{"report_id":"1e3a5e6a-d0a3-44b2-9838-e3a302ec3bb9","version":6,"status":"done","tags":[],"date":"2026-02-24T10:01:13Z","url":{"schema":"http","addr":"secure.sportssystems.com/clients/dhlguestmanagement/index.cfm?auuid=B1B11843-021B-C25B-D63DA6F9662B9EDC","fqdn":"secure.sportssystems.com","domain":"sportssystems.com","tld":"com"},"ip":{"addr":"35.171.42.52","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/credapp.cfm","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"title":"TicketManager","dom":{"size":22789,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (440)","md5":"9fb21124781460ef9acd0638991cdf41","sha1":"14294c7715caf65ca304ec3f939831923feb01b5","sha256":"cb4555e7146d6c5350f3d4401ab79d7ad49300e5daabf552ece14c749ade2ce8","sha512":"68f1e8a21ff944c3c78796f57af8a68cc7fe9a117fd3019d35291333dad6f482d4cf407afcbe4e9a77eb149290596a6410e79909dd7f305d32fd11c725e56786","ssdeep":"384:Uk+RH+RzLYgzY+x721W76n4hzVcdl2eO3ROR9KVWdA:Ukn721W76n4zcoho9KV/","tlshash":"a1a28104eb1e9438837e3155657aeaef623d14f828e04c46f9ce7cb457e8d4e4903e96","dom_hash":"domhash1f0fc4a412a39ec99f38e47fded458ef","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"secure.sportssystems.com/clients/dhlguestmanagement/index.cfm?auuid=B1B11843-021B-C25B-D63DA6F9662B9EDC","fqdn":"secure.sportssystems.com","domain":"sportssystems.com","tld":"com"},"ip":{"addr":"35.171.42.52","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-31T10:01:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"secure.dhlguestmanagement.com","ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2018-07-27","domain_rank":0,"first_seen":"2019-04-25T04:54:57Z","last_seen":"2026-02-23T10:51:51.599755Z","alert_count":140,"request_count":35,"received_data":4347305,"sent_data":37928,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"ZURB Foundation","description":"Zurb Foundation is used to prototype in the browser. Allows rapid creation of websites or applications while leveraging mobile and responsive technology. The front end framework is the collection of HTML, CSS, and Javascript containing design patterns.","website":"https://foundation.zurb.com","common_platform_enumeration":"","icon":"ZURB Foundation.png","categories":["UI frameworks"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"OneTrust","description":"OneTrust is a cloud-based data privacy management compliance platform.","website":"https://www.onetrust.com","common_platform_enumeration":"","icon":"OneTrust.svg","categories":["Cookie compliance"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-02-22T23:01:24.734653Z","alert_count":0,"request_count":2,"received_data":63384,"sent_data":982,"comment":"","tags":null,"fingerprints":null},{"fqdn":"secure.sportssystems.com","ip":{"addr":"3.210.241.219","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"1995-11-25","domain_rank":5907312,"first_seen":"2012-11-19T06:38:31Z","last_seen":"2026-02-23T10:51:51.696889Z","alert_count":0,"request_count":1,"received_data":811027,"sent_data":571,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon ALB","description":"Amazon Application Load Balancer (ALB) distributes incoming application traffic to increase availability and support content-based routing.","website":"https://aws.amazon.com/elasticloadbalancing/","common_platform_enumeration":"","icon":"Amazon ELB.svg","categories":["Load balancers"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"cdn.cookielaw.org","ip":{"addr":"104.18.87.42","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2011-06-20","domain_rank":2972,"first_seen":"2013-12-28T13:20:36Z","last_seen":"2026-02-23T00:41:31.557478Z","alert_count":0,"request_count":1,"received_data":27488,"sent_data":492,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/credapp.cfm","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"2a638e87f553ccc67e3fb0d628607653","sha1":"c681d382eb92da1b177625206d8b9cc65cc0416a","sha256":"b8d5add727727f7d3920162801bcdc6a84e6bca018717990435d884ff0c3aa32","sha512":"d4a3566a14a9553fc324654506f01e0b0df824e11d14127971c50b8daa90942c6fe17ff4f8db52f21909f03e64b213262fb0153aba7bacaf12eb8e9415f9daec","ssdeep":"","tlshash":"d7d0a7518c8e4896f3154639f695541b883f64f87c288e39cb95b42e5fd132ae3b6181","size":232,"data":"","first_seen":"2026-02-24T10:01:21.678968Z","last_seen":"2026-02-24T10:01:21.678968Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/credapp.cfm","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"54e5154b95972ea56f4f5f65c432445b","sha1":"1d07533776c030752cb6154cb5af4d68c712a460","sha256":"ff96d770418e8a323f809e53c1281fc5af79d5885c4b2d5f83a360b5fbe72de9","sha512":"a2dc0dd303ccb1f6ec9c58cce92618ea6db287417438e99dc738e858db34d7dfcfba81d1f5ba393b31ae08feccfd38a1147e88d4e043e7385b5920f8240e60c1","ssdeep":"","tlshash":"08a0220283082cc0022cc8382388e22bc3b3038a0a080ce002c2e3303fab00880cae8c","size":68,"data":"","first_seen":"2023-03-09T21:34:53Z","last_seen":"2026-04-01T04:43:31.927273Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-G3KM9F037Q\u0026cx=c\u0026gtm=4e62j0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"03230937307777f9c974059fbd840869","sha1":"75a8744402196640e1d3a263005b0a65a31611c1","sha256":"5afa76d51bf32950d266234950b15b79ce921dcba9fce200eb58e699a2b08398","sha512":"d695b2ff9460a8b3dd4e50b216e9e95b515543db79a7baa12077ab691ef817170d3e79fe5b495c13768db07e063efb0341715aedf6f5bd08509d3341766d00ce","ssdeep":"6144:K5mO7CW6y273J5wYygLIR8Nyk7pNH08pddlmOrE4k25fQnMcm0g:6uW6y27ADEIR855VrEsfNn","tlshash":"848419cdb3d670269392a478503f018bb57b69a2f44cc899f189dce42d74a9a4237f7c","size":407449,"data":"","first_seen":"2026-02-24T10:01:21.680392Z","last_seen":"2026-02-24T10:01:21.680392Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.segment.com/next-integrations/integrations/vendor/commons.59560acdd69ed701c941.js.gz","fqdn":"cdn.segment.com","domain":"segment.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"3352efee1f8ca059edb7c41599c07473","sha1":"abc7c4c05a4b1dd37f32fec4f20a1be3a7d32380","sha256":"ee0869d33edcbaa122c94a800d91c5805c8d911b3082d2498183ed65262fc024","sha512":"fc3e05312d7fdba2ede7b6750140e0e79377ab1dc0c1d614112977f74db81052f1c0b61578a2171480b493ea3c49b10b3462418606cbd951db05a1fb1c5cae0d","ssdeep":"768:gKnV0nzPoBKwFSjiMIXPsdy+Ll3r32/D24eM8L5wN8j0mYw/M:giVQPoVFS+MIEdyk3rE24sA8j05qM","tlshash":"6b6376c8f5a2f4b543a361a4012f560fe23b596cb44d91e8f392d5e1acb888e4537f39","size":71723,"data":"","first_seen":"2025-05-09T16:53:08.737292Z","last_seen":"2026-04-06T06:06:17.378522Z","times_seen":9530,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/CFJS/ajax/package/cfajax.js","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a4fedc1e362844ac7975f6790774fec5","sha1":"7e376db896785ca72d14d96a7842fe1ba71722e7","sha256":"e59d24ca01fa0bc85b3d2ea79fb48726151dc24a006293810a9dd16631597147","sha512":"def49d607132350f4d37cbf29644bb8558e90a522614b02659a99216d298c68448b9b1e133a62f936e1437322da77e3e758b790f88099b260897f4b32f6c99c1","ssdeep":"768:euQYR/SNfYSVVogZXfva/3wqY1US1BWtfHv41fcz+o7fX9fwlxpNO9h58T6IzbPB:PE1YSVfCQ1kDFWM978T6IXYgGB4","tlshash":"8a03f8dcb5940c9e8ab92592044f2b5e3cacc966a84cc594a4ecc5e45f7cac3d43bf39","size":39986,"data":"","first_seen":"2024-10-06T09:51:57.03263Z","last_seen":"2026-04-01T04:43:31.901799Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/lib/responsive/foundation-5.5.2/js/vendor/modernizr.js","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7710ac5fd1f24229d5d7ba401f7fd6b8","sha1":"b6a3f1e66ef1376216117f3c2fc71d735bf6eb5a","sha256":"4f175ba1a86dca89a1b1c8cded4cb6d76acc15e976cba8bdc3c8c95820adf716","sha512":"e9c1544b0103d4af3165691bc950e6881c101c6ab7127518746a41b28f83f95641ce72dc9e86dc29608362e83cbce1e71e0e47ae963476e54f72fcb2f94f01a9","ssdeep":"192:ezMdVO7MRftBRCzHYxqG1uTyKVOKzEf7jQLJZMYWABl8xAfo:eYdVqMTCjYxqG1uTuKAfXQLJRNCxAQ","tlshash":"7f32c78eb29371095357a07b217f460ff27d98d9552848e4e059c5acbe34ce8427bf2d","size":11264,"data":"","first_seen":"2023-03-07T15:24:53Z","last_seen":"2026-04-06T04:01:07.37878Z","times_seen":320,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/credapp.cfm","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3a9f871c5a3a5c7fd8cdb90f13f59849","sha1":"a4fc91909623baf41d92cb769259c7647f723ed8","sha256":"833d217bc3e945ef90e348b97e3f423d8a48d60e0a8992cacb6d167b0aa8ad28","sha512":"bfffb997deb905f7c6291d82bdfe7de1961ab188087a174fd3a28d05c298e08fc68f062d610f9227500061fbdfe49752c4de5422dc1ab9c86dd21b0fc27a8f38","ssdeep":"192:Hsm1R+uwOlRH+RzLYgzY+EVyP72149z76n0RzRR8X+ax2oQzkLeapP:lRH+RzLYgzY+x721W76n4e","tlshash":"b212ab01a527a538c3bf7255157aeeaf633524e85ce10948e6c73cb086fd88f6903f96","size":9197,"data":"","first_seen":"2026-02-24T10:01:21.681628Z","last_seen":"2026-02-24T10:01:21.681628Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/credapp.cfm","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f1692ba5780f50729276c00bd2673109","sha1":"569516839ef8f8d01ec138559599d0372b4b4893","sha256":"7f2971cb7042db0a9b79a20c595ebed931b08d7d01ebfc548ad6881fa52b58cb","sha512":"ee8a70d57e197268450cf9321f811eaa01e6efd93f1b20adee8d2f464598dea0b275e9cdee28f11e20052e0dc2c69fd6849cf80d7bc5f574551447516af40ba7","ssdeep":"","tlshash":"a4e0c202b1d719b0577c61b894348f97673d0c9838b36908164575fb8b6d64b440ba8c","size":308,"data":"","first_seen":"2026-02-24T10:01:21.682566Z","last_seen":"2026-02-24T10:01:21.682566Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/lib/responsive/foundation-5.5.2/js/foundation.min.js","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3860a074b5b6dc9f1cc5e9336a5e43db","sha1":"3203390624dfe5321778056af888aba21bd9d8a0","sha256":"749d4f0674af91c19d3e8c2d3ee6a4fd250dc69fd8c1e85da50beb6e6bfd7e44","sha512":"722634a16d269461723ebc12d0fcc01cf1a65b5e70e0ef0a929e4da966a1ccfe000c4b98141fe64149aca129dd95819f6b063e855376d0170cc27eb3ecf463c1","ssdeep":"1536:WoVE1fFtzrgmGg1jf1OwKlVhe/VLrTsF6SYfEZ648nwwWIx2Uu4YBY8tM11ssWdZ:GMmGg1jfwo5TsF6SYMZLkajxBuGC4","tlshash":"c5142c0a76f7206a84a7707a8faf52057232440b590aee297d7c83849fd057856f2ffd","size":209142,"data":"","first_seen":"2023-12-19T03:45:48Z","last_seen":"2026-04-01T04:43:31.888398Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/credapp.cfm","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"69faf7d3a2b2360f53572a83e838e881","sha1":"79138360ee2d32c0ece4e90f34701d652ba37b02","sha256":"d8be180a965503dd4003ca277cafb85a1b434a13bca3789112aa5968f45b42f1","sha512":"55e1b58c4eac434cb9e68bbcdc595e213b8443adb29356f8ef3e7fa65adc8b764a95ecf09909f3d86e8f97f237137450110565649800ae4ba639b42b388e124b","ssdeep":"","tlshash":"c4d095b734c0107552b9c1f4b3f7830c34731218545d5a12f14784547734d95004eddc","size":266,"data":"","first_seen":"2024-12-10T04:23:37.681646Z","last_seen":"2026-04-01T04:43:31.946377Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/javascripts/webpack/dist/js/webpackBundle_frontend.js?v=2.1.597","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6beda134b58d8286c5855d59990df360","sha1":"a2048811926b2c2cb7f5f55259221e4b2167a692","sha256":"d2944f14a4dc4f070117b9aa39969241db327e1b2b485e7d1c007c8e78145bee","sha512":"01b25b7b08eb819a70a9e4b17075136f57285197bc2e5695b2344b88c9f445939f381e1fc329d17abd0481264f50eb08c201c9228418ab9fb200ef95527b849c","ssdeep":"6144:ii8eGRuufsr5zQ47GKrpvMAd6lHWvu/22om1/jjOv3DaPQAib5IkK7M/:iiURum05b1x9vu+kjOfDaPQAib59/","tlshash":"a2d42a4d7249352289bb7279513f260af23a813b6501815cb82cc5dd6fbcd4862bbfbd","size":610964,"data":"","first_seen":"2026-02-10T09:56:51.202584Z","last_seen":"2026-04-01T04:43:31.916936Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/CFJS/ajax/messages/cfmessage.js","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f8268af5712009a9b6f7c5af22d447e5","sha1":"053529113dc48766a5b4203fb94da4dd53982e50","sha256":"b5016e4129865d7768be4927696e39051d3ca0050c3b80d382ac7bcaa9f5dfb1","sha512":"451d3c5a3214cdd608fff336172ff44cf6c96c78dd9f17fd3e674a83d8610f48d6605742ffd644a2de77cbf920209ed47f07ff03495fab3625deb9e4ef2313fa","ssdeep":"768:Z0JfgK3Kc0hDgqUW0iUfgoPC9mFGFaTeMbNSkPfeNWBWBWoNu2uIZJtNvNvVhNrX:Z0JfwfPSQY8YAoQCWUmly+xCWGb0","tlshash":"71e2950f38913bbbb42600b47ab62f3a95f5024385d116214f85d55ca37c85e2abb7ef","size":32218,"data":"","first_seen":"2023-03-29T21:29:07Z","last_seen":"2026-04-01T04:43:31.860431Z","times_seen":96,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/credapp.cfm","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a9559b824b67e09345f2c16273884990","sha1":"8e17a6c0eca8971ec512cd3fb930289ced03cae6","sha256":"ea2edcb22944490f0d462b5d09d5e42a081b2ca3d479a5d7fc5eb669e72061b8","sha512":"3e6af486fe35666a9108c95448b4a10e469d1a62795bd897ee09cb2a8b1e53cb487ec0e069e6abfd1d2a2a740c76c7ca578ee578ef5f93bcdabdb511dea6f60b","ssdeep":"","tlshash":"59d0a709d807e86d43be2411347989cbdf7646bd24d84a06d2937cf94eed40f5003ac9","size":252,"data":"","first_seen":"2026-02-24T10:01:21.684395Z","last_seen":"2026-02-24T10:01:21.684395Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/credapp.cfm","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d51eb70a3d9567e02316def011a3c8fc","sha1":"f218d7ef88cc00e9e48ee8b6454f86dea2d0cb9a","sha256":"1e735c4d8056cf7c25c31c6bd49bce262f16187f183d8ba727862ef60354c8cc","sha512":"dd54adb05ee29c193a62de5acc14ea31b8ae9c7a70b32817f876d95d1553aa7e6afb2a5cda0c94cd6e642e7d42f3d859ff735742131c66756671e35fb02fb084","ssdeep":"","tlshash":"9ed09781ce73008e056b3a2e44aef0006fa888e8341eef65ddbafc0c20d2e009c1b2c1","size":255,"data":"","first_seen":"2026-02-24T10:01:21.685552Z","last_seen":"2026-02-24T10:01:21.685552Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/eventdata/15420/js/prefixfree.jquery.js?ev=55","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4c50fbd629ac15ab5618f8db87f8f3a7","sha1":"c848cc5d78b4b7908af2d793d4dfca236aa43eef","sha256":"9eb000bc6f64652d7b57e75e0161c558563a46d7e9d84ccafbda83191eeb6020","sha512":"bbd78dc08c0b9cafcf26ce424a7d6f455f060e5a59adb2f76f6d991d3dbefeff9290a410a6b9977e0e01f29d170c903b37556d80f5e987becf785e344d51dd91","ssdeep":"","tlshash":"12e0df24fbaccf4a63e760bce6053197b08b15040e78da24f3a1462460387da44caed7","size":355,"data":"","first_seen":"2026-02-24T10:01:21.608164Z","last_seen":"2026-02-24T10:01:21.608164Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/credapp.cfm","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"877a387a8d79dc4d9a467349ac22cc16","sha1":"bb6217c3f7b3d6410c393ddfc550cad50c2452fb","sha256":"aed2eb1cb05e7340f86489d74aa7dcb6dd1e0ec4e126f7d138ad9e76b04a81a3","sha512":"c6eb8d7c9821532e3e1cb4be579ad11e1f6fe9a4e55af2ac284f563f8cc971942b9c04af90f7b8c8a94a8b6f962970aa064a4d96e3c2f82e68d056cf59b38ae7","ssdeep":"96:AauPz2ViCq5SyAuLpwZT5q8iR78JLwZeEpbNRb63KnqIGaNN6hC1S+MC5A+bRLtC:AAs7AyElxQdeElOv3AVRZoR9utyVcjq","tlshash":"f212c858e75c41fe96362199b93f22da613d84b33d514c27fc8cb8b837d8e2c43966a1","size":9161,"data":"","first_seen":"2026-02-24T10:01:21.686798Z","last_seen":"2026-02-24T10:01:21.686798Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/credapp.cfm","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a00def7b98416e8d5281ab3b7274629a","sha1":"363cac62dceac8b98901b0ea7ceeb37a2aa9a4aa","sha256":"178751ee764fde6de0b823d17f98570a3f33c714c93baee877f24f5f0f310477","sha512":"687b98492a2d621c4f986454893dd6074a7430aaccc158be49008346d6e6367b75f36f709907b0a8d6d2b8fd425387469fc1f533f1e7d624cc7e4f6b374ccfc9","ssdeep":"","tlshash":"20110079b71c9d2d8678309db63ac385320720e5b0d4a6d48c8c83b80194e4bc961b7b","size":901,"data":"","first_seen":"2023-12-19T03:45:48Z","last_seen":"2026-04-01T04:43:31.940554Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/credapp.cfm","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d6bfd74bc7bfa8eae3b4b9512d478e90","sha1":"cf497cffc85075563b54edc3ca256ddb40a1da34","sha256":"d024112d3ac3124b1adfab23554647c27cccc9909a1b447c6234579531c9a3a4","sha512":"0833dfefbfbc47bc58316836c6c9ef8123ecb9fabeac85819fda13baf29fc1ffa80e566947e3b891e735ff8844524bb1ee1e1685e730e4dad52a661086e75256","ssdeep":"","tlshash":"f4d02b4adb4c017d66b42055056896d1b72d41b4b4724985bd2aae7c12815694b541e1","size":291,"data":"","first_seen":"2024-12-10T04:23:37.689644Z","last_seen":"2026-04-01T04:43:31.941624Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.8e6b895db75187c55313.js","fqdn":"cdn.segment.com","domain":"segment.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e684181e935c8e5edbb28158b32e8b5b","sha1":"00c3a156bb39037c9924366ed626207ae4da054d","sha256":"7917f7349d28ce1e56706c4ce983b4ec809994c991d4d8c4fddebcf1d8b4600b","sha512":"cbb6facd90685c6bc5d3f11f1d9d97dcb4f52f941291ecd58a99ae650848e03c9fe2c80980b2916ef53bb995e7246467b57fbd37ae176185879744a0c1a7ec5d","ssdeep":"96:jJeT6TTVShwEsmEMNJexHJrmUnMKH8z3FzunS5jbr5JGIhnilIX+XPhl0rjLy:o6TBewEsmXexptnMJVunK5IU3X3y","tlshash":"651240cdf6c7f51a5167bab4907b001a733bbc2a204e0854f12bcdd62879659a13bf78","size":9273,"data":"","first_seen":"2025-04-24T21:35:04.954972Z","last_seen":"2026-04-06T08:25:16.776459Z","times_seen":12761,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/javascripts/webpack/dist/js/webpackBundle_frontend.js?v=2.1.597","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6beda134b58d8286c5855d59990df360","sha1":"a2048811926b2c2cb7f5f55259221e4b2167a692","sha256":"d2944f14a4dc4f070117b9aa39969241db327e1b2b485e7d1c007c8e78145bee","sha512":"01b25b7b08eb819a70a9e4b17075136f57285197bc2e5695b2344b88c9f445939f381e1fc329d17abd0481264f50eb08c201c9228418ab9fb200ef95527b849c","ssdeep":"6144:ii8eGRuufsr5zQ47GKrpvMAd6lHWvu/22om1/jjOv3DaPQAib5IkK7M/:iiURum05b1x9vu+kjOfDaPQAib59/","tlshash":"a2d42a4d7249352289bb7279513f260af23a813b6501815cb82cc5dd6fbcd4862bbfbd","size":610964,"data":"","first_seen":"2026-02-10T09:56:51.202584Z","last_seen":"2026-04-01T04:43:31.916936Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/credapp.cfm","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"1d940ede4c3f4a65707048af1f3b090d","sha1":"2fa4552dbcc6af29962e307d380bb37d64f0bbe9","sha256":"d6d08b1146b0bf09ff2d07363bb41c233f182962877251dc1baf8c8d319d1464","sha512":"97281ffe318cf22bc86b517fa3543c6369d4364a03cda91716f3d34405cc362edabca8f29e35570f92097944d1722e995298f529b38b01d47b57b813959d5373","ssdeep":"","tlshash":"44210c8678a4b834c34f037320fb5388e37d0b1a2ae8f931d992dbaa75e6d4100c749d","size":1278,"data":"","first_seen":"2024-12-10T04:23:37.691301Z","last_seen":"2026-04-01T04:43:31.943674Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/CFJS/ajax/messages/cfmessage.js","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f8268af5712009a9b6f7c5af22d447e5","sha1":"053529113dc48766a5b4203fb94da4dd53982e50","sha256":"b5016e4129865d7768be4927696e39051d3ca0050c3b80d382ac7bcaa9f5dfb1","sha512":"451d3c5a3214cdd608fff336172ff44cf6c96c78dd9f17fd3e674a83d8610f48d6605742ffd644a2de77cbf920209ed47f07ff03495fab3625deb9e4ef2313fa","ssdeep":"768:Z0JfgK3Kc0hDgqUW0iUfgoPC9mFGFaTeMbNSkPfeNWBWBWoNu2uIZJtNvNvVhNrX:Z0JfwfPSQY8YAoQCWUmly+xCWGb0","tlshash":"71e2950f38913bbbb42600b47ab62f3a95f5024385d116214f85d55ca37c85e2abb7ef","size":32218,"data":"","first_seen":"2023-03-29T21:29:07Z","last_seen":"2026-04-01T04:43:31.860431Z","times_seen":96,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/credapp.cfm","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6e611e2061687a0e8b12023ef362496e","sha1":"0b7d0f213557062d2b468232d02894cb2dc6132e","sha256":"77cc44671d825adb466e11508271e74478ebf89b216555a05ce2453462f52999","sha512":"2d05b0309e649e2552cece8be7cb629c6dcc393f8abb7e75ec29a6bb5949ea82bfe56ca51c03de6615a65d0898ae3ffa1fb0a0d000fc7fc77220cee9500bfcdd","ssdeep":"","tlshash":"d5015ee3a33f897802f022cf4b24945a308d60f1d606bd33ffdab45c14f196a6a6d825","size":827,"data":"","first_seen":"2026-02-24T10:01:21.703994Z","last_seen":"2026-02-24T10:01:21.703994Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.1b218d13fed021531d4e.js","fqdn":"cdn.segment.com","domain":"segment.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"409caee2a9c8f0a6aba854d05642d2bc","sha1":"8a82603bb351a4356e612d8b2e8ba0d6c202c466","sha256":"740f4d03a4a3b214202a9cca049ba2cdfafe0573a7882f2c99cd009c436ab70d","sha512":"9682edf819a9237420550ca4867507c5ff1ac705c5a663787e7cb92f7f9b21fc4b4f5e295eb81982f65f97788c620ac2b6907f81a52a373eb6773362c214c83d","ssdeep":"","tlshash":"c0313fc979d1fa4415bb1cb2c4bfa01fb33dfc96106f8052f052cca0282928d9623d25","size":1559,"data":"","first_seen":"2025-04-24T21:35:05.034052Z","last_seen":"2026-04-06T08:25:16.860009Z","times_seen":12753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-G3KM9F037Q","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"7fb4dc5eeafec9eae548e05c3b63c631","sha1":"1690d398fc1a3a19d0d2ddb186a7384cad3ec90f","sha256":"63f7426cde79fcee956f1d078d9cb2452bdbc884ff2e6c28dc74f9cf788566b1","sha512":"34ebba4f835ca2138ac87b528e5e6e47ae4074e9bb9b0b46d4a94b2a8cfd11d54871823c5e27ec17537cb6c6b45bee87359a7786ab9947090681cd6b8f6eb5fd","ssdeep":"6144:KjmO7CW6y273J5wYygLIR8Nyk7pNH08pddlmOrE4k25fQnMcm0g:iuW6y27ADEIR855VrEsfNn","tlshash":"428419cdb3d670269392a478503f018bb57b69a2f44cc899f189dce42d74a9a4237f7c","size":407428,"data":"","first_seen":"2026-02-24T10:01:21.708891Z","last_seen":"2026-02-24T10:01:21.708891Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/CFJS/ajax/package/cfajax.js","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a4fedc1e362844ac7975f6790774fec5","sha1":"7e376db896785ca72d14d96a7842fe1ba71722e7","sha256":"e59d24ca01fa0bc85b3d2ea79fb48726151dc24a006293810a9dd16631597147","sha512":"def49d607132350f4d37cbf29644bb8558e90a522614b02659a99216d298c68448b9b1e133a62f936e1437322da77e3e758b790f88099b260897f4b32f6c99c1","ssdeep":"768:euQYR/SNfYSVVogZXfva/3wqY1US1BWtfHv41fcz+o7fX9fwlxpNO9h58T6IzbPB:PE1YSVfCQ1kDFWM978T6IXYgGB4","tlshash":"8a03f8dcb5940c9e8ab92592044f2b5e3cacc966a84cc594a4ecc5e45f7cac3d43bf39","size":39986,"data":"","first_seen":"2024-10-06T09:51:57.03263Z","last_seen":"2026-04-01T04:43:31.901799Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/eventdata/15420/js/application.js?v=20260129224435126","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"be43c70bed9b1f5e1e92b0cc24e0b717","sha1":"273c327dc8be74e2c86b12cfdb9373d5feb615cf","sha256":"6001192d651b03581824e71e1072004f4a94800aaccd3f4f71983d3657f4d328","sha512":"3728da3661ebf736ad84fc9f14b026a141c55f27e05b8f93bacffb96bef6badb89b1f5006085e677bc88a7aa21b93e07c5a54405043ee91be4e35a9a1add7c87","ssdeep":"1536:E3w1FpNG2my7ealLiuJH1bqHXp1y7ealLilkyiTmH1bqHXQLrSW2BkkibwoyWAVY:uDiW2DTO5Fq/b+J","tlshash":"3ce30b45eb9c00bee07f1166787e23c9b93c8172f8449c56be5cc5a810f4da862dea77","size":149189,"data":"","first_seen":"2026-02-24T10:01:21.657989Z","last_seen":"2026-02-24T10:01:21.657989Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.segment.com/analytics.js/v1/kjLEgzp43DiaenIKN2JsEVA4E8D2j5NC/analytics.min.js","fqdn":"cdn.segment.com","domain":"segment.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"98d92a822121b61d4de31236a5c9bdb4","sha1":"e6850dafdf03a9bbf20668c29b2931fb8b941c2f","sha256":"06224789aff9d36f39d4aa244fea40016af748f6b02861f274a39dbc6375d28f","sha512":"34f86909917025e888a8cfdd5abf7bf60c4841426201f75b92f8c2ce433dd59b2af91ab09e8f60a8d58468bd9fdd040504897b6d934849cdbde6dad3d8ece236","ssdeep":"768:IAObYQP9MBTJbyDRP0aubWc+ZdLyiQL96+hYs17eFCgt/oJBpntD/PN/xd0MpIJ4:TQP9MVMZ+vCBF/g0vmBuNfftrcuk","tlshash":"d8b371c8f6d6f064439764b4803f510bf23eb96e680e8464f266dad26c7899d9133f78","size":108916,"data":"","first_seen":"2025-08-11T16:31:48.56222Z","last_seen":"2026-04-01T04:43:31.893368Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.segment.com/next-integrations/actions/google-analytics-4-web/f1fc11e2c0ec49fbd0c1.js","fqdn":"cdn.segment.com","domain":"segment.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"7805b0f4cf24f24849544e05e3bbdb1b","sha1":"eeb4d013685bf98075d8e5f03ff7aea9db90aefc","sha256":"1823aecf8c68a6461774ec7ea8fca8a7d9ad41717c6d121564c631c7420535d6","sha512":"e16c8edc2e5bd4ecf98af01ae448ee13ea2ca7f3c016b9a41d87c9a046aede1a70c8de25a63a9ec5dbdf6b728886aec1b6fe578840178b4167478c577e143ea1","ssdeep":"6144:7q2T+klROBlxfCL02kt0vv+iqHRD5WC3ePyRZRj2901yv:zUt0vv+iqHRD5WiePybRj29Qyv","tlshash":"9c142ac572e1f87107d750d044bb0006f2326919b0bde4b8f3e999db29a5a8e9177f3a","size":207711,"data":"","first_seen":"2026-02-11T01:40:44.434593Z","last_seen":"2026-03-05T13:59:57.287826Z","times_seen":400,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.3/google-tag-manager.dynamic.js.gz","fqdn":"cdn.segment.com","domain":"segment.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c154a9379b6c62d54456296c73c5daa5","sha1":"6c9962290df402ba884e97906fa64e9d8e7bbc60","sha256":"2da18392773e64bfc9d2ab01b86dfa01a06b0b9d4d6a27a47260ec4b334dd488","sha512":"b0aeafb86d2d12e8d52e8c77bfb120f35e3a711bbf62f58f7403cfa9c72088b2ab7ad4898a1947e92cac1912389f36862c060ededd018fd7d04f70216c867f04","ssdeep":"","tlshash":"0661c6c5b399e47097eb48e8423f1404a2378d26516de0f4b36ad8f4ac725875036fb8","size":3470,"data":"","first_seen":"2026-02-11T17:43:45.566879Z","last_seen":"2026-04-06T06:06:17.37787Z","times_seen":1335,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/credapp.cfm","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e3ee8e5eca4916782ffd0d888b8cffb6","sha1":"bbb6f6e967d0555149c539a32c4b20e545504491","sha256":"187042d668ad811b9fcf8c380bb5c1080cb2d8f9883d870c7bf6c3e6091ca2ce","sha512":"0f7f1f10007321342544e6d44a2817de4700d1703d317d661fec2f9ba1f73dc64ab2ddfe9058499e8359ee8f0e16137d5754b675c9b3db80ab9f7aa3b1fdc9b7","ssdeep":"","tlshash":"d0a00263dffa4201d1599495455e6884cd19447d4bd1cc130f3990ed03e3484ab62deb","size":64,"data":"","first_seen":"2026-02-24T10:01:21.716214Z","last_seen":"2026-02-24T10:01:21.716214Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/credapp.cfm","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f3abae4252e21af5e85a2b1682506ae2","sha1":"0ba29ab772af12e281d117bf18610291a83dc26d","sha256":"d9cd9358c91845a6be97085a49e2d75d2dbb876d718eab6d96b5944bd108e383","sha512":"a3d60dee541495a65dfe0784aa78dcc8374cf9fcaa0355d11288daf57b52387d84e39bfea75e42e2947c07df442e967e289a061427fb84689eab6f4b1af6509c","ssdeep":"","tlshash":"6b31169fb70cb73cfbb02759d015b2ad209c6bb0818e1e6aedc9992c04c85c51c8c6e6","size":1860,"data":"","first_seen":"2026-02-24T10:01:21.720136Z","last_seen":"2026-02-24T10:01:21.720136Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/credapp.cfm","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"85a6a85b4597eeef907f25b2008443c4","sha1":"d848ee80a85ff3eab7343e42c96d752f0eae4bbe","sha256":"999ae896a5587c01579b89d5e3fc4a8d7223f5a8899a7154d9f43672a91ed894","sha512":"8f3c6d1feecc735c7f21491778620d5e76e2fd503ef882a31e683f68c2389db7d57ee81c87be7fe503709b4140203d2a6d6f00d5fae5b99e24fe787c6a478858","ssdeep":"","tlshash":"2e800474d050414c14771155703141305517171034011d1d510d43300401d100141c44","size":35,"data":"","first_seen":"2023-12-19T03:45:48Z","last_seen":"2026-04-01T04:43:31.950601Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-TW4LWBSC\u0026l=dataLayer","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"136d64d3fabaa76930aa1d8d8280eff4","sha1":"fea7d48f43d5e59fa26ff4248b25eed5ba2219f4","sha256":"5acc0e6dd5261da0157e053525b7b5818fba6c19fee77574328654a1a9f6cd3b","sha512":"ce51edf56bd6e06aae8dd815f73c541d8ba8da02261bfb14e9d6c56cd5659ce08228266a51a3752895146aca94e28d160d1aaa326cfc5deb562d18aa57365376","ssdeep":"6144:fmO7CUy2p3J5wYyv8NyI7pNH08pddlmcrESknjC:buUy2pADv8H5HrES","tlshash":"e56407cdb3d6746683a3a478403f118bb17b7992e84cc899f186d8d42d70a9a4277f7c","size":336490,"data":"","first_seen":"2026-02-24T10:01:21.724967Z","last_seen":"2026-02-24T10:01:21.724967Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.segment.com/next-integrations/actions/3962/1faa179dfb20d0a3f5a0.js","fqdn":"cdn.segment.com","domain":"segment.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d62a26ebeea3ff9815b378e0b18741e6","sha1":"554d74451485ba7bde9392b04fc7c2c95d0abd59","sha256":"0254a7bd286fb2d8b6e0775b9fcb01db075527df682d47e49456b7896c918478","sha512":"7a2c65fc1e4ca572620d467029d92aad03755dc94c0c986f70b20bd5bf1829d1390d9017476ae66697afdd333300a85569b8cdbedaa3a78e0f91b51d671cc3a4","ssdeep":"768:iCr2wVQNs+jSrLL8qls9JRji/UvS1Pd27L8JwJ6C1+Ydlxtn3PNQI0KLpKguSBc6:2MlsSidaKLcguSiw","tlshash":"74d2c586b2d5f4b717fa259950b01000e1344655f4ade8f4f368b8b3b9a6c0896a7f3b","size":30237,"data":"","first_seen":"2026-01-27T19:55:56.214903Z","last_seen":"2026-04-06T08:25:16.860596Z","times_seen":2586,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/CONTROL3/control.css","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:55.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /CONTROL3/control.css HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A55%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698; selectedLang=zh; CREDAPP_LOCALE=zh; _ga_G3KM9F037Q=GS2.1.s1771927253$o1$g0$t1771927253$j60$l0$h0; _ga=GA1.1.1285988910.1771927254; ajs_anonymous_id=f5738dd1-05e2-4b41-a1cf-0e222e4f4279\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:55 GMT\r\ncontent-type: text/css\r\ncontent-length: 16622\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Tue, 10 Feb 2026 17:37:12 GMT\r\netag: \"17240-64a7bb49ec200-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":94784,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"a116556022777b88be11838950526863","sha1":"b0756b66a2e3cc0040ea96415c7bd59546ef64fe","sha256":"b6b6aa70ba7dc43f28e84026b472a7194ff772f5ccb4b906ead00b13307ee066","sha512":"aebb3460de5b9b355926fd821d9df174986af925df90526186857c19d286a9d771ab6b56f91ed5e1a2d0f299e0ba95dde333c85ba415a2f4ab10b0756c271d49","ssdeep":"768:3DwmnTPcY4LkUc+GjZirvQCaCA3W36Ji1u1uetE4LfS4bzg6z3CHVdjg5sAm9Ta7:36PMw0MSRsa","tlshash":"1d936576df7920497233c9a5f7b15ea4ff081023dd0946a9baac3668cb90078253dbdc","first_seen":"2026-02-24T10:01:21.607007Z","last_seen":"2026-02-24T10:01:21.607007Z","times_seen":1,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/eventdata/15420/js/prefixfree.jquery.js?ev=55","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /eventdata/15420/js/prefixfree.jquery.js?ev=55 HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 220\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Fri, 22 Nov 2024 17:01:37 GMT\r\netag: \"163-6278356066678-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":355,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"4c50fbd629ac15ab5618f8db87f8f3a7","sha1":"c848cc5d78b4b7908af2d793d4dfca236aa43eef","sha256":"9eb000bc6f64652d7b57e75e0161c558563a46d7e9d84ccafbda83191eeb6020","sha512":"bbd78dc08c0b9cafcf26ce424a7d6f455f060e5a59adb2f76f6d991d3dbefeff9290a410a6b9977e0e01f29d170c903b37556d80f5e987becf785e344d51dd91","ssdeep":"","tlshash":"12e0df24fbaccf4a63e760bce6053197b08b15040e78da24f3a1462460387da44caed7","first_seen":"2026-02-24T10:01:21.608164Z","last_seen":"2026-02-24T10:01:21.608164Z","times_seen":1,"resource_available":true,"data":null}},"time_used":223,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/images/loading.gif","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:55.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /events2/images/loading.gif HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: SS_TEST=true; LastActionTS=1771927252297; SS_NAVB=false; CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A55%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698; selectedLang=zh; CREDAPP_LOCALE=zh; _ga_G3KM9F037Q=GS2.1.s1771927253$o1$g0$t1771927253$j60$l0$h0; _ga=GA1.1.1285988910.1771927254; ajs_anonymous_id=f5738dd1-05e2-4b41-a1cf-0e222e4f4279\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:55 GMT\r\ncontent-type: image/gif\r\ncontent-length: 1279\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Tue, 10 Feb 2026 17:37:06 GMT\r\netag: \"4ff-64a7bb4433480\"\r\naccept-ranges: bytes\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1279,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 18 x 18","md5":"cdb1020364e14ab8a7322be913472975","sha1":"1b26c610a9df5859db7256f741f2350d7312a8d6","sha256":"941b5b225c5cb473f6e9fa758eb22ed4cfb83885506f762e03d384bd5a4e1227","sha512":"ff7b1968c5b952ec40fb9bb329fce760540149bd27bb0a378943b32d2f18004e8e61d62f435055d933108178016943d19e26becb5067b44a13d341cabc176df4","ssdeep":"","tlshash":"3e21a331eb0e9a84f8e44570426f9fc8b68bb43d3419634b8b0e561c25722dcca0886b","first_seen":"2023-05-22T00:49:00Z","last_seen":"2026-04-01T04:43:31.883399Z","times_seen":41,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/lib/fonts/Poppins/Poppins-ExtraBold.woff2","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:55.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /lib/fonts/Poppins/Poppins-ExtraBold.woff2 HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/CONTROL3/control.css\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A55%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698; selectedLang=zh; CREDAPP_LOCALE=zh; _ga_G3KM9F037Q=GS2.1.s1771927253$o1$g0$t1771927253$j60$l0$h0; _ga=GA1.1.1285988910.1771927254; ajs_anonymous_id=f5738dd1-05e2-4b41-a1cf-0e222e4f4279\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:55 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 60200\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Tue, 10 Feb 2026 17:37:10 GMT\r\netag: \"eb28-64a7bb4803d80\"\r\naccept-ranges: bytes\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":60200,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 60200, version 1.0","md5":"c626b9a1d50b2e000a762abb40436ed6","sha1":"c88c5cc3772ebfa61ffac3d361f513a51eb9533c","sha256":"bd5be05307c1f2d743a15fe0583222b42fa8076a56d9519266863c5fabd0fe05","sha512":"94364d2474c8d50d3b4d9e9a4589216aaa382d80c9482bec19eba1559523e560b61653a5511fd8db3a66674038167c83afeb245c8a94c88adcb8e50ac7d1560e","ssdeep":"1536:0ut4TbMbBG32qaJUiiX5t6fjOz4JyB/6TgOka:DUAbBG3IJUXyfjgB6B","tlshash":"0743f2dd466c23dcb36f9b3a7130207a26266ef1607934eb4a6e128c0754ecec747b85","first_seen":"2026-02-24T10:01:21.612304Z","last_seen":"2026-02-24T10:01:21.612304Z","times_seen":1,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/lib/responsive/foundation-5.5.2/css/normalize.css","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /lib/responsive/foundation-5.5.2/css/normalize.css HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: text/css\r\ncontent-length: 2536\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Tue, 10 Feb 2026 17:37:11 GMT\r\netag: \"1dce-64a7bb48f7fc0-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":7630,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"636558d9980d48fffe5715808c79cb47","sha1":"a410ca9d345bbb780f871bd1b23f25162c528c01","sha256":"cf7b8c54eacd8524e5919833f183e3c52025568640043704f19f3953504a6cc0","sha512":"fd8d2812aee3308b5be3e14446c2242ed52b352904d017462a5f6e1265bc31ea728e00762d529b72a2e2df623385078debdd01fa4c7bdd1a5e03dbbba12cb376","ssdeep":"96:lWcvPbk5KgmjDPh+pz7iRenTgnln3o5MeQCsXINE45u4TEd7cR9:hHbfjD5eLun3oeeQCsXIB5uj7Q","tlshash":"bdf1849a23606b1193794d7577e7c34533080223863c78eeb4e641ec4e58b46d3bafd9","first_seen":"2023-12-19T03:45:48Z","last_seen":"2026-04-01T04:43:31.914682Z","times_seen":29,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/eventdata/15420/css/default.css?v=20250305165821126","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /eventdata/15420/css/default.css?v=20250305165821126 HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: text/css\r\ncontent-length: 7612\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Wed, 05 Mar 2025 16:58:21 GMT\r\netag: \"98f7-62f9b4bfd70e8-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":39159,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (933), with CRLF line terminators","md5":"780dd62348ceb179d9f7f84379028c23","sha1":"ba481ba77ab9e1fa79fd068d2f219b44ae2c746b","sha256":"87211e6904dc9b5cd83f33a8dfd8e5b986626904f82d82eb94e6be28fd890bda","sha512":"55a02e653510e7960a9ea2347153f0b6b7d1fb5d123b4313e991c80b79ea5a096a5d7116839132bb8a5ecfaa03eba7da2f3baceb552b34e44c069e6168f881f1","ssdeep":"192:7lGAZilEl7tm5T7upLLUPMHnKQ2fD/5nK+xGDbdfgX6QpnvYGp4qOAVVyqI9xBv6:QrC8LoHiEciL+WDyJgQwO0p61OIPJ","tlshash":"1b037798c6022606a1339a78ebf75255fb1540178b0225befedcb3d4cff91685162f8e","first_seen":"2026-02-24T10:01:21.615462Z","last_seen":"2026-02-24T10:01:21.615462Z","times_seen":1,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/eventdata/10690/images/DHLPartners/DHL_logo_rgb_BG_resized.png","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /eventdata/10690/images/DHLPartners/DHL_logo_rgb_BG_resized.png HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 4123\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Fri, 13 Mar 2020 15:44:00 GMT\r\netag: \"101b-5a0be569bab1f\"\r\naccept-ranges: bytes\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4123,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 340 x 110, 8-bit/color RGBA, non-interlaced","md5":"8d2eb4dc8c09636d45fd75557f2d9744","sha1":"ec5dfd5e8a825491620f83a1ac1369471a97576d","sha256":"34913006af1dc165b272e20fc7ab7557e133d85c3c5d4ad6b79a6f1746eb78b0","sha512":"92e48fb5e7dbbe0d7109c17da593c93ae1d0ca91b293464e4a5e2d244b888c5e918c320a6235825df6976520087bc2fcfacb24f3459f1abbeb87d3cd1f8e4d80","ssdeep":"96:lwewewe261YpkKFjT2COMRvwB8ULUXWOxADm6oIfDG1vweweweI:lwewewe261YpkYd9RvwbLUXWO4dfDEwr","tlshash":"b6814a597e8abc71dc6e115f21d21d030c6329af07da60ed9d0a51eaa40ebf8c22d60c","first_seen":"2025-08-11T16:31:48.604645Z","last_seen":"2026-04-01T04:43:31.86335Z","times_seen":5,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/lib/jQuery/plugins/jquery.ui.timepicker.css?v=2.1.597","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /lib/jQuery/plugins/jquery.ui.timepicker.css?v=2.1.597 HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: text/css\r\ncontent-length: 650\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Tue, 10 Feb 2026 17:37:11 GMT\r\netag: \"6dd-64a7bb48f7fc0-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1757,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"61738951fee81eb1a8741eb8f2628351","sha1":"7e4358ab05300a80f339c7f9774d741dc433010e","sha256":"8e12d7fb3ba0a01926ac111d2432e4af187b9c712e89f9ca57c33d683118c573","sha512":"3326dcb9bbce6c47453eee57a9a1d11bb19551fb2371fe2be301afab081bcc9a3c7790c5c6047030cb282519579c8a497a75519524099ebe0c6e3c4d593c0e81","ssdeep":"","tlshash":"0f314a4033373fa7603e91a5ae263befeb2642222a9bb4765cd51054cb8e41461e8dd6","first_seen":"2023-12-19T03:45:48Z","last_seen":"2026-04-01T04:43:31.895712Z","times_seen":32,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/eventdata/10690/images/partner_fcb.svg","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.900Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /eventdata/10690/images/partner_fcb.svg HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 24578\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Mon, 25 Mar 2019 21:47:07 GMT\r\netag: \"6002-584f225578cc0\"\r\naccept-ranges: bytes\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":24578,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"02705be33f7c493fb531d82f120b6a21","sha1":"2431c0be098e22c1fab0c38284d749122f76cf74","sha256":"5beb8c5aed93dfcfbe3a3c5990e095dcd367e6aa527e8f7bb5b9644d7b64311b","sha512":"5e577e89a381358ec76a4cb549c8f115542a186d927482fb265f9e03b81c0c7d8f9c59fe8007da92a52e38da9371eabfae84b5cd7df1dc69f336e16e3e64debd","ssdeep":"384:sTci/D/+E/sVv3B16HUgE87tN+5Stadmb1YdHDA0798iL5fXRSEVZHf8Bh94ROnA:sTL10tj6HNtP1Jijf/ZImx","tlshash":"cab2d79a43d4c2e4b75e53b4ccf70d9a3a5664f77640b88c53aabc44fa73ed03a18909","first_seen":"2026-02-24T10:01:21.620133Z","last_seen":"2026-02-24T10:01:21.620133Z","times_seen":1,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/favicon.ico","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:56.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A55%27%7D; NEW_REQUEST=true; SSKM=dc63c09b%2Dddfe%2D4459%2D89d7%2De76d2d3c91d6; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698; selectedLang=zh; CREDAPP_LOCALE=zh; _ga_G3KM9F037Q=GS2.1.s1771927253$o1$g0$t1771927253$j60$l0$h0; _ga=GA1.1.1285988910.1771927254; ajs_anonymous_id=f5738dd1-05e2-4b41-a1cf-0e222e4f4279\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:56 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\ncontent-length: 15086\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Tue, 10 Feb 2026 17:37:12 GMT\r\netag: \"3aee-64a7bb49ec200\"\r\naccept-ranges: bytes\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":15086,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"4d1e48b4d7e9134a6200df5eb2e3f7ed","sha1":"4d75dbbb63a63dc065cc927d035ba6bf76bb712f","sha256":"3f28263bff41e026dc96937b4a64dbd4086224fb6f94fb916de1b1261d2e3a5a","sha512":"1ce03f919dba5050aff90fe4d9c20483f47d970dd884a506ba69a08deb472bf94bf989944ed89e644036ecd8a6c43021a25dbfb981e209cee6af5fd88c0bfa0f","ssdeep":"192:jNKR6RGih9YTxRFkC5dcRAU69rYUkFfMOoE3lRVSW:jA68ih92xzkYcRAUq03FEA","tlshash":"91624e3169c2d072f57682b1dbf179f8091e2d17e43536ab20dafe763933260e285e54","first_seen":"2025-08-12T16:45:56.637185Z","last_seen":"2026-02-24T10:01:21.622585Z","times_seen":4,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/index.cfm?auuid=B1B11843-021B-C25B-D63DA6F9662B9EDC","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-24T10:00:49.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /events2/index.cfm?auuid=B1B11843-021B-C25B-D63DA6F9662B9EDC HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 24 Feb 2026 10:00:50 GMT\r\ncontent-type: text/html;charset=UTF-8\r\nlocation: credapp.cfm\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nset-cookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; Domain=.dhlguestmanagement.com; Path=/; Secure; HttpOnly; SameSite=Lax\nCFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; Domain=.dhlguestmanagement.com; Path=/; Secure; HttpOnly; SameSite=Lax\nJSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; Path=/; HttpOnly; SameSite=Lax\nSS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; Path=/; Secure\nNEW_REQUEST=true; Path=/; Secure\nSSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; Path=/; Secure; HttpOnly\nUSERVISITID=15444758; Path=/; Secure; HttpOnly\nCREDAPP_EVENTID=15420; Expires=Wed, 25 Feb 2026 10:00:50 GMT; Path=/; Secure; HttpOnly\nCREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; Path=/; Secure; HttpOnly\nCREDAPP_FRONTENDSESSIONAPPID=15811698; Path=/; Secure; HttpOnly\r\nexpires: Mon, 23 Feb 2026 10:00:50 GMT\r\npragma: no-cache\r\ncache-control: no-cache\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":809562,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T08:11:44.873372Z","times_seen":13414019,"resource_available":true,"data":null}},"time_used":1295,"timings":{"blocked":560,"dns":37,"connect":93,"send":0,"wait":173,"receive":0,"ssl":429},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/lib/responsive/foundation-5.5.2/css/foundation.min.css","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /lib/responsive/foundation-5.5.2/css/foundation.min.css HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: text/css\r\ncontent-length: 19623\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Tue, 10 Feb 2026 17:37:11 GMT\r\netag: \"26b50-64a7bb48f7fc0-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":158544,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"3fe4e06bab257765c1d87871d76c56e4","sha1":"c6c7de34326465934c34ebaf7fc513bc6006508f","sha256":"b81923efb478dd98ad83b1c7c98ed0857be5b34a47339597ba4edf95ea722935","sha512":"768cb43c9230bc6463fd35b26b12cd38be37632d8835f16e2ffeedd914b96ee805c537af7c45f90839d25cbb81c63386eb737d6af87fbcdb3d5e3b106ee69a31","ssdeep":"768:Tt9FbW3ODIlnvom2pqowR0ksD1VCNPIQYEUlaJTgxJ8nU7pDczAtwX:Tt9FamIlnvoFpqowR0RCNIx4JTgxn9y","tlshash":"eff39691759037092123c73169e37e98373b2a40de325b79f29a66f4cbcb8881627dd7","first_seen":"2023-05-21T21:07:35Z","last_seen":"2026-04-02T11:11:20.842891Z","times_seen":122,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/base/jquery-ui.min.css","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"09:4B:1C:B6:64:C5:97:5E:E3:CF:D9:FF:1A:01:C4:D8:D7:10:82:7A","sha256":"2F:A7:09:04:89:72:33:DE:1D:F8:A7:A6:EC:9F:0C:74:15:D5:B0:87:85:BE:25:63:1A:0E:73:0C:72:E3:CD:C8"}}},"request":{"raw":"GET /ajax/libs/jqueryui/1.12.1/themes/base/jquery-ui.min.css HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7546\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 18 Feb 2026 23:22:47 GMT\r\nexpires: Thu, 18 Feb 2027 23:22:47 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 470284\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30724,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (29135)","md5":"8dcebf12fbabea677390cfa6d9ad09fb","sha1":"3765ba197944d25b3aefe663300f0c74a6eee792","sha256":"b0419faf03242236e04c1c062d52b7f011bf5f0222342fc4006f51cec7dd6ba0","sha512":"a24138a305c3d247d7ce05570730832224929695e7ded25b36876782c4e72183c95a3b9886d27ea8ca1cd3e594c0b1de3b09ecd309b9eca6bdd3716a40a335b0","ssdeep":"384:xMlcR8lOXHc11evBMzymUh+4C6G/zDcSc7nfZBhVtQ:xHXHcEBMznURC6G/zD8BhY","tlshash":"e6d24230a4c2253dfe33d23061e11ef4523bc142eda25fbda09ab65953ea8e4c57b971","first_seen":"2023-04-06T19:13:07Z","last_seen":"2026-04-06T03:26:21.028185Z","times_seen":800,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":106,"dns":1,"connect":21,"send":0,"wait":23,"receive":1,"ssl":100},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/CFJS/ajax/messages/cfmessage.js","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.838Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /CFJS/ajax/messages/cfmessage.js HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 5988\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Mon, 23 Feb 2026 07:27:57 GMT\r\netag: \"7dda-64b78b5bdaea9-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":32218,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with CRLF line terminators","md5":"f8268af5712009a9b6f7c5af22d447e5","sha1":"053529113dc48766a5b4203fb94da4dd53982e50","sha256":"b5016e4129865d7768be4927696e39051d3ca0050c3b80d382ac7bcaa9f5dfb1","sha512":"451d3c5a3214cdd608fff336172ff44cf6c96c78dd9f17fd3e674a83d8610f48d6605742ffd644a2de77cbf920209ed47f07ff03495fab3625deb9e4ef2313fa","ssdeep":"768:Z0JfgK3Kc0hDgqUW0iUfgoPC9mFGFaTeMbNSkPfeNWBWBWoNu2uIZJtNvNvVhNrX:Z0JfwfPSQY8YAoQCWUmly+xCWGb0","tlshash":"71e2950f38913bbbb42600b47ab62f3a95f5024385d116214f85d55ca37c85e2abb7ef","first_seen":"2023-03-29T21:29:07Z","last_seen":"2026-04-01T04:43:31.860431Z","times_seen":96,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/CFJS/ajax/package/cfajax.js","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /CFJS/ajax/package/cfajax.js HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 11720\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Mon, 23 Feb 2026 07:28:20 GMT\r\netag: \"9c32-64b78b71e58cb-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":39986,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (317)","md5":"a4fedc1e362844ac7975f6790774fec5","sha1":"7e376db896785ca72d14d96a7842fe1ba71722e7","sha256":"e59d24ca01fa0bc85b3d2ea79fb48726151dc24a006293810a9dd16631597147","sha512":"def49d607132350f4d37cbf29644bb8558e90a522614b02659a99216d298c68448b9b1e133a62f936e1437322da77e3e758b790f88099b260897f4b32f6c99c1","ssdeep":"768:euQYR/SNfYSVVogZXfva/3wqY1US1BWtfHv41fcz+o7fX9fwlxpNO9h58T6IzbPB:PE1YSVfCQ1kDFWM978T6IXYgGB4","tlshash":"8a03f8dcb5940c9e8ab92592044f2b5e3cacc966a84cc594a4ecc5e45f7cac3d43bf39","first_seen":"2024-10-06T09:51:57.03263Z","last_seen":"2026-04-01T04:43:31.901799Z","times_seen":29,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/eventdata/10690/images/partner_wec.svg","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /eventdata/10690/images/partner_wec.svg HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 19143\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Mon, 25 Mar 2019 21:51:57 GMT\r\netag: \"4ac7-584f236a09940\"\r\naccept-ranges: bytes\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19143,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b63456586026da3bea4c468f97201be4","sha1":"8ad1c985166e0fd3ef1932c8ee9321edb19c80ed","sha256":"15d46e7c1b2b470cc7d17e198c693037bdcb1aa5fa84d2d3c278c7222f95435f","sha512":"9f372bad5fdc56bb48fb3508f42d0cbde0850fbdeed2986e1da07b105eab3a2f9cd4ee2e4287c2d62c323727dd50389a4e882d94d97cc4462a4e01473092a729","ssdeep":"384:WNPfFPb6LT5RCIXCtyQTPUXrrF8A1zzzG5vef5a95Su4Zy:qPfFPb8FrCA1zzzG5Tb","tlshash":"c4826d1b0309abdead6d0569ed18088971d8dcdfe074f1d0bb6b1802d48d8e5e99c7ee","first_seen":"2026-02-24T10:01:21.632779Z","last_seen":"2026-02-24T10:01:21.632779Z","times_seen":1,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/CFJS/ajax/messages/cfmessage.js","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:55.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /CFJS/ajax/messages/cfmessage.js HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A55%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698; selectedLang=zh; CREDAPP_LOCALE=zh; _ga_G3KM9F037Q=GS2.1.s1771927253$o1$g0$t1771927253$j60$l0$h0; _ga=GA1.1.1285988910.1771927254; ajs_anonymous_id=f5738dd1-05e2-4b41-a1cf-0e222e4f4279\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:55 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 5988\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Mon, 23 Feb 2026 07:27:57 GMT\r\netag: \"7dda-64b78b5bdaea9-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32218,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with CRLF line terminators","md5":"f8268af5712009a9b6f7c5af22d447e5","sha1":"053529113dc48766a5b4203fb94da4dd53982e50","sha256":"b5016e4129865d7768be4927696e39051d3ca0050c3b80d382ac7bcaa9f5dfb1","sha512":"451d3c5a3214cdd608fff336172ff44cf6c96c78dd9f17fd3e674a83d8610f48d6605742ffd644a2de77cbf920209ed47f07ff03495fab3625deb9e4ef2313fa","ssdeep":"768:Z0JfgK3Kc0hDgqUW0iUfgoPC9mFGFaTeMbNSkPfeNWBWBWoNu2uIZJtNvNvVhNrX:Z0JfwfPSQY8YAoQCWUmly+xCWGb0","tlshash":"71e2950f38913bbbb42600b47ab62f3a95f5024385d116214f85d55ca37c85e2abb7ef","first_seen":"2023-03-29T21:29:07Z","last_seen":"2026-04-01T04:43:31.860431Z","times_seen":96,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/credapp.cfm","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-24T10:00:50.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /events2/credapp.cfm HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: text/html;charset=UTF-8\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nset-cookie: SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; Path=/; Secure\nNEW_REQUEST=true; Path=/; Secure\nSSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; Path=/; Secure; HttpOnly\r\nexpires: Mon, 23 Feb 2026 10:00:50 GMT\r\npragma: no-cache\r\ncache-control: no-cache, no-store, must-revalidate\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"ZURB Foundation","description":"Zurb Foundation is used to prototype in the browser. Allows rapid creation of websites or applications while leveraging mobile and responsive technology. The front end framework is the collection of HTML, CSS, and Javascript containing design patterns.","website":"https://foundation.zurb.com","common_platform_enumeration":"","icon":"ZURB Foundation.png","categories":["UI frameworks"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"OneTrust","description":"OneTrust is a cloud-based data privacy management compliance platform.","website":"https://www.onetrust.com","common_platform_enumeration":"","icon":"OneTrust.svg","categories":["Cookie compliance"]}],"data":{"size":809562,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2484)","md5":"dfb519a59f6d5993c5451ea0159a445d","sha1":"a354b8203a8df1e6ec7709e252a7b14dd143e4e8","sha256":"9cd1d60ccc2b4cb25bb97b3fc245177933d5b2239ca19590b50a592ef7d4315d","sha512":"e498c3a57cdabdd2a2839c6387e8158de75aa52811c1e444b5a4c1fd426c28e666e435c338eff0f9fd433afa1c55da77e1ae6a4bad21c45fa762834fe1c3157a","ssdeep":"3072:NkDexcGehRZDAIbO9pOx4SUrCZowUWc/25lLTcyhRZDAIbO9pOx4SUrCZowUWc/i:NfcDAcnUoowUWc/8dDAcnUoowUWc/JEz","tlshash":"f305c705f70903e1007a3847a0d9bad56952d96e3321e9b3797fc7b923ca99b1d312bc","first_seen":"2026-02-24T10:01:21.638542Z","last_seen":"2026-02-24T10:01:21.638542Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1207,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/eventdata/10690/images/partner_f1.svg","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.899Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /eventdata/10690/images/partner_f1.svg HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 3815\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Fri, 15 Dec 2017 14:38:45 GMT\r\netag: \"ee7-56061f52cc740\"\r\naccept-ranges: bytes\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3815,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cceb546b4f4d8afae08fe9ab5ee93cc2","sha1":"cf912faba7c3ec60dad564ef562c77f75544bce9","sha256":"40e8097109994eec7ffb4de5ae090d839c309ac0e4aa9f3f444d2b6f2637c5a5","sha512":"f1c899b587bcd9ec08e37ba7f480724abb48a6a4b7b7d061bbad90ead20e8103d91ae2044849b960bbc7eaa5ecfbdff969047d0be0631d1e9c824f7d3ad95cf2","ssdeep":"","tlshash":"fd71011ed3524da9d24c0a6418e90a05a60cdcd3f3e13ce4fe9e5420df68bc57a59f9a","first_seen":"2023-09-28T22:38:40Z","last_seen":"2026-03-27T13:18:31.964809Z","times_seen":4,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":233,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/eventdata/10690/images/partner_wtcr.svg","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /eventdata/10690/images/partner_wtcr.svg HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 32023\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Fri, 20 Sep 2019 11:18:10 GMT\r\netag: \"7d17-592fa39a2c080\"\r\naccept-ranges: bytes\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32023,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"75e84c942e61cde406327d8e18e1b4bf","sha1":"c0d0f1fb7e54bfc42487a2f55d287a18942442fc","sha256":"60b7f51d1c57310d1ab72efe7b735f48c36a85dbb408fd71764dfceffd651c38","sha512":"e362b144befe4c632034e79459dfdeeb54a60e4a6cbc388815de25968d5668b84779e11ec03ed7c1c2e516b439a9fa86afd7282eeec951dcf50f902c8e956bcb","ssdeep":"768:Umj/xqxAYS3TVbzLHpi7IhQuJW6UVotNVfA9Kmo/NSQVj:U3uYS3TVPLVjLGot/fAzs","tlshash":"bae24ac03364c3f5758a657d942200267d1a34eebb7292ecd8d324e6b956ae04efd8d3","first_seen":"2024-08-20T11:26:09.514253Z","last_seen":"2026-02-24T10:01:21.650648Z","times_seen":2,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/lib/jQuery/plugins/jquery.ui.timepicker.css?v=2.1.597","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:55.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /lib/jQuery/plugins/jquery.ui.timepicker.css?v=2.1.597 HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A55%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698; selectedLang=zh; CREDAPP_LOCALE=zh; _ga_G3KM9F037Q=GS2.1.s1771927253$o1$g0$t1771927253$j60$l0$h0; _ga=GA1.1.1285988910.1771927254; ajs_anonymous_id=f5738dd1-05e2-4b41-a1cf-0e222e4f4279\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:55 GMT\r\ncontent-type: text/css\r\ncontent-length: 650\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Tue, 10 Feb 2026 17:37:11 GMT\r\netag: \"6dd-64a7bb48f7fc0-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1757,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"61738951fee81eb1a8741eb8f2628351","sha1":"7e4358ab05300a80f339c7f9774d741dc433010e","sha256":"8e12d7fb3ba0a01926ac111d2432e4af187b9c712e89f9ca57c33d683118c573","sha512":"3326dcb9bbce6c47453eee57a9a1d11bb19551fb2371fe2be301afab081bcc9a3c7790c5c6047030cb282519579c8a497a75519524099ebe0c6e3c4d593c0e81","ssdeep":"","tlshash":"0f314a4033373fa7603e91a5ae263befeb2642222a9bb4765cd51054cb8e41461e8dd6","first_seen":"2023-12-19T03:45:48Z","last_seen":"2026-04-01T04:43:31.895712Z","times_seen":32,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/webservices/tman/integrationProxy.cfc?method=featureDetail\u0026eventID=15420","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:55.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /webservices/tman/integrationProxy.cfc?method=featureDetail\u0026eventID=15420 HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nExpires: 0\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A55%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698; selectedLang=zh; CREDAPP_LOCALE=zh; _ga_G3KM9F037Q=GS2.1.s1771927253$o1$g0$t1771927253$j60$l0$h0; _ga=GA1.1.1285988910.1771927254; ajs_anonymous_id=f5738dd1-05e2-4b41-a1cf-0e222e4f4279\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:55 GMT\r\ncontent-type: text/html;charset=UTF-8\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nset-cookie: SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A55%27%7D; Path=/; Secure\nNEW_REQUEST=true; Path=/; Secure\nSSKM=dc63c09b%2Dddfe%2D4459%2D89d7%2De76d2d3c91d6; Path=/; Secure; HttpOnly\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":49,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"569bf2d112036de01397ce8e111ccc07","sha1":"a94817478063707b94ee705677ad1776e0562eb8","sha256":"b87d6275edd5cf7c1a6ab99e79920bbf91e5dfcd489a4f514ada6c78c91ef0e1","sha512":"a3b88089f8578119f424dfdf3ba6ec0cee0bca1a654bfd63de20337ab2f93512bad456641bdb93d7b270e53120bdd90a4d436b4f60f096efbd878029a1f3f8e7","ssdeep":"","tlshash":"939002441698860c2656a9008134414482054456619466c08100a508b5ef4599361137","first_seen":"2025-08-11T16:31:48.574738Z","last_seen":"2026-04-01T04:43:31.913639Z","times_seen":16,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/eventdata/15420/js/application.js?v=20260129224435126","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /eventdata/15420/js/application.js?v=20260129224435126 HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 34290\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Thu, 29 Jan 2026 22:44:35 GMT\r\netag: \"246c5-6498e99d7df08-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":149189,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (322)","md5":"be43c70bed9b1f5e1e92b0cc24e0b717","sha1":"273c327dc8be74e2c86b12cfdb9373d5feb615cf","sha256":"6001192d651b03581824e71e1072004f4a94800aaccd3f4f71983d3657f4d328","sha512":"3728da3661ebf736ad84fc9f14b026a141c55f27e05b8f93bacffb96bef6badb89b1f5006085e677bc88a7aa21b93e07c5a54405043ee91be4e35a9a1add7c87","ssdeep":"1536:E3w1FpNG2my7ealLiuJH1bqHXp1y7ealLilkyiTmH1bqHXQLrSW2BkkibwoyWAVY:uDiW2DTO5Fq/b+J","tlshash":"3ce30b45eb9c00bee07f1166787e23c9b93c8172f8449c56be5cc5a810f4da862dea77","first_seen":"2026-02-24T10:01:21.657989Z","last_seen":"2026-02-24T10:01:21.657989Z","times_seen":1,"resource_available":true,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/eventdata/10690/images/partner_formulae.svg","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /eventdata/10690/images/partner_formulae.svg HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 13244\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Mon, 25 Mar 2019 21:47:36 GMT\r\netag: \"33bc-584f227120e00\"\r\naccept-ranges: bytes\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13244,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7cc151de5b0beb361f9239e76ca3688a","sha1":"08f6ccb7eec785234660d6f3656ce631380bcc20","sha256":"2f49d053f3ec306da6cd7b8cfe3f929e5eee0aef5f4939c670c9d143f1a4ad4a","sha512":"80d64c79081934d38c0fd1ee084f075e4d131cad799b01edcfe80965331f3a8969c73b51b3c6c7691d10f8e465a853994b6c42fd32ffe56608d903156148c76b","ssdeep":"192:/kNtuuGvVyslDNprzVR5UvNkoNOLJwoiBAugNi1B1j6n8ZUzoCj1DKyv7gjmpX:sNturhXR5UNRgvvip6FzJ7P","tlshash":"73525355ebf805d4a14d0772f8b62b4e760d6ca31ab02c457b7c8c109f14bcb2a5ebca","first_seen":"2026-02-24T10:01:21.660401Z","last_seen":"2026-02-24T10:01:21.660401Z","times_seen":1,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/CFJS/ajax/package/cfajax.js","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:55.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /CFJS/ajax/package/cfajax.js HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A55%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698; selectedLang=zh; CREDAPP_LOCALE=zh; _ga_G3KM9F037Q=GS2.1.s1771927253$o1$g0$t1771927253$j60$l0$h0; _ga=GA1.1.1285988910.1771927254; ajs_anonymous_id=f5738dd1-05e2-4b41-a1cf-0e222e4f4279\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:55 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 11720\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Mon, 23 Feb 2026 07:28:20 GMT\r\netag: \"9c32-64b78b71e58cb-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":39986,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (317)","md5":"a4fedc1e362844ac7975f6790774fec5","sha1":"7e376db896785ca72d14d96a7842fe1ba71722e7","sha256":"e59d24ca01fa0bc85b3d2ea79fb48726151dc24a006293810a9dd16631597147","sha512":"def49d607132350f4d37cbf29644bb8558e90a522614b02659a99216d298c68448b9b1e133a62f936e1437322da77e3e758b790f88099b260897f4b32f6c99c1","ssdeep":"768:euQYR/SNfYSVVogZXfva/3wqY1US1BWtfHv41fcz+o7fX9fwlxpNO9h58T6IzbPB:PE1YSVfCQ1kDFWM978T6IXYgGB4","tlshash":"8a03f8dcb5940c9e8ab92592044f2b5e3cacc966a84cc594a4ecc5e45f7cac3d43bf39","first_seen":"2024-10-06T09:51:57.03263Z","last_seen":"2026-04-01T04:43:31.901799Z","times_seen":29,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/lib/fonts/Poppins/Poppins-Regular.woff2","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:55.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /lib/fonts/Poppins/Poppins-Regular.woff2 HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/CONTROL3/control.css\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A55%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698; selectedLang=zh; CREDAPP_LOCALE=zh; _ga_G3KM9F037Q=GS2.1.s1771927253$o1$g0$t1771927253$j60$l0$h0; _ga=GA1.1.1285988910.1771927254; ajs_anonymous_id=f5738dd1-05e2-4b41-a1cf-0e222e4f4279\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:55 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 61308\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Tue, 10 Feb 2026 17:37:10 GMT\r\netag: \"ef7c-64a7bb4803d80\"\r\naccept-ranges: bytes\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":61308,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 61308, version 1.0","md5":"1226586d5488c716d112f7fd46a03f50","sha1":"6756fc0c97616c6d2729e45df866b0176de42949","sha256":"fb8fc670cfa035af712691026f0e90e2b115fda628cc255b1913fc8d53dbc94e","sha512":"2a1571f5ad80c22ba529c9e3c7205b128e6ec9a48a2f216637210de96a8f8b5d38a89c5fa15a9678a9fe10138c71ef40524f439ba5a08e9d74b63b14fb2b4cf0","ssdeep":"1536:Zz/peIqi1LhhmCvuPcKRUbkpAJDuG1xxdpwl+mvHFo6eh:Z7AbifePT6vuKxde7u6eh","tlshash":"365302e35bb241dcdd3379508de77404b88c92d8e73836fcb21fa64239a86164e3953a","first_seen":"2026-02-24T10:01:21.66206Z","last_seen":"2026-02-24T10:01:21.66206Z","times_seen":1,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/eventdata/15420/publicFiles/ChinaSiteHeaders/page%20header.jpg","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /eventdata/15420/publicFiles/ChinaSiteHeaders/page%20header.jpg HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 242020\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Mon, 17 Feb 2025 14:55:36 GMT\r\netag: \"3b164-62e57b7814a00\"\r\naccept-ranges: bytes\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":242020,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, description=2024Äê3ÔÂ3ÈÕ£¬2024ÄêCBAÈ«Ã÷ÐÇÖÜÄ©£ºÄÏÇøÃ÷ÐǶÓ138£º122ʤ±±ÇøÃ÷ÐǶӣ¬ºúÃ÷Ðù, copyright=Osports], baseline, precision 8, 1280x726, components 3","md5":"658b0bae7b6c86c4bc6422f4c3c62e70","sha1":"435fd214c5f03b0d56e3a6fcae32238b3c56f0ab","sha256":"e386deafdf0e05b40dd653a31caaaec5800206ba81ee75ec729e88ea2a70c013","sha512":"608fb2d0f38d3e6808c058fe45c7f10dd028710098c5b1aa88a0555885f5274bc7dc0b24d3a488365caa30b0087b2b269c8eeb4db9f80dc0a96b9c475445eba1","ssdeep":"6144:KPZn4XF6Y9/qsp4rsm114e6RxbRgK0Xq5Z5:gN4/P8sUxExs65Z5","tlshash":"96342202fa558b25f4ed6ebba0e8dd09807324ac29d937a3b25f4c31af9c09345ac54d","first_seen":"2026-02-24T10:01:21.666279Z","last_seen":"2026-02-24T10:01:21.666279Z","times_seen":1,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":188,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.sportssystems.com/clients/dhlguestmanagement/index.cfm?auuid=B1B11843-021B-C25B-D63DA6F9662B9EDC","fqdn":"secure.sportssystems.com","domain":"sportssystems.com","tld":"com"},"ip":{"addr":"3.210.241.219","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-24T10:00:49.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sportssystems.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 22 Sep 2025 00:00:00 GMT","end":"Wed, 21 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"97:72:91:D4:2D:A7:2C:A4:0F:22:CD:57:CE:37:99:D2:8B:94:AB:E4","sha256":"89:E9:70:04:A8:ED:E3:C5:AB:ED:F2:FC:E5:BE:E5:7F:53:3D:1D:6D:3E:BF:39:E9:E3:DF:AF:38:46:A8:92:A9"}}},"request":{"raw":"GET /clients/dhlguestmanagement/index.cfm?auuid=B1B11843-021B-C25B-D63DA6F9662B9EDC HTTP/1.1\r\nHost: secure.sportssystems.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 24 Feb 2026 10:00:49 GMT\r\ncontent-type: text/html;charset=UTF-8\r\nlocation: https://secure.dhlguestmanagement.com/events2/index.cfm?auuid=B1B11843-021B-C25B-D63DA6F9662B9EDC\r\nset-cookie: AWSALB=XwT6SgYfGOUptnTTQ9yjjLDDQZEBkHXlTNlgy64BOnKLWJl8K5Ka/Pre7X3M/600D3H3FkhXO9383WPs2K/nikCAeKPzXco4bOS4dhxm0I9FzxLP5H5zm5puTqd+; Expires=Tue, 03 Mar 2026 10:00:49 GMT; Path=/\nAWSALBCORS=XwT6SgYfGOUptnTTQ9yjjLDDQZEBkHXlTNlgy64BOnKLWJl8K5Ka/Pre7X3M/600D3H3FkhXO9383WPs2K/nikCAeKPzXco4bOS4dhxm0I9FzxLP5H5zm5puTqd+; Expires=Tue, 03 Mar 2026 10:00:49 GMT; Path=/; SameSite=None; Secure\nCFID=Z33n21p0dxni4zeoxfv56rk7p7ssmiay3z1awsaq5zf3fq9ffxx-3677; Domain=.sportssystems.com; Path=/; Secure; HttpOnly; SameSite=Lax\nCFTOKEN=Z33n21p0dxni4zeoxfv56rk7p7ssmiay3z1awsaq5zf3fq9ffxx-cc43e0f05d63883b-96F15967-E047-7909-76DEC467B2D057A1; Domain=.sportssystems.com; Path=/; Secure; HttpOnly; SameSite=Lax\nJSESSIONID=D5DF2502C07ABB4ABEE2D15D5DE21F36.cfusion; Path=/; Secure; HttpOnly; SameSite=Lax\nSS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A49%27%7D; Path=/; Secure\nNEW_REQUEST=true; Path=/; Secure\nSSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; Path=/; Secure; HttpOnly\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nexpires: Mon, 23 Feb 2026 10:00:49 GMT\r\npragma: no-cache\r\ncache-control: no-cache\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon ALB","description":"Amazon Application Load Balancer (ALB) distributes incoming application traffic to increase availability and support content-based routing.","website":"https://aws.amazon.com/elasticloadbalancing/","common_platform_enumeration":"","icon":"Amazon ELB.svg","categories":["Load balancers"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":809562,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T08:11:44.873372Z","times_seen":13414019,"resource_available":true,"data":null}},"time_used":971,"timings":{"blocked":433,"dns":144,"connect":94,"send":0,"wait":104,"receive":0,"ssl":194},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.cookielaw.org/scripttemplates/otSDKStub.js","fqdn":"cdn.cookielaw.org","domain":"cookielaw.org","tld":"org"},"ip":{"addr":"104.18.87.42","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cookielaw.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 21:42:10 GMT","end":"Sun, 26 Apr 2026 22:42:08 GMT"},"fingerprint":{"sha1":"82:0B:BC:A4:CE:93:24:87:52:6C:08:AD:37:93:1C:13:3F:2C:83:E4","sha256":"92:AA:15:B4:3C:46:BE:A7:9B:5E:E9:08:8C:5D:DE:0D:75:F9:1E:C8:38:A2:B2:1F:20:64:DB:CA:0F:29:53:80"}}},"request":{"raw":"GET /scripttemplates/otSDKStub.js HTTP/1.1\r\nHost: cdn.cookielaw.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://secure.dhlguestmanagement.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 8694\r\ncf-ray: 9d2e1e4c7d0f5a0f-OSL\r\ncontent-encoding: gzip\r\ncontent-md5: IYAjTIBhSgFoAkgUKtciog==\r\nlast-modified: Mon, 23 Feb 2026 03:23:23 GMT\r\netag: 0x8DE728AE6EAA731\r\nx-ms-request-id: eb43da7e-701e-0003-80a9-a4908d000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nvary: accept-encoding\r\ncache-control: max-age=86400\r\ncf-cache-status: REVALIDATED\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncross-origin-resource-policy: cross-origin\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26546,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (26545)","md5":"573b916dffd563ab46c74d368270a3aa","sha1":"40003565dcf647758cad0b4891f197597f6be9a4","sha256":"15a5a919d4b2c63b74bac3c0752f7faa08675d5ecaab478032a0232013a2ba6a","sha512":"c49eda7b535bc0aac36eb1c6f508095fd704061e5a1014b276b0832d9b7a8b3d83b91cbdf3e24bdef82472871dbd7ec6f830193c0f52111cb201a217acb2d448","ssdeep":"384:F58KNPpfxrLWMABwX/XmSH6rCZ2rt8ekDKlCmXCcpLKZ5Q8eFKJx6yzGq:bdxfxvlABwXvmQZ2rtGOCs9CWq","tlshash":"79c2d88db540ee3446d361ed9a3be25ab23a746d3489d068b894dce0247cc4f6533bb6","first_seen":"2026-02-23T05:11:33.48285Z","last_seen":"2026-04-06T08:00:59.289301Z","times_seen":13315,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":79,"receive":1,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/control3/control.css","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:55.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /control3/control.css HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A55%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698; selectedLang=zh; CREDAPP_LOCALE=zh; _ga_G3KM9F037Q=GS2.1.s1771927253$o1$g0$t1771927253$j60$l0$h0; _ga=GA1.1.1285988910.1771927254; ajs_anonymous_id=f5738dd1-05e2-4b41-a1cf-0e222e4f4279\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Tue, 24 Feb 2026 10:00:55 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\ncontent-length: 306\r\nlocation: https://secure.dhlguestmanagement.com/CONTROL3/control.css\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":94784,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T08:11:44.873372Z","times_seen":13414019,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/eventdata/15420/publicFiles/ChinaEventInfoImages/CBA_Event_Info_1.jpg","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /eventdata/15420/publicFiles/ChinaEventInfoImages/CBA_Event_Info_1.jpg HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 54885\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Thu, 10 Oct 2024 12:05:41 GMT\r\netag: \"d665-6241e30772f40\"\r\naccept-ranges: bytes\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":54885,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 400x266, components 3","md5":"706135bb776a828633f1d0e59f71ba87","sha1":"7b954268f060f013a17201d9d68593d2d4de882e","sha256":"c9b6890889526d06fcb9f75293b71bc151edd05bd2a4c080859e339468963456","sha512":"0eb7a18d748005039a8d62eb63ffe6a1bb8cc30aa5016fc93f2e90548238323f9a212e90119f626ba78911584e8d1e6323ae3ba10046eb4b49c7da24bf2d3bc1","ssdeep":"768:riCOiF6PzFsud/8hvG3mLxolrqm47LcMFdbvoA/1s+aCDwy6Wr0Vb+dUK5b6bwdY:rwigPzDEFGIxt7IcW+aCDL640J+y8m","tlshash":"9633028b9502f0da4df55029995efb2077cfc10b364318228a51abe8b5ff9759250b8b","first_seen":"2026-02-24T10:01:21.669416Z","last_seen":"2026-02-24T10:01:21.669416Z","times_seen":1,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/javascripts/webpack/dist/js/webpackBundle_frontend.js?v=2.1.597","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:55.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /events2/javascripts/webpack/dist/js/webpackBundle_frontend.js?v=2.1.597 HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: SS_TEST=true; LastActionTS=1771927252297; SS_NAVB=false; CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A55%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698; selectedLang=zh; CREDAPP_LOCALE=zh; _ga_G3KM9F037Q=GS2.1.s1771927253$o1$g0$t1771927253$j60$l0$h0; _ga=GA1.1.1285988910.1771927254; ajs_anonymous_id=f5738dd1-05e2-4b41-a1cf-0e222e4f4279\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:55 GMT\r\ncontent-type: text/javascript\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Tue, 10 Feb 2026 17:37:20 GMT\r\netag: \"95294-64a7bb518d400-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":610964,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (62846), with CRLF line terminators","md5":"6beda134b58d8286c5855d59990df360","sha1":"a2048811926b2c2cb7f5f55259221e4b2167a692","sha256":"d2944f14a4dc4f070117b9aa39969241db327e1b2b485e7d1c007c8e78145bee","sha512":"01b25b7b08eb819a70a9e4b17075136f57285197bc2e5695b2344b88c9f445939f381e1fc329d17abd0481264f50eb08c201c9228418ab9fb200ef95527b849c","ssdeep":"6144:ii8eGRuufsr5zQ47GKrpvMAd6lHWvu/22om1/jjOv3DaPQAib5IkK7M/:iiURum05b1x9vu+kjOfDaPQAib59/","tlshash":"a2d42a4d7249352289bb7279513f260af23a813b6501815cb82cc5dd6fbcd4862bbfbd","first_seen":"2026-02-10T09:56:51.202584Z","last_seen":"2026-04-01T04:43:31.916936Z","times_seen":11,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/lib/responsive/foundation-5.5.2/js/foundation.min.js","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /lib/responsive/foundation-5.5.2/js/foundation.min.js HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 42773\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Tue, 10 Feb 2026 17:37:11 GMT\r\netag: \"330f6-64a7bb48f7fc0-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":209142,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"3860a074b5b6dc9f1cc5e9336a5e43db","sha1":"3203390624dfe5321778056af888aba21bd9d8a0","sha256":"749d4f0674af91c19d3e8c2d3ee6a4fd250dc69fd8c1e85da50beb6e6bfd7e44","sha512":"722634a16d269461723ebc12d0fcc01cf1a65b5e70e0ef0a929e4da966a1ccfe000c4b98141fe64149aca129dd95819f6b063e855376d0170cc27eb3ecf463c1","ssdeep":"1536:WoVE1fFtzrgmGg1jf1OwKlVhe/VLrTsF6SYfEZ648nwwWIx2Uu4YBY8tM11ssWdZ:GMmGg1jfwo5TsF6SYMZLkajxBuGC4","tlshash":"c5142c0a76f7206a84a7707a8faf52057232440b590aee297d7c83849fd057856f2ffd","first_seen":"2023-12-19T03:45:48Z","last_seen":"2026-04-01T04:43:31.888398Z","times_seen":32,"resource_available":true,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":223,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/base/jquery-ui.min.css","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:55.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"09:4B:1C:B6:64:C5:97:5E:E3:CF:D9:FF:1A:01:C4:D8:D7:10:82:7A","sha256":"2F:A7:09:04:89:72:33:DE:1D:F8:A7:A6:EC:9F:0C:74:15:D5:B0:87:85:BE:25:63:1A:0E:73:0C:72:E3:CD:C8"}}},"request":{"raw":"GET /ajax/libs/jqueryui/1.12.1/themes/base/jquery-ui.min.css HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7546\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 18 Feb 2026 23:22:47 GMT\r\nexpires: Thu, 18 Feb 2027 23:22:47 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 470288\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30724,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (29135)","md5":"8dcebf12fbabea677390cfa6d9ad09fb","sha1":"3765ba197944d25b3aefe663300f0c74a6eee792","sha256":"b0419faf03242236e04c1c062d52b7f011bf5f0222342fc4006f51cec7dd6ba0","sha512":"a24138a305c3d247d7ce05570730832224929695e7ded25b36876782c4e72183c95a3b9886d27ea8ca1cd3e594c0b1de3b09ecd309b9eca6bdd3716a40a335b0","ssdeep":"384:xMlcR8lOXHc11evBMzymUh+4C6G/zDcSc7nfZBhVtQ:xHXHcEBMznURC6G/zD8BhY","tlshash":"e6d24230a4c2253dfe33d23061e11ef4523bc142eda25fbda09ab65953ea8e4c57b971","first_seen":"2023-04-06T19:13:07Z","last_seen":"2026-04-06T03:26:21.028185Z","times_seen":800,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/javascripts/webpack/dist/js/webpackBundle_frontend.js?v=2.1.597","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /events2/javascripts/webpack/dist/js/webpackBundle_frontend.js?v=2.1.597 HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: text/javascript\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Tue, 10 Feb 2026 17:37:20 GMT\r\netag: \"95294-64a7bb518d400-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":610964,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (62846), with CRLF line terminators","md5":"6beda134b58d8286c5855d59990df360","sha1":"a2048811926b2c2cb7f5f55259221e4b2167a692","sha256":"d2944f14a4dc4f070117b9aa39969241db327e1b2b485e7d1c007c8e78145bee","sha512":"01b25b7b08eb819a70a9e4b17075136f57285197bc2e5695b2344b88c9f445939f381e1fc329d17abd0481264f50eb08c201c9228418ab9fb200ef95527b849c","ssdeep":"6144:ii8eGRuufsr5zQ47GKrpvMAd6lHWvu/22om1/jjOv3DaPQAib5IkK7M/:iiURum05b1x9vu+kjOfDaPQAib59/","tlshash":"a2d42a4d7249352289bb7279513f260af23a813b6501815cb82cc5dd6fbcd4862bbfbd","first_seen":"2026-02-10T09:56:51.202584Z","last_seen":"2026-04-01T04:43:31.916936Z","times_seen":11,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/eventdata/10690/images/partner_mutd.svg","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /eventdata/10690/images/partner_mutd.svg HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 22342\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Mon, 25 Mar 2019 21:38:24 GMT\r\netag: \"5746-584f2062b3400\"\r\naccept-ranges: bytes\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22342,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e4521f63a74a97ebe24cbe481cb9ae0f","sha1":"cb346cef9fc4bf2167cd16025281e0ef9d532ac9","sha256":"b6e468212b1f74ad46f91c8ab002ba8f083a5bcbbbb7d6fa7ffb2c00be8178f7","sha512":"1e7fe535cc6a3086e951dc45b1fcc839f0ea017a9abbe7e1eaaa723e49c6f5a4a67e50fa5702a55555a518cfb809159eb7456cbd7e80cce34f48d93d5425851d","ssdeep":"384:6QAStZ5ocTBaFzAdmFjA78ugQhJyUn2xDDt4Cp/k+buGMLQ:6QXZ5oQByjAwugoJMW+aGd","tlshash":"e7a2668b633dc2d838952678ad3937c337b1a8d99931d148d31ebc01a447eaa973ce75","first_seen":"2023-05-17T01:00:52Z","last_seen":"2026-04-01T04:43:31.884639Z","times_seen":31,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/eventdata/10690/images/partner_gwo.svg","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.897Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /eventdata/10690/images/partner_gwo.svg HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 10965\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Mon, 25 Mar 2019 21:46:35 GMT\r\netag: \"2ad5-584f2236f44c0\"\r\naccept-ranges: bytes\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T08:11:44.873372Z","times_seen":13414019,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/events2/credapp.cfm","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-24T10:00:55.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"POST /events2/credapp.cfm HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 83\r\nOrigin: https://secure.dhlguestmanagement.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: SS_TEST=true; LastActionTS=1771927252297; SS_NAVB=false; CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A52%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698; selectedLang=zh; CREDAPP_LOCALE=zh; _ga_G3KM9F037Q=GS2.1.s1771927253$o1$g0$t1771927253$j60$l0$h0; _ga=GA1.1.1285988910.1771927254; ajs_anonymous_id=f5738dd1-05e2-4b41-a1cf-0e222e4f4279\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":83,"data":"personID=3\u0026cancelAttendee=1\u0026personID=3\u0026cancelAttendee=1\u0026personID=3\u0026cancelAttendee=1"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:55 GMT\r\ncontent-type: text/html;charset=UTF-8\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nset-cookie: SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A55%27%7D; Path=/; Secure\nNEW_REQUEST=true; Path=/; Secure\nSSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; Path=/; Secure; HttpOnly\r\nexpires: Mon, 23 Feb 2026 10:00:55 GMT\r\npragma: no-cache\r\ncache-control: no-cache, no-store, must-revalidate\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22824,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (440), with CRLF, LF line terminators","md5":"ce31766288dde70253b48b2408888a9f","sha1":"7868b09b3cec0ccaa60121be3c77ed73b0e8a490","sha256":"0933f6d7fc2ddc02842ae1deccee2e5a068fb155322029413bd8394edcede7b9","sha512":"ada171bcfa50426cf0af11556b736140d1cc94a2d4d3f5db02cacf3c1ae21c1de09f5bb7ddac2612273f885b5d3f6e38123e11495bb124652ef67e14722a90bc","ssdeep":"384:wk+RH+RzLYgzY+x721W76n4hUVcdl2eO3ROR9W6vU:wkn721W76n42coho9WR","tlshash":"dea28104eb1e9438837e3155657aeaef623e54f828e04c46f9ce7cb453e8d4e4903e96","first_seen":"2026-02-24T10:01:21.676996Z","last_seen":"2026-02-24T10:01:21.676996Z","times_seen":1,"resource_available":true,"data":null}},"time_used":379,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":379,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.dhlguestmanagement.com/lib/responsive/foundation-5.5.2/js/vendor/modernizr.js","fqdn":"secure.dhlguestmanagement.com","domain":"dhlguestmanagement.com","tld":"com"},"ip":{"addr":"3.221.34.161","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure.dhlguestmanagement.com/events2/credapp.cfm","date":"2026-02-24T10:00:51.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"secure.dhlguestmanagement.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 31 Mar 2025 00:00:00 GMT","end":"Wed, 29 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:7D:BE:41:7C:70:D6:FD:41:C8:E2:9F:37:65:99:13:5C:87:D3:0D","sha256":"AF:D4:E2:58:E6:B7:C5:0D:96:62:65:06:B8:A5:CF:50:72:EE:36:44:11:C1:A3:4F:EA:19:74:06:24:8A:2B:BB"}}},"request":{"raw":"GET /lib/responsive/foundation-5.5.2/js/vendor/modernizr.js HTTP/1.1\r\nHost: secure.dhlguestmanagement.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure.dhlguestmanagement.com/events2/credapp.cfm\r\nCookie: CFID=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-8603; CFTOKEN=Zt8lucp4dpzaqsz0wjxf1wr8h4o8dlvmjybqpyj5tvhrvnwg5r-4fa79008628603b-96F1739C-94B1-0DEF-6E2BA92FF65B1C13; JSESSIONID=BD32EE3078B398E597C1F741E9555C5F.cfusion; SS_LAST_HIT=%7Bts%20%272026%2D02%2D24%2010%3A00%3A50%27%7D; NEW_REQUEST=true; SSKM=bdf9de22%2D56b4%2D48f7%2D87f2%2D8b72445fd9fc; USERVISITID=15444758; CREDAPP_EVENTID=15420; CREDAPP_SESSIONID=506B0C99%2DB849%2DA0B6%2D1A2A63C2DE24E80F; CREDAPP_FRONTENDSESSIONAPPID=15811698\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 10:00:51 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 4633\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Tue, 10 Feb 2026 17:37:11 GMT\r\netag: \"2c00-64a7bb48f7fc0-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1;mode=block\r\nx-content-type-options: nosniff\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11264,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (11086)","md5":"7710ac5fd1f24229d5d7ba401f7fd6b8","sha1":"b6a3f1e66ef1376216117f3c2fc71d735bf6eb5a","sha256":"4f175ba1a86dca89a1b1c8cded4cb6d76acc15e976cba8bdc3c8c95820adf716","sha512":"e9c1544b0103d4af3165691bc950e6881c101c6ab7127518746a41b28f83f95641ce72dc9e86dc29608362e83cbce1e71e0e47ae963476e54f72fcb2f94f01a9","ssdeep":"192:ezMdVO7MRftBRCzHYxqG1uTyKVOKzEf7jQLJZMYWABl8xAfo:eYdVqMTCjYxqG1uTuKAfXQLJRNCxAQ","tlshash":"7f32c78eb29371095357a07b217f460ff27d98d9552848e4e059c5acbe34ce8427bf2d","first_seen":"2023-03-07T15:24:53Z","last_seen":"2026-04-06T04:01:07.37878Z","times_seen":320,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"secure.dhlguestmanagement.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"secure.dhlguestmanagement.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}