN Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 16961 Size 90 kB (89664 bytes) MD5 00727d1d5d9c90f7de826f1a4a9cc632 SHA1 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 SHA256 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74 Format Code Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js	ScriptElement	79 kB	2023-03-07	2025-08-02
URL cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js IP / ASN 151.101.129.229 #54113 FASTLY Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 13232 Size 79 kB (78743 bytes) MD5 0aa8d64e726c4a57adb5c88f9115996b SHA1 901169527507ff9e662cf64d8e361f359308970d SHA256 7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe Format Code Loading...

	cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js	ScriptElement	1.5 MB	2023-03-09	2025-08-02
URL cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js IP / ASN 104.17.25.14 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-09 Last Seen 2025-08-02 Times Seen 4854 Size 1.5 MB (1528342 bytes) MD5 d5beb8fa265f90be5ccadd6b32b8672f SHA1 7bdc23c06b51e7e42c05de486680a3c18aa5ce5a SHA256 6a769e18b06859751eaa2259044a6ff76e3ddcd6572a516d8ce3a2d7b8c7538e Format Code Loading...

HTTP Transactions (22)

URL IP Response Size

GET dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470

91.229.90.148

200 OK

1.8 kB

URL

dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470

IP / ASN

91.229.90.148

#51659 LLC Baxet

Requested byN/A

Resource Info

File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators

First Seen2023-08-21

Last Seen2023-08-21

Times Seen1

Size1.8 kB (1807 bytes)

MD5b25597a950a78dd4fb2e2b2998080611

SHA1bbcefec63753262fc2f3f982ed34e77ec7fe4b19

SHA256ad03a35b7cf23b4aff3e1a161fe6fcb921bc586a6ef219fb3bf3a39e615d8a1e

Certificate Info

IssuerLet's Encrypt

Subjectdhl-kundenservice-dhl-de.justns.ru

Fingerprint6C:D1:D1:16:09:75:D1:94:27:31:9C:E4:5A:EC:D1:9F:57:BF:F3:F5

ValidityTue, 11 Jul 2023 05:14:57 GMT - Mon, 09 Oct 2023 05:14:56 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dhl/tracking/fV5EjH/msg.php?id=74131470 HTTP/1.1
Host: dhl-kundenservice-dhl-de.justns.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
set-cookie: PHPSESSID=bd24f1e55af12197084cf2bf9e2d4f7f; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 1807
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Mon, 21 Aug 2023 18:36:56 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

GET dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/media/css/helpers.css

91.229.90.148

200 OK

6.7 kB

URL

dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/media/css/helpers.css

IP / ASN

91.229.90.148

#51659 LLC Baxet

Requested byhttps://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470

Resource Info

File typeASCII text, with very long lines (41897), with CRLF line terminators

First Seen2023-04-07

Last Seen2025-07-30

Times Seen3490

Size6.7 kB (6747 bytes)

MD5726c60fc192383fbcf04e19677ad0959

SHA1e2e966c2b6164806392449ced617227c27d36ab8

SHA2561c7070cf33da6adcb7a6b9ff7eb6e06fd8f64958622d61569b990e8b92c58615

Certificate Info

IssuerLet's Encrypt

Subjectdhl-kundenservice-dhl-de.justns.ru

Fingerprint6C:D1:D1:16:09:75:D1:94:27:31:9C:E4:5A:EC:D1:9F:57:BF:F3:F5

ValidityTue, 11 Jul 2023 05:14:57 GMT - Mon, 09 Oct 2023 05:14:56 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dhl/tracking/media/css/helpers.css HTTP/1.1
Host: dhl-kundenservice-dhl-de.justns.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470
Cookie: PHPSESSID=bd24f1e55af12197084cf2bf9e2d4f7f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 28 Aug 2023 18:36:56 GMT
content-type: text/css
last-modified: Thu, 06 Oct 2022 02:31:44 GMT
etag: "a3ab-633e3e10-339c7425d0678704;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6747
date: Mon, 21 Aug 2023 18:36:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/media/css/style.css

91.229.90.148

200 OK

2.0 kB

URL

dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/media/css/style.css

IP / ASN

91.229.90.148

#51659 LLC Baxet

Requested byhttps://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470

Resource Info

File typeASCII text, with very long lines (8355), with CRLF line terminators

First Seen2023-04-07

Last Seen2025-07-30

Times Seen442

Size2.0 kB (1959 bytes)

MD5a069deeaea648f7808b57a558e236a24

SHA15b69df096fae1687c08fc844fdb2671daade4cf1

SHA256c92e87c72b7e7c1ae975fb98f028fe3dcf87ea7d32ef7a4b093929fa06083af3

Certificate Info

IssuerLet's Encrypt

Subjectdhl-kundenservice-dhl-de.justns.ru

Fingerprint6C:D1:D1:16:09:75:D1:94:27:31:9C:E4:5A:EC:D1:9F:57:BF:F3:F5

ValidityTue, 11 Jul 2023 05:14:57 GMT - Mon, 09 Oct 2023 05:14:56 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dhl/tracking/media/css/style.css HTTP/1.1
Host: dhl-kundenservice-dhl-de.justns.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470
Cookie: PHPSESSID=bd24f1e55af12197084cf2bf9e2d4f7f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 28 Aug 2023 18:36:56 GMT
content-type: text/css
last-modified: Sun, 16 Oct 2022 23:01:42 GMT
etag: "20a5-634c8d56-c4c9cf961a300e87;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1959
date: Mon, 21 Aug 2023 18:36:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/media/imgs/logo.svg

91.229.90.148

200 OK

779 B

URL

dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/media/imgs/logo.svg

IP / ASN

91.229.90.148

#51659 LLC Baxet

Requested byhttps://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470

Resource Info

File typeSVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text

First Seen2023-04-30

Last Seen2025-08-02

Times Seen2496

Size779 B (779 bytes)

MD53fecc9db35d5d2a9e6e71ab4b02d22e5

SHA1628ba2f505b480097445aaf08649a08242bd6847

SHA256362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Certificate Info

IssuerLet's Encrypt

Subjectdhl-kundenservice-dhl-de.justns.ru

Fingerprint6C:D1:D1:16:09:75:D1:94:27:31:9C:E4:5A:EC:D1:9F:57:BF:F3:F5

ValidityTue, 11 Jul 2023 05:14:57 GMT - Mon, 09 Oct 2023 05:14:56 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dhl/tracking/media/imgs/logo.svg HTTP/1.1
Host: dhl-kundenservice-dhl-de.justns.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470
Cookie: PHPSESSID=bd24f1e55af12197084cf2bf9e2d4f7f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 28 Aug 2023 18:36:56 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Oct 2020 14:17:46 GMT
etag: "643-5f96da8a-e871d61750de076c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 779
date: Mon, 21 Aug 2023 18:36:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/media/imgs/glo-footer-logo.svg

91.229.90.148

200 OK

4.0 kB

URL

dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/media/imgs/glo-footer-logo.svg

IP / ASN

91.229.90.148

#51659 LLC Baxet

Requested byhttps://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470

Resource Info

File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (656)

First Seen2023-05-01

Last Seen2025-07-30

Times Seen1111

Size4.0 kB (4009 bytes)

MD5d1b0e043744fd642282117a03d308b17

SHA1d8abe7a0887b804e516c45a344c542e291a1a84b

SHA2565162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038

Certificate Info

IssuerLet's Encrypt

Subjectdhl-kundenservice-dhl-de.justns.ru

Fingerprint6C:D1:D1:16:09:75:D1:94:27:31:9C:E4:5A:EC:D1:9F:57:BF:F3:F5

ValidityTue, 11 Jul 2023 05:14:57 GMT - Mon, 09 Oct 2023 05:14:56 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dhl/tracking/media/imgs/glo-footer-logo.svg HTTP/1.1
Host: dhl-kundenservice-dhl-de.justns.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470
Cookie: PHPSESSID=bd24f1e55af12197084cf2bf9e2d4f7f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 28 Aug 2023 18:36:56 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Oct 2020 14:39:24 GMT
etag: "2ec0-5f96df9c-2e47051fb4c401ff;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4009
date: Mon, 21 Aug 2023 18:36:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/media/js/js.js

91.229.90.148

200 OK

29 B

URL

dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/media/js/js.js

IP / ASN

91.229.90.148

#51659 LLC Baxet

Requested byhttps://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470

Resource Info

File typeASCII text, with CRLF line terminators

First Seen2023-03-07

Last Seen2025-07-30

Times Seen438

Size29 B (29 bytes)

MD5dcea589058820765286c215198981177

SHA185039198b5dbfa1001d795baa2c75fef03019874

SHA256f4fdc1abf40fd24896bc44d0753494cfeaf5a40160847ca1b904a28d68a2a726

Certificate Info

IssuerLet's Encrypt

Subjectdhl-kundenservice-dhl-de.justns.ru

Fingerprint6C:D1:D1:16:09:75:D1:94:27:31:9C:E4:5A:EC:D1:9F:57:BF:F3:F5

ValidityTue, 11 Jul 2023 05:14:57 GMT - Mon, 09 Oct 2023 05:14:56 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dhl/tracking/media/js/js.js HTTP/1.1
Host: dhl-kundenservice-dhl-de.justns.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470
Cookie: PHPSESSID=bd24f1e55af12197084cf2bf9e2d4f7f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 28 Aug 2023 18:36:56 GMT
content-type: application/javascript
last-modified: Thu, 13 Oct 2022 04:01:14 GMT
etag: "1d-63478d8a-90e3df0a9c1213bf;;;"
accept-ranges: bytes
content-length: 29
date: Mon, 21 Aug 2023 18:36:56 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js

104.17.25.14

200 OK

3.1 kB

URL

cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js

IP / ASN

104.17.25.14

#13335 CLOUDFLARENET

Requested byhttps://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470

Resource Info

File typeASCII text, with very long lines (542)

First Seen2023-03-07

Last Seen2025-08-02

Times Seen6934

Size3.1 kB (3074 bytes)

MD5cc290e6c3aeecf5021dd82ad8df2512a

SHA1fb983aecd3940e8ebbfe5e74c8099cee9223c957

SHA2562a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995

Certificate Info

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D

ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

HTTP Headers

GET /ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl-kundenservice-dhl-de.justns.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 21 Aug 2023 18:36:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 3074
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64942b1d-c02"
last-modified: Thu, 22 Jun 2023 11:06:05 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2210517
expires: Sat, 10 Aug 2024 18:36:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQN6fGpmy5VgXFad%2FKN6XsBsQK3giyEY0iQlUwF99KfGduVir7zmqivmgnsbG5V4cKMFn08Q7B4CmJmCH2XiWfWisDuZ73H1grCxiKSjQNpLlMXX9Oc4Aw78ZgwrlcfGt6g5pYCg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7fa4fc07b877b4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js

104.17.25.14

200 OK

418 kB

URL

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js

IP / ASN

104.17.25.14

#13335 CLOUDFLARENET

Requested byhttps://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470

Resource Info

File typeASCII text, with very long lines (65317)

First Seen2023-03-09

Last Seen2025-08-02

Times Seen4854

Size418 kB (418541 bytes)

MD5d5beb8fa265f90be5ccadd6b32b8672f

SHA17bdc23c06b51e7e42c05de486680a3c18aa5ce5a

SHA2566a769e18b06859751eaa2259044a6ff76e3ddcd6572a516d8ce3a2d7b8c7538e

Certificate Info

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D

ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

HTTP Headers

GET /ajax/libs/font-awesome/6.2.0/js/all.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl-kundenservice-dhl-de.justns.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 21 Aug 2023 18:36:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 418541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630e6e62-662ed"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7605872
expires: Sat, 10 Aug 2024 18:36:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwEITZ3LPCPh0xDohrqXX3dZ8BH7xSukPspS1i3WEMuVggUTk3Q99ikvV3zn0YkGrw4Qw7ull5ci1ESuRwrtPpDmvM1%2BDR5ATyxJWX0jS1bNHdSp%2FgLPKt4%2FKyAsrEYX6FfOJvhd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7fa4fc07b876b4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET code.jquery.com/jquery-3.6.1.min.js

69.16.175.10

200 OK

31 kB

URL

code.jquery.com/jquery-3.6.1.min.js

IP / ASN

69.16.175.10

#20446 STACKPATH-CDN

Requested byhttps://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470

Resource Info

File typeASCII text, with very long lines (65447)

First Seen2023-03-07

Last Seen2025-08-02

Times Seen16961

Size31 kB (30957 bytes)

MD500727d1d5d9c90f7de826f1a4a9cc632

SHA1ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2

SHA256a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Certificate Info

IssuerSectigo Limited

Subject*.jquery.com

FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D

ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

HTTP Headers

GET /jquery-3.6.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl-kundenservice-dhl-de.justns.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 21 Aug 2023 18:36:56 GMT
content-encoding: gzip
content-length: 30957
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
accept-ranges: bytes
server: nginx
etag: W/"63090485-15e40"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1692643016.dop205.sk1.t,1692643016.cds213.sk1.hn,1692643016.cds206.sk1.c
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

151.101.129.229

200 OK

25 kB

URL

cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

IP / ASN

151.101.129.229

#54113 FASTLY

Requested byhttps://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470

Resource Info

File typeUnicode text, UTF-8 text, with very long lines (65306)

First Seen2023-04-05

Last Seen2025-08-02

Times Seen87457

Size25 kB (25360 bytes)

MD5abe91756d18b7cd60871a2f47c1e8192

SHA17c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d

SHA2567633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Certificate Info

IssuerGlobalSign nv-sa

Subjectjsdelivr.net

Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F

ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

HTTP Headers

GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl-kundenservice-dhl-de.justns.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
content-encoding: br
accept-ranges: bytes
date: Mon, 21 Aug 2023 18:36:56 GMT
age: 6166259
x-served-by: cache-fra-eddf8230097-FRA, cache-bma1679-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

151.101.129.229

200 OK

24 kB

URL

cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

IP / ASN

151.101.129.229

#54113 FASTLY

Requested byhttps://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470

Resource Info

File typeASCII text, with very long lines (65299)

First Seen2023-03-07

Last Seen2025-08-02

Times Seen13232

Size24 kB (23943 bytes)

MD50aa8d64e726c4a57adb5c88f9115996b

SHA1901169527507ff9e662cf64d8e361f359308970d

SHA2567e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Certificate Info

IssuerGlobalSign nv-sa

Subjectjsdelivr.net

Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F

ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

HTTP Headers

GET /npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl-kundenservice-dhl-de.justns.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
content-encoding: br
accept-ranges: bytes
date: Mon, 21 Aug 2023 18:36:56 GMT
age: 7792212
x-served-by: cache-fra-eddf8230080-FRA, cache-bma1679-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23943
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL

ocsp.pki.goog/gts1c3

IP / ASN

142.250.74.131

#15169 GOOGLE

Requested byN/A

Resource Info

File typedata

First Seen2023-08-21

Last Seen2023-08-22

Times Seen684

Size472 B (472 bytes)

MD5d882f9734d1c766b3d52fceb11eab131

SHA1cb833bc95b67eb439b5e786bfa0ce2fb2255553b

SHA2560c7206d2377f3d9381864c85ae83d504b0a7612087039319bb7437a62f519a36

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Aug 2023 18:36:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL

ocsp.pki.goog/gts1c3

IP / ASN

142.250.74.131

#15169 GOOGLE

Requested byN/A

Resource Info

File typedata

First Seen2023-08-20

Last Seen2023-08-21

Times Seen949

Size472 B (472 bytes)

MD513a182911c48208d46296f2d68922689

SHA1cee05fa911bd0fe21e5c4e81ac156d23614f901b

SHA2560842ddf7301e14c8a15e6d169a11ca9a7fa6882d6ae4440f1175abf329c00d7f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Aug 2023 18:36:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL

ocsp.pki.goog/gts1c3

IP / ASN

142.250.74.131

#15169 GOOGLE

Requested byN/A

Resource Info

File typedata

First Seen2023-08-20

Last Seen2023-08-21

Times Seen988

Size472 B (472 bytes)

MD53c9b7b6ec576f37034920c9519ebc398

SHA15c6d5d8e6a1a9b3302737ab40f962aa92be18b28

SHA256c0bb94cdf91ea702858f28c9fc851d4fcc4e7586dfcfcf6006a37c02496cece3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Aug 2023 18:36:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL

ocsp.pki.goog/gts1c3

IP / ASN

142.250.74.131

#15169 GOOGLE

Requested byN/A

Resource Info

File typedata

First Seen2023-08-20

Last Seen2023-08-21

Times Seen988

Size472 B (472 bytes)

MD53c9b7b6ec576f37034920c9519ebc398

SHA15c6d5d8e6a1a9b3302737ab40f962aa92be18b28

SHA256c0bb94cdf91ea702858f28c9fc851d4fcc4e7586dfcfcf6006a37c02496cece3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Aug 2023 18:36:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL

ocsp.pki.goog/gts1c3

IP / ASN

142.250.74.131

#15169 GOOGLE

Requested byN/A

Resource Info

File typedata

First Seen2023-08-20

Last Seen2023-08-21

Times Seen988

Size472 B (472 bytes)

MD53c9b7b6ec576f37034920c9519ebc398

SHA15c6d5d8e6a1a9b3302737ab40f962aa92be18b28

SHA256c0bb94cdf91ea702858f28c9fc851d4fcc4e7586dfcfcf6006a37c02496cece3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Aug 2023 18:36:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

216.58.207.227

200 OK

22 kB

URL

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

IP / ASN

216.58.207.227

#15169 GOOGLE

Requested byhttps://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 22504, version 1.0\012- data

First Seen2023-04-17

Last Seen2025-08-02

Times Seen9959

Size22 kB (22504 bytes)

MD51c6c65523675abc6fcd78e804325bd77

SHA1898d9808304dc157f5dcb18ca169ec6e2b96b3d7

SHA25608664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Certificate Info

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB

ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dhl-kundenservice-dhl-de.justns.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Aug 2023 10:56:15 GMT
expires: Sun, 18 Aug 2024 10:56:15 GMT
cache-control: public, max-age=31536000
age: 200442
last-modified: Tue, 02 May 2023 15:12:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

IP / ASN

216.58.207.227

#15169 GOOGLE

Requested byhttps://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data

First Seen2023-04-05

Last Seen2025-08-02

Times Seen56911

Size24 kB (23580 bytes)

MD5e1b3b5908c9cf23dfb2b9c52b9a023ab

SHA1fcd4136085f2a03481d9958cc6793a5ed98e714c

SHA256918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Certificate Info

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB

ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dhl-kundenservice-dhl-de.justns.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:16:10 GMT
expires: Fri, 16 Aug 2024 15:16:10 GMT
cache-control: public, max-age=31536000
age: 357647
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

IP / ASN

216.58.207.227

#15169 GOOGLE

Requested byhttps://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data

First Seen2023-04-05

Last Seen2025-08-02

Times Seen43556

Size23 kB (23040 bytes)

MD5de69cf9e514df447d1b0bb16f49d2457

SHA12ac78601179c3a63ba3f3f3081556b12ddcaf655

SHA256c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Certificate Info

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB

ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dhl-kundenservice-dhl-de.justns.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:25:37 GMT
expires: Fri, 16 Aug 2024 15:25:37 GMT
cache-control: public, max-age=31536000
age: 357080
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL

ocsp.pki.goog/gts1c3

IP / ASN

142.250.74.131

#15169 GOOGLE

Requested byN/A

Resource Info

File typedata

First Seen2023-08-20

Last Seen2023-08-21

Times Seen988

Size472 B (472 bytes)

MD53c9b7b6ec576f37034920c9519ebc398

SHA15c6d5d8e6a1a9b3302737ab40f962aa92be18b28

SHA256c0bb94cdf91ea702858f28c9fc851d4fcc4e7586dfcfcf6006a37c02496cece3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Aug 2023 18:36:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/media/imgs/ff.ico

91.229.90.148

200 OK

1.2 kB

URL

dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/media/imgs/ff.ico

IP / ASN

91.229.90.148

#51659 LLC Baxet

Requested byhttps://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470

Resource Info

File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data

First Seen2023-04-26

Last Seen2025-08-02

Times Seen2513

Size1.2 kB (1150 bytes)

MD5d8106bf3a1d00ab43b01e6e3c92500eb

SHA1202b5e8654ab1b28351378293bca3b9d844cc29b

SHA2569ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e

Certificate Info

IssuerLet's Encrypt

Subjectdhl-kundenservice-dhl-de.justns.ru

Fingerprint6C:D1:D1:16:09:75:D1:94:27:31:9C:E4:5A:EC:D1:9F:57:BF:F3:F5

ValidityTue, 11 Jul 2023 05:14:57 GMT - Mon, 09 Oct 2023 05:14:56 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dhl/tracking/media/imgs/ff.ico HTTP/1.1
Host: dhl-kundenservice-dhl-de.justns.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470
Cookie: PHPSESSID=bd24f1e55af12197084cf2bf9e2d4f7f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 28 Aug 2023 18:36:57 GMT
content-type: image/x-icon
last-modified: Mon, 26 Oct 2020 14:25:02 GMT
etag: "47e-5f96dc3e-2dbd827ff64cad98;;;"
accept-ranges: bytes
content-length: 1150
date: Mon, 21 Aug 2023 18:36:57 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

142.250.74.74

200 OK

3.1 kB

URL

fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

IP / ASN

142.250.74.74

#15169 GOOGLE

Requested byhttps://dhl-kundenservice-dhl-de.justns.ru/dhl/tracking/fV5EjH/msg.php?id=74131470

Resource Info

File typeASCII text, with very long lines (3140), with no line terminators

First Seen2023-05-05

Last Seen2024-08-21

Times Seen325

Size3.1 kB (3068 bytes)

MD5849da283e366056af99e02126095d515

SHA1c1ef30d232a95845bae80e5024651435fc21a54d

SHA2569bea1e942972cfa217e4bc060d6cd7ad73487be2998be56167ce4016fb4a6f14

Certificate Info

IssuerGoogle Trust Services LLC

Subjectupload.video.google.com

Fingerprint2A:06:F9:5A:FD:FC:89:5C:D7:C5:CC:38:F0:25:78:FB:15:9F:5A:67

ValidityMon, 31 Jul 2023 08:22:19 GMT - Mon, 23 Oct 2023 08:22:18 GMT

HTTP Headers

GET /css2?family=Lato:wght@300;400;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhl-kundenservice-dhl-de.justns.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 21 Aug 2023 18:36:57 GMT
date: Mon, 21 Aug 2023 18:36:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2