dhl-express-dhl-redelivery.sohzo.com Open in urlscan Pro
160.153.133.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dhl-express-dhl-redelivery.sohzo.com/
Submission: On March 26 via automatic, source certstream-suspicious (March 26th 2023, 12:54:53 am UTC) — Scanned from NL

Summary HTTP 23 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 23 HTTP transactions. The main IP is 160.153.133.168, located in Amsterdam, Netherlands and belongs to GODADDY-AMS, DE. The main domain is dhl-express-dhl-redelivery.sohzo.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on March 25th 2023. Valid for: 3 months.

This is the only time dhl-express-dhl-redelivery.sohzo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	160.153.133.168 160.153.133.168	21501 (GODADDY-AMS) (GODADDY-AMS)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
6	146.75.120.193 146.75.120.193	54113 (FASTLY) (FASTLY)
1	2a01:4f8:200:... 2a01:4f8:200:1097::2	24940 (HETZNER-AS) (HETZNER-AS)
2 2	140.82.121.4 140.82.121.4	36459 (GITHUB) (GITHUB)
1	2606:50c0:800... 2606:50c0:8000::154	54113 (FASTLY) (FASTLY)
1	96.43.128.66 96.43.128.66	19969 (JOESDATAC...) (JOESDATACENTER)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
4	135.181.63.70 135.181.63.70	24940 (HETZNER-AS) (HETZNER-AS)
23	11

1 160.153.133.168 (Amsterdam, Netherlands)

ASN21501 (GODADDY-AMS, DE)
PTR: 168.133.153.160.host.secureserver.net

dhl-express-dhl-redelivery.sohzo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

media.tenor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:200:1097::2 (Germany)

ASN24940 (HETZNER-AS, DE)

transfer.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 140.82.121.4 (Frankfurt am Main, Germany) 2 redirects

ASN36459 (GITHUB, US)
PTR: lb-140-82-121-4-fra.github.com

github.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8000::154 (United States)

ASN54113 (FASTLY, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.43.128.66 (United States)

ASN19969 (JOESDATACENTER, US)

cur.cursors-4u.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 135.181.63.70 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: cdn15.top4top.io

j.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	imgur.com i.imgur.com — Cisco Umbrella Rank: 6247	639 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com — Cisco Umbrella Rank: 309	33 KB
4	top4top.io j.top4top.io	23 KB
2	gstatic.com fonts.gstatic.com	51 KB
2	github.com 2 redirects github.com — Cisco Umbrella Rank: 2947	6 KB
1	cursors-4u.net cur.cursors-4u.net — Cisco Umbrella Rank: 622552	4 KB
1	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 4690	5 KB
1	transfer.sh transfer.sh — Cisco Umbrella Rank: 741809
1	tenor.com media.tenor.com — Cisco Umbrella Rank: 6445	9 MB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 783	11 KB
1	sohzo.com dhl-express-dhl-redelivery.sohzo.com	12 KB
23	11

	Domain	Requested by
6	i.imgur.com	dhl-express-dhl-redelivery.sohzo.com
4	j.top4top.io	dhl-express-dhl-redelivery.sohzo.com
4	fonts.googleapis.com	dhl-express-dhl-redelivery.sohzo.com
2	fonts.gstatic.com	fonts.googleapis.com
2	github.com	2 redirects
1	cur.cursors-4u.net	dhl-express-dhl-redelivery.sohzo.com
1	raw.githubusercontent.com	dhl-express-dhl-redelivery.sohzo.com
1	transfer.sh	dhl-express-dhl-redelivery.sohzo.com
1	media.tenor.com	dhl-express-dhl-redelivery.sohzo.com
1	maxcdn.bootstrapcdn.com	dhl-express-dhl-redelivery.sohzo.com
1	ajax.googleapis.com	dhl-express-dhl-redelivery.sohzo.com
1	dhl-express-dhl-redelivery.sohzo.com
23	12

This site contains links to these domains. Also see Links.

Domain
1877.team
t.me
instagram.com

Subject Issuer	Validity	Valid
dhl-express-dhl-redelivery.sohzo.com ZeroSSL RSA Domain Secure Site CA	`2023-03-25` - `2023-06-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
c.tenor.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
www.transfer.sh R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
ani.cursors-4u.net R3	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
top4top.io R3	`2023-03-01` - `2023-05-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://dhl-express-dhl-redelivery.sohzo.com/
Frame ID: 18A6F483A8689588F3F04FEFAA70E4BD
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hacked by emirJK

Detected technologies

particles.js (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

<div id="particles-js">

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

96 %
HTTPS

58 %
IPv6

11
Domains

12
Subdomains

11
IPs

4
Countries

10303 kB
Transfer

10951 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://1877.team/
Title: Website

Search URL Search Domain Scan URL

URL: https://t.me/x1877x
Title: Telegram

Search URL Search Domain Scan URL

URL: https://instagram.com/xem7r
Title: instagram

Search URL Search Domain Scan URL

URL: https://t.me/esrarci
Title: Telegram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://github.com/ByTanimsiz/q/blob/main/cur641.cur?raw=true HTTP 302
https://github.com/ByTanimsiz/q/raw/main/cur641.cur HTTP 302
https://raw.githubusercontent.com/ByTanimsiz/q/main/cur641.cur

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
dhl-express-dhl-redelivery.sohzo.com/ 90 KB
12 KB 94ms
32ms Document
text/html 160.153.133.168
GODADDY-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://dhl-express-dhl-redelivery.sohzo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 160.153.133.168 Amsterdam, Netherlands, ASN21501 (GODADDY-AMS, DE),
Reverse DNS: 168.133.153.160.host.secureserver.net
Software: Apache /
Resource Hash: 8173f483860e29b6b87dacacced5bce6671ae689b270e17ac837f01d4d8ef7a8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 12513
content-type: text/html
date: Sun, 26 Mar 2023 00:54:44 GMT
etag: "99e0f2c-16679-5f7c2ca59bacc-br"
last-modified: Sun, 26 Mar 2023 00:34:34 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
849 B 76ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rajdhani&display=swap

Requested by

Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ff5c61342b32a9d338597920369e2462881e61456f69d02ccfe07696d2fe8a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dhl-express-dhl-redelivery.sohzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Mar 2023 00:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Mar 2023 00:54:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Mar 2023 00:54:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 397 B
394 B 76ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Averia+Sans+Libre

Requested by

Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7aad037edb003fce852a71628d28d0511c9c3b5a4cb5e30b81b86534a461f132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dhl-express-dhl-redelivery.sohzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Mar 2023 00:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Mar 2023 00:35:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Mar 2023 00:54:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
876 B 77ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Share+Tech+Mono|Rajdhani|Oswald:700|Iceland|PT+Sans&display=swap

Requested by

Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7aed3940ed9ccf1364ae5606d2cb3222311462ed145d7623f9d900ccee5c033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dhl-express-dhl-redelivery.sohzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Mar 2023 00:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Mar 2023 00:54:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Mar 2023 00:54:44 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 114ms
29ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dhl-express-dhl-redelivery.sohzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Mar 2024 18:05:11 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 60ms
21ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dhl-express-dhl-redelivery.sohzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 00:54:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 755
age: 329040
cdn-cachedat: 12/13/2021 20:18:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 48135f30fbfcba704628453df5764d8f
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7adb6c8e2b4bb939-AMS
cdn-requestpullsuccess: True

GET
H2 200 droidarabickufi.css
fonts.googleapis.com/earlyaccess/ 1 KB
382 B 79ms
33ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/earlyaccess/droidarabickufi.css

Requested by

Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

06eb9b648fd1429d0cef25265009259c35f053a76118194b4073c98e161812be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dhl-express-dhl-redelivery.sohzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 00:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sun, 26 Mar 2023 00:54:44 GMT

GET
H2 200 polat-alemdar-sigara.gif
media.tenor.com/XIqcApG3jA4AAAAd/ 9 MB
9 MB 338ms
237ms Image
image/gif 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.tenor.com/XIqcApG3jA4AAAAd/polat-alemdar-sigara.gif

Requested by

Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9a7e3fc3cb7d6ab4cffa472d8d6a99f95f88c70ce629c7c712beda7f969f56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dhl-express-dhl-redelivery.sohzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 00:54:44 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-tenor-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9747880
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 00:29:34 GMT
server: sffe
report-to: {"group":"media-tenor-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-tenor-team"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="media-tenor-team"
expires: Mon, 27 Mar 2023 00:54:44 GMT

GET
H2 200 Imsbaxc.gif
i.imgur.com/ 74 KB
74 KB 69ms
21ms Image
image/gif 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Imsbaxc.gif

Requested by

Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

84da6165da33bb1f2eb85464022b1286939557ec35634045bba0cd1f22ead9ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dhl-express-dhl-redelivery.sohzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 00:54:44 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 2144429
x-cache: HIT, HIT
content-length: 75859
x-served-by: cache-iad-kcgs7200114-IAD, cache-hhn-etou8220041-HHN
last-modified: Sun, 12 Sep 2021 08:35:01 GMT
server: cat factory 1.0
x-timer: S1679792084.211248,VS0,VE2
etag: "b2e4311ab27f553c0d9cd131b1a8c6a0"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 302, 1

GET
H2 200 nNhAn7g.gif
i.imgur.com/ 222 KB
222 KB 80ms
32ms Image
image/gif 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/nNhAn7g.gif

Requested by

Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

60233b70158aec69ed47dc6dc94179c49055dd74e2263cd10c86a83d38513710

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dhl-express-dhl-redelivery.sohzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 00:54:44 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 5137938
x-cache: HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 227286
x-served-by: cache-iad-kjyo7100128-IAD, cache-hhn-etou8220041-HHN
last-modified: Sat, 06 Nov 2021 23:35:25 GMT
server: cat factory 1.0
x-timer: S1679792084.211380,VS0,VE2
etag: "1cf673c811b06da40035b87d80b05abc"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 279, 1

GET
H2 200 BbSScWJ.gif
i.imgur.com/ 222 KB
222 KB 110ms
62ms Image
image/gif 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/BbSScWJ.gif

Requested by

Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

da50545b8faaa464d9601b2bfe695a4dea0aeff07a4876d4e900027d5ba83659

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dhl-express-dhl-redelivery.sohzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 00:54:44 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 3400893
x-cache: HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 227339
x-served-by: cache-iad-kiad7000037-IAD, cache-hhn-etou8220041-HHN
last-modified: Sat, 06 Nov 2021 23:35:25 GMT
server: cat factory 1.0
x-timer: S1679792084.211382,VS0,VE2
etag: "09cb32a36013e29fffa42a50fe1aadcc"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 77, 1

GET
H2 200 34uOiaV.png
i.imgur.com/ 151 B
322 B 21ms
20ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/34uOiaV.png

Requested by

Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

db5f562ecd676efb38f9e888f75f9c517b5807ea0d122a993470aa805bba0451

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dhl-express-dhl-redelivery.sohzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 00:54:44 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 1310886
x-cache: HIT, HIT
content-length: 151
x-served-by: cache-iad-kiad7000122-IAD, cache-hhn-etou8220041-HHN
last-modified: Fri, 06 Nov 2020 12:41:00 GMT
server: cat factory 1.0
x-timer: S1679792084.333578,VS0,VE1
etag: "e82e0f6662ca9a03172b44d155574133"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 17, 1

GET
H2 404 kurd1877.mp3
transfer.sh/get/cUHkR8/ 0
0 207ms
71ms Media
text/plain 2a01:4f8:200:1097::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://transfer.sh/get/cUHkR8/kurd1877.mp3
Requested by: Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:200:1097::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://dhl-express-dhl-redelivery.sohzo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=0-

Response headers

GET
H2

200

cur641.cur
raw.githubusercontent.com/ByTanimsiz/q/main/
Redirect Chain

https://github.com/ByTanimsiz/q/blob/main/cur641.cur?raw=true
https://github.com/ByTanimsiz/q/raw/main/cur641.cur
https://raw.githubusercontent.com/ByTanimsiz/q/main/cur641.cur

4 KB
5 KB

241ms
188ms

Image
application/octet-stream

2606:50c0:8000::154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/ByTanimsiz/q/main/cur641.cur

Requested by

Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/

Protocol

Server

2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

50855fb8a5aa28a93c62a47341df063ab3cc55f2106f80136593b29ab63e10cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dhl-express-dhl-redelivery.sohzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-fastly-request-id: b1295b46ec31c67507897e1d8d02388a8abbd00d
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Sun, 26 Mar 2023 00:54:45 GMT
via: 1.1 varnish
x-cache-hits: 0
x-cache: MISS
content-length: 4286
x-xss-protection: 1; mode=block
x-served-by: cache-ams21048-AMS
x-github-request-id: 13A2:AE52:30441F5:32611F3:641F97D4
x-timer: S1679792085.853085,VS0,VE175
etag: W/"145174b3ca4235eef0dc508f8b56a7131a18000586d1851484f907524199b2bd"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Sun, 26 Mar 2023 00:59:45 GMT

Redirect headers

date: Sun, 26 Mar 2023 00:54:44 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: GitHub.com
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com objects-origin.githubusercontent.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events *.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ wss://*.actions.githubusercontent.com online.visualstudio.com/api/v1/locations github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com objects-origin.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
x-github-request-id: B952:DCFE:858E4E6:89AE101:641F97D4
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
x-frame-options: deny
content-type: text/html; charset=utf-8
access-control-allow-origin: https://render.githubusercontent.com
location: https://raw.githubusercontent.com/ByTanimsiz/q/main/cur641.cur
cache-control: no-cache
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK cur686.cur
cur.cursors-4u.net/cursors/cur-7/ 4 KB
4 KB 595ms
120ms Image
application/octet-stream 96.43.128.66
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cur.cursors-4u.net/cursors/cur-7/cur686.cur
Requested by: Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 96.43.128.66 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ca210df9f8aeddf6ea59bad1ebbb86afccec83543deb0f1a2d2f2f27c335ba32

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dhl-express-dhl-redelivery.sohzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 00:54:44 GMT
Last-Modified: Wed, 27 Feb 2013 17:44:54 GMT
Server: nginx/1.16.1
ETag: "512e4616-10be"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4286

GET
H2 200 H3pbYvi.jpg
i.imgur.com/ 65 KB
65 KB 29ms
28ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/H3pbYvi.jpg

Requested by

Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

fc3d86bce793c5c45a97cfad69517ab5fb675fee64555cb8620d52d9789019bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dhl-express-dhl-redelivery.sohzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 00:54:44 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 10618
x-cache: HIT, HIT
content-length: 66612
x-served-by: cache-iad-kjyo7100068-IAD, cache-hhn-etou8220041-HHN
last-modified: Fri, 03 Jun 2022 00:54:25 GMT
server: cat factory 1.0
x-timer: S1679792084.353847,VS0,VE2
etag: "55738a52776c794d9573bdbbf5ee3239"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 8f11A2B.gif
i.imgur.com/ 55 KB
55 KB 28ms
28ms Image
image/gif 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/8f11A2B.gif

Requested by

Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

b16799fd7706daecb9ba67a2d4d9506bc37beacdd9efb8414bfb08f629b483e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dhl-express-dhl-redelivery.sohzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 00:54:44 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 1323953
x-cache: HIT, HIT
content-length: 55831
x-served-by: cache-iad-kcgs7200163-IAD, cache-hhn-etou8220041-HHN
last-modified: Sat, 06 Nov 2021 23:53:00 GMT
server: cat factory 1.0
x-timer: S1679792084.353839,VS0,VE2
etag: "be27b663e1462ae86bb6ed4983d46c2b"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 27, 1

GET
H2 200 ga6XaxZG_G5OvCf_rt7FH3B6BHLMEdVOEoI.woff2
fonts.gstatic.com/s/averiasanslibre/v17/ 36 KB
36 KB 87ms
30ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/averiasanslibre/v17/ga6XaxZG_G5OvCf_rt7FH3B6BHLMEdVOEoI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Averia+Sans+Libre

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5adbad4e799ade940d96f6f293fc1ea535b504a6151555c879c5e183aeac1018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dhl-express-dhl-redelivery.sohzo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:45:08 GMT
x-content-type-options: nosniff
age: 403776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36608
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:03:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:45:08 GMT

GET
H2 200 LDIxapCSOBg7S-QT7p4HM-Y.woff2
fonts.gstatic.com/s/rajdhani/v15/ 15 KB
15 KB 120ms
64ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rajdhani/v15/LDIxapCSOBg7S-QT7p4HM-Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rajdhani&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

759a9000e47b028799d7a4ca602634a7ac7adf415775df070a335d18d9b66f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dhl-express-dhl-redelivery.sohzo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:38:53 GMT
x-content-type-options: nosniff
age: 404151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14976
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:42:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:38:53 GMT

GET
H2 206 m_2136le6691.mp4
j.top4top.io/ 80 KB
0 194ms
80ms Media
video/mp4 135.181.63.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://j.top4top.io/m_2136le6691.mp4
Requested by: Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.181.63.70 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn15.top4top.io
Software: nginx /
Resource Hash

Request headers

Referer: https://dhl-express-dhl-redelivery.sohzo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=0-

Response headers

x-file-id: x42119577x
date: Sun, 26 Mar 2023 00:54:44 GMT
last-modified: Sat, 06 Nov 2021 22:58:53 GMT
server: nginx
etag: "618708ad-4e5a21"
content-type: video/mp4
Content-Range: bytes 0-5134880/5134881
cache-control: max-age=7200
content-disposition: inline; filename="Tony%20montana%20edit.mp4"
Content-Length: 5134881
expires: Sun, 26 Mar 2023 02:54:44 GMT

GET
H2 206 m_2136le6691.mp4
j.top4top.io/ 23 KB
23 KB 169ms
168ms Media
video/mp4 135.181.63.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://j.top4top.io/m_2136le6691.mp4
Requested by: Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.181.63.70 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn15.top4top.io
Software: nginx /
Resource Hash: 1deddc38e7b7935bffa53739b6d72df4986fda6a29b6d912d7d37680249fb7d1

Request headers

Referer: https://dhl-express-dhl-redelivery.sohzo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=5111808-

Response headers

x-file-id: x42119577x
date: Sun, 26 Mar 2023 00:54:44 GMT
last-modified: Sat, 06 Nov 2021 22:58:53 GMT
server: nginx
etag: "618708ad-4e5a21"
content-type: video/mp4
Content-Range: bytes 5111808-5134880/5134881
cache-control: max-age=7200
content-disposition: inline; filename="Tony%20montana%20edit.mp4"
Content-Length: 23073
expires: Sun, 26 Mar 2023 02:54:44 GMT

GET
H2 206 m_2136le6691.mp4
j.top4top.io/ 336 KB
0 47ms
47ms Media
video/mp4 135.181.63.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://j.top4top.io/m_2136le6691.mp4
Requested by: Host: dhl-express-dhl-redelivery.sohzo.com
URL: https://dhl-express-dhl-redelivery.sohzo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.181.63.70 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn15.top4top.io
Software: nginx /
Resource Hash

Request headers

Referer: https://dhl-express-dhl-redelivery.sohzo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=65536-

Response headers

x-file-id: x42119577x
date: Sun, 26 Mar 2023 00:54:44 GMT
last-modified: Sat, 06 Nov 2021 22:58:53 GMT
server: nginx
etag: "618708ad-4e5a21"
content-type: video/mp4
Content-Range: bytes 65536-5134880/5134881
cache-control: max-age=7200
content-disposition: inline; filename="Tony%20montana%20edit.mp4"
Content-Length: 5069345
expires: Sun, 26 Mar 2023 02:54:44 GMT

GET
H2 206 m_2136le6691.mp4
j.top4top.io/ 79 KB
0 200ms
199ms Media
video/mp4 135.181.63.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://j.top4top.io/m_2136le6691.mp4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.181.63.70 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn15.top4top.io
Software: nginx /
Resource Hash

Request headers

Referer: https://dhl-express-dhl-redelivery.sohzo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=393216-

Response headers

x-file-id: x42119577x
date: Sun, 26 Mar 2023 00:54:45 GMT
last-modified: Sat, 06 Nov 2021 22:58:53 GMT
server: nginx
etag: "618708ad-4e5a21"
content-type: video/mp4
Content-Range: bytes 393216-5134880/5134881
cache-control: max-age=7200
content-disposition: inline; filename="Tony%20montana%20edit.mp4"
Content-Length: 4741665
expires: Sun, 26 Mar 2023 02:54:45 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://dhl-express-dhl-redelivery.sohzo.com/(Line 13) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
network	error	URL: https://transfer.sh/get/cUHkR8/kurd1877.mp3 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cur.cursors-4u.net
dhl-express-dhl-redelivery.sohzo.com
fonts.googleapis.com
fonts.gstatic.com
github.com
i.imgur.com
j.top4top.io
maxcdn.bootstrapcdn.com
media.tenor.com
raw.githubusercontent.com
transfer.sh
135.181.63.70
140.82.121.4
146.75.120.193
160.153.133.168
2606:4700::6812:bcf
2606:50c0:8000::154
2a00:1450:4001:801::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200a
2a01:4f8:200:1097::2
96.43.128.66
06eb9b648fd1429d0cef25265009259c35f053a76118194b4073c98e161812be
1deddc38e7b7935bffa53739b6d72df4986fda6a29b6d912d7d37680249fb7d1
50855fb8a5aa28a93c62a47341df063ab3cc55f2106f80136593b29ab63e10cf
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5adbad4e799ade940d96f6f293fc1ea535b504a6151555c879c5e183aeac1018
60233b70158aec69ed47dc6dc94179c49055dd74e2263cd10c86a83d38513710
759a9000e47b028799d7a4ca602634a7ac7adf415775df070a335d18d9b66f38
7aad037edb003fce852a71628d28d0511c9c3b5a4cb5e30b81b86534a461f132
8173f483860e29b6b87dacacced5bce6671ae689b270e17ac837f01d4d8ef7a8
84da6165da33bb1f2eb85464022b1286939557ec35634045bba0cd1f22ead9ae
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
9ff5c61342b32a9d338597920369e2462881e61456f69d02ccfe07696d2fe8a2
a9a7e3fc3cb7d6ab4cffa472d8d6a99f95f88c70ce629c7c712beda7f969f56b
b16799fd7706daecb9ba67a2d4d9506bc37beacdd9efb8414bfb08f629b483e3
ca210df9f8aeddf6ea59bad1ebbb86afccec83543deb0f1a2d2f2f27c335ba32
d7aed3940ed9ccf1364ae5606d2cb3222311462ed145d7623f9d900ccee5c033
da50545b8faaa464d9601b2bfe695a4dea0aeff07a4876d4e900027d5ba83659
db5f562ecd676efb38f9e888f75f9c517b5807ea0d122a993470aa805bba0451
fc3d86bce793c5c45a97cfad69517ab5fb675fee64555cb8620d52d9789019bb

dhl-express-dhl-redelivery.sohzo.com Open in urlscan Pro 160.153.133.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

23 Requests

96 %HTTPS

58 %IPv6

11 Domains

12 Subdomains

11 IPs

4 Countries

10303 kBTransfer

10951 kBSize

0 Cookies

4 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

dhl-express-dhl-redelivery.sohzo.com Open in urlscan Pro
160.153.133.168 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

96 %
HTTPS

58 %
IPv6

11
Domains

12
Subdomains

11
IPs

4
Countries

10303 kB
Transfer

10951 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions