expresslogisticdelivery.online Open in urlscan Pro
131.153.147.42 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://expresslogisticdelivery.online/
Effective URL:
https://expresslogisticdelivery.online/
Submission: On September 15 via api (September 15th 2023, 3:19:48 pm UTC) from GB — Scanned from GB

Summary HTTP 145 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 43 domains to perform 145 HTTP transactions. The main IP is 131.153.147.42, located in Ashburn, United States and belongs to SS-ASH, US. The main domain is expresslogisticdelivery.online.
TLS certificate: Issued by R3 on September 15th 2023. Valid for: 3 months.

This is the only time expresslogisticdelivery.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UPS (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 12	131.153.147.42 131.153.147.42	19437 (SS-ASH) (SS-ASH)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	15.204.22.185 15.204.22.185	16276 (OVH) (OVH)
1	2606:4700:e0:... 2606:4700:e0::ac40:670b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	63.140.62.214 63.140.62.214	15224 (OMNITURE) (OMNITURE)
3	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	18.239.50.124 18.239.50.124	16509 (AMAZON-02) (AMAZON-02)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
12	2600:9000:223... 2600:9000:223e:e800:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a02:26f0:350... 2a02:26f0:3500:885::353a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.158.81.252 18.158.81.252	16509 (AMAZON-02) (AMAZON-02)
7	2a13:1ec0::1037 2a13:1ec0::1037	201589 (EDGEAMLLC) (EDGEAMLLC)
1	104.26.9.183 104.26.9.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:310... 2606:4700:3108::ac42:2ad3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	52.189.67.17 52.189.67.17	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
6	99.80.170.99 99.80.170.99	16509 (AMAZON-02) (AMAZON-02)
2	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.64.124.239 104.64.124.239	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:249... 2600:9000:2490:7e00:3:3268:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:310... 2a02:26f0:3100:789::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.97.57 18.66.97.57	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
11	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.248.15.130 34.248.15.130	16509 (AMAZON-02) (AMAZON-02)
1 1	52.212.121.189 52.212.121.189	16509 (AMAZON-02) (AMAZON-02)
1 3	172.64.148.101 172.64.148.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1f18:612... 2600:1f18:612b:4264:68e0:e587:d65a:6262	14618 (AMAZON-AES) (AMAZON-AES)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	57.128.74.65 57.128.74.65	16276 (OVH) (OVH)
2	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
1 4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:2247:e000:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:981::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	44.217.21.216 44.217.21.216	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	35.186.236.204 35.186.236.204	15169 (GOOGLE) (GOOGLE)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.198.194.141 18.198.194.141	16509 (AMAZON-02) (AMAZON-02)
1 1	72.251.232.132 72.251.232.132	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7 7	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 2	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	13.32.121.71 13.32.121.71	16509 (AMAZON-02) (AMAZON-02)
1 1	108.138.189.11 108.138.189.11	16509 (AMAZON-02) (AMAZON-02)
1	18.194.224.139 18.194.224.139	() ()
145	55

12 131.153.147.42 (Ashburn, United States) 1 redirects

ASN19437 (SS-ASH, US)
PTR: wghp2.wghservers.com

expresslogisticdelivery.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.204.22.185 (Hillsboro, United States)

ASN16276 (OVH, FR)
PTR: ip185.ip-15-204-22.us

db.onlinewebfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:670b (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn1gqrxzvrld7vjwm-upscx.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.214 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-214.data.adobedc.net

smetrics.ups.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.50.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-124.ams58.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:223e:e800:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:3500:885::353a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.ups.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.81.252 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-81-252.eu-central-1.compute.amazonaws.com

visitor-service-eu-central-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a13:1ec0::1037 (Armenia)

ASN201589 (EDGEAMLLC, AM)

code.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.9.183 (None, )

ASN13335 (CLOUDFLARENET, US)

code.tidio.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2ad3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn3.iconfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.189.67.17 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ups.inq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

media-us1.digital.nuance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.80.170.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-170-99.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.124.239 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-124-239.deploy.static.akamaitechnologies.com

akamai.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:7e00:3:3268:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

aap-p.ups.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100:789::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-57.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.15.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-15-130.eu-west-1.compute.amazonaws.com

ups.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.121.189 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-121-189.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.148.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:68e0:e587:d65a:6262 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 57.128.74.65 (France)

ASN16276 (OVH, FR)
PTR: ns3227025.ip-57-128-74.eu

node-ya-6.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

6451349.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2247:e000:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:981::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.217.21.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-21-216.compute-1.amazonaws.com

ups.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.236.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.236.186.35.bc.googleusercontent.com

mpp.vindicosuite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.194.141 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-194-141.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.232.132 (Santa Clara, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)

pix-us.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.2.49 (United States) 7 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.212 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.71 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-71.fra60.r.cloudfront.net

ads.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.189.11 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-189-11.mxp64.r.cloudfront.net

evt.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.224.139 (None, )

ASN- ()

datacloud.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1218 akamai.tiqcdn.com — Cisco Umbrella Rank: 13052	203 KB
12	expresslogisticdelivery.online 1 redirects expresslogisticdelivery.online	707 KB
11	tawk.to embed.tawk.to — Cisco Umbrella Rank: 10538 va.tawk.to — Cisco Umbrella Rank: 10046	140 KB
10	ups.com smetrics.ups.com — Cisco Umbrella Rank: 14143 www.ups.com — Cisco Umbrella Rank: 11072 Failed aap-p.ups.com — Cisco Umbrella Rank: 13153	243 KB
8	everesttech.net 8 redirects cm.everesttech.net — Cisco Umbrella Rank: 1322 sync-tm.everesttech.net — Cisco Umbrella Rank: 876	1 KB
8	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 239 ups.demdex.net — Cisco Umbrella Rank: 11945	13 KB
8	jivosite.com code.jivosite.com — Cisco Umbrella Rank: 36513 node-ya-6.jivosite.com — Cisco Umbrella Rank: 219802	369 KB
7	qualtrics.com zn1gqrxzvrld7vjwm-upscx.siteintercept.qualtrics.com — Cisco Umbrella Rank: 14470 siteintercept.qualtrics.com — Cisco Umbrella Rank: 1080	83 KB
5	doubleclick.net 1 redirects 6451349.fls.doubleclick.net — Cisco Umbrella Rank: 14399 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 googleads.g.doubleclick.net — Cisco Umbrella Rank: 47	4 KB
5	nuance.com media-us1.digital.nuance.com — Cisco Umbrella Rank: 10399	358 KB
5	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1817 insight.adsrvr.org — Cisco Umbrella Rank: 665 match.adsrvr.org — Cisco Umbrella Rank: 406	4 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	11 KB
3	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 658	2 KB
3	company-target.com s.company-target.com — Cisco Umbrella Rank: 1777 api.company-target.com — Cisco Umbrella Rank: 4576	3 KB
3	google.com translate.google.com — Cisco Umbrella Rank: 1341 adservice.google.com — Cisco Umbrella Rank: 121 www.google.com — Cisco Umbrella Rank: 2	31 KB
3	tealiumiq.com visitor-service-eu-central-1.tealiumiq.com — Cisco Umbrella Rank: 36397 datacloud.tealiumiq.com	1 KB
3	youtube.com www.youtube.com — Cisco Umbrella Rank: 81	128 KB
2	undertone.com 2 redirects ads.undertone.com — Cisco Umbrella Rank: 6740 evt.undertone.com — Cisco Umbrella Rank: 6142	1000 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 268	2 KB
2	google.co.uk 1 redirects adservice.google.co.uk — Cisco Umbrella Rank: 7501 www.google.co.uk — Cisco Umbrella Rank: 3253	1 KB
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 402	478 B
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1495 c.go-mpulse.net — Cisco Umbrella Rank: 659	51 KB
2	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 929	140 B
2	inq.com ups.inq.com — Cisco Umbrella Rank: 13178	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 186	139 KB
2	demandbase.com scripts.demandbase.com — Cisco Umbrella Rank: 11481 tag-logger.demandbase.com — Cisco Umbrella Rank: 5455	27 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	151 KB
2	onlinewebfonts.com db.onlinewebfonts.com — Cisco Umbrella Rank: 44794	14 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56 translate.googleapis.com — Cisco Umbrella Rank: 1151	78 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 117	715 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 1113	450 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 532	273 B
1	revjet.com 1 redirects pix-us.revjet.com — Cisco Umbrella Rank: 33430	326 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 151	18 KB
1	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1789	105 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 273	635 B
1	vindicosuite.com mpp.vindicosuite.com — Cisco Umbrella Rank: 6975	24 B
1	blueconic.net ups.blueconic.net — Cisco Umbrella Rank: 16755 Failed	725 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1413	392 B
1	iconfinder.com cdn3.iconfinder.com — Cisco Umbrella Rank: 82065	10 KB
1	tidio.co code.tidio.co — Cisco Umbrella Rank: 18442
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1209	12 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
145	43

	Domain	Requested by
12	tags.tiqcdn.com	expresslogisticdelivery.online tags.tiqcdn.com
12	expresslogisticdelivery.online	1 redirects expresslogisticdelivery.online www.ups.com
8	embed.tawk.to	expresslogisticdelivery.online embed.tawk.to
8	www.ups.com	expresslogisticdelivery.online www.ups.com
7	sync-tm.everesttech.net	7 redirects
7	code.jivosite.com	expresslogisticdelivery.online code.jivosite.com
6	dpm.demdex.net	tags.tiqcdn.com expresslogisticdelivery.online
6	siteintercept.qualtrics.com	expresslogisticdelivery.online
5	media-us1.digital.nuance.com	expresslogisticdelivery.online ups.inq.com
3	va.tawk.to	embed.tawk.to
3	match.adsrvr.org	expresslogisticdelivery.online
3	dsum-sec.casalemedia.com	1 redirects s.company-target.com expresslogisticdelivery.online
3	www.gstatic.com	expresslogisticdelivery.online www.gstatic.com
3	www.youtube.com	expresslogisticdelivery.online www.youtube.com
2	ib.adnxs.com	1 redirects
2	cm.g.doubleclick.net	1 redirects expresslogisticdelivery.online
2	6451349.fls.doubleclick.net	expresslogisticdelivery.online adservice.google.com
2	pixel.rubiconproject.com	s.company-target.com expresslogisticdelivery.online
2	ups.demdex.net	tags.tiqcdn.com expresslogisticdelivery.online
2	s.company-target.com	scripts.demandbase.com expresslogisticdelivery.online
2	id.rlcdn.com	expresslogisticdelivery.online
2	ups.inq.com	expresslogisticdelivery.online
2	visitor-service-eu-central-1.tealiumiq.com	expresslogisticdelivery.online
2	connect.facebook.net	expresslogisticdelivery.online
2	www.googletagmanager.com	expresslogisticdelivery.online
2	db.onlinewebfonts.com	expresslogisticdelivery.online db.onlinewebfonts.com
1	datacloud.tealiumiq.com	tags.tiqcdn.com
1	evt.undertone.com	1 redirects
1	ads.undertone.com	1 redirects
1	www.facebook.com
1	image2.pubmatic.com
1	us-u.openx.net
1	www.google.co.uk	6451349.fls.doubleclick.net
1	www.google.com	6451349.fls.doubleclick.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	pix-us.revjet.com	1 redirects
1	www.googleadservices.com	6451349.fls.doubleclick.net
1	bs.serving-sys.com	expresslogisticdelivery.online
1	c.bing.com	1 redirects
1	mpp.vindicosuite.com	expresslogisticdelivery.online
1	adservice.google.co.uk	1 redirects
1	c.go-mpulse.net	s.go-mpulse.net
1	adservice.google.com	6451349.fls.doubleclick.net
1	fonts.gstatic.com	expresslogisticdelivery.online
1	ups.blueconic.net	aap-p.ups.com
1	tag-logger.demandbase.com	scripts.demandbase.com
1	insight.adsrvr.org	1 redirects
1	node-ya-6.jivosite.com	code.jivosite.com
1	partners.tremorhub.com	s.company-target.com
1	cm.everesttech.net	1 redirects
1	translate.googleapis.com
1	api.company-target.com	scripts.demandbase.com
1	s.go-mpulse.net	expresslogisticdelivery.online
1	aap-p.ups.com	tags.tiqcdn.com
1	akamai.tiqcdn.com	tags.tiqcdn.com
1	translate.google.com	expresslogisticdelivery.online
1	cdn3.iconfinder.com	expresslogisticdelivery.online
1	code.tidio.co	expresslogisticdelivery.online
1	js.adsrvr.org	expresslogisticdelivery.online
1	scripts.demandbase.com	expresslogisticdelivery.online
1	smetrics.ups.com	expresslogisticdelivery.online
1	zn1gqrxzvrld7vjwm-upscx.siteintercept.qualtrics.com	expresslogisticdelivery.online
1	use.fontawesome.com	expresslogisticdelivery.online
1	fonts.googleapis.com	expresslogisticdelivery.online
0	sync.search.spotxchange.com Failed
145	65

This site contains links to these domains. Also see Links.

Domain
translate.google.com
www.jobs-ups.com
t.me
www.ups.com

Subject Issuer	Validity	Valid
expresslogisticdelivery.online R3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
onlinewebfonts.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-07` - `2023-12-07`	a year	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
smetrics.ups.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-30` - `2023-10-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-24` - `2023-09-22`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
www.ups.com COMODO ECC Organization Validation Secure Server CA	`2023-08-30` - `2024-08-29`	a year	crt.sh
*.tealiumiq.com Amazon RSA 2048 M01	`2023-07-26` - `2024-08-23`	a year	crt.sh
*.jivosite.com Go Daddy Secure Certificate Authority - G2	`2023-04-05` - `2024-05-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-17` - `2024-04-16`	a year	crt.sh
*.inq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2022-09-14` - `2023-10-12`	a year	crt.sh
*.digital.nuance.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2022-09-14` - `2023-10-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.company-target.com R3	`2023-08-21` - `2023-11-19`	3 months	crt.sh
*.tiqcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-12` - `2024-01-14`	a year	crt.sh
aap-p.ups.com Amazon RSA 2048 M03	`2023-08-04` - `2024-09-01`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-09-16` - `2023-10-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.demandbase.com Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
*.blueconic.net Amazon RSA 2048 M02	`2022-12-10` - `2024-01-08`	a year	crt.sh
mpp.vindicosuite.com GTS CA 1D4	`2023-07-23` - `2023-10-21`	3 months	crt.sh
bs.serving-sys.com Amazon RSA 2048 M02	`2023-03-11` - `2024-04-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://expresslogisticdelivery.online/
Frame ID: 84244ED3B8E0FE57245AB10C157AD483
Requests: 112 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: FCB052B3C1008914011864CB7A31B661
Requests: 4 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/TADEN-6MDCS-UHH5M-YHPKQ-2GBH3
Frame ID: C36BC1FCB2E463D70FD80D6A50CBF7DB
Requests: 2 HTTP requests in this frame

Frame: https://ups.demdex.net/dest5.html?d_nsid=0
Frame ID: 258096CA681A36923BC36D3D2882134C
Requests: 16 HTTP requests in this frame

Frame: https://ups.demdex.net/dest5.html?d_nsid=0
Frame ID: 89D542C09B569BB1FED45FB1068FCB1F
Requests: 1 HTTP requests in this frame

Frame: https://www.ups.com/nuance/nuance-chat.html?IFRAME&nuance-frame-ac=0
Frame ID: 671D0F7C480E78ADB4CAFD4AB483B0F7
Requests: 1 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 48E15AAC3249CBCB356A41F1BD5D4E91
Requests: 1 HTTP requests in this frame

Frame: https://6451349.fls.doubleclick.net/activityi;src=6451349;type=sitev;cat=upsal0;ord=5287103999035;gtm=4%20%20%20%20%20%20%20%20%20%205fe35h0;auiddc=539378998.1684426025;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page
Frame ID: 70F66037B00DB458213958D859E218F4
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&upid=3xdvk81&upv=1.1.0
Frame ID: 73A3A06EC0BD42B4FBFC215046BC8D68
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 61ABB210F036EBFA5B9FF4000816D9A5
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/src=6451349;type=sitev;cat=upsal0;ord=5287103999035;gtm=4%20%20%20%20%20%20%20%20%20%205fe35h0;auiddc=539378998.1684426025;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page
Frame ID: B0EA9D17C095310A5C3DB678CF4CF90F
Requests: 1 HTTP requests in this frame

Frame: https://6451349.fls.doubleclick.net/ddm/fls/r/src=6451349;type=sitev;cat=upsal0;ord=5287103999035;gtm=4%20%20%20%20%20%20%20%20%20%205fe35h0;auiddc=539378998.1684426025;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page
Frame ID: 349C37891B2F7C5174ED9B611EE5F11F
Requests: 5 HTTP requests in this frame

Frame: https://code.jivosite.com/sounds/agent_message.mp3
Frame ID: 3C46CED09D21AA74A0174838C07D15C1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Express Shipping & Logistics Solutions | Your Ultimate Home for Global Delivery Services - United States

Page URL History Show full URLs

http://expresslogisticdelivery.online/ HTTP 302
https://expresslogisticdelivery.online/ Page URL

Detected technologies

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

145
Requests

81 %
HTTPS

45 %
IPv6

43
Domains

65
Subdomains

55
IPs

7
Countries

2810 kB
Transfer

7048 kB
Size

31
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

URL: https://www.jobs-ups.com/
Title: jobs

Search URL Search Domain Scan URL

URL: https://t.me/expresslogisticdeliveryinfo

Search URL Search Domain Scan URL

URL: https://www.ups.com/us/en/help-center/legal-terms-conditions/privacy-notice.page
Title: Privacy Notice

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://expresslogisticdelivery.online/ HTTP 302
https://expresslogisticdelivery.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://cm.everesttech.net/cm/dd?d_uuid=86420127051692298840012751909852690323 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZQR2DQAAAEel7gNe

Request Chain 87

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1710515981&external_user_id=7c83caaf-8077-4271-ac1f-24a3af966d77 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1710515981&external_user_id=7c83caaf-8077-4271-ac1f-24a3af966d77&C=1

Request Chain 94

https://insight.adsrvr.org/track/up?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&upid=3xdvk81&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&upid=3xdvk81&upv=1.1.0

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODY0MjAxMjcwNTE2OTIyOTg4NDAwMTI3NTE5MDk4NTI2OTAzMjM= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEO5JHlI75otdYz7LcaAFrJU&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 111

https://adservice.google.co.uk/ddm/fls/i/src=6451349;type=sitev;cat=upsal0;ord=5287103999035;gtm=4%20%20%20%20%20%20%20%20%20%205fe35h0;auiddc=539378998.1684426025;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page HTTP 302
https://6451349.fls.doubleclick.net/ddm/fls/r/src=6451349;type=sitev;cat=upsal0;ord=5287103999035;gtm=4%20%20%20%20%20%20%20%20%20%205fe35h0;auiddc=539378998.1684426025;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page

Request Chain 114

https://c.bing.com/c.gif?uid=86420127051692298840012751909852690323&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=280EDA3B95CC653926C9C9B694776445

Request Chain 117

https://pix-us.revjet.com/idsync/adobe/1?aam_id=86420127051692298840012751909852690323&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D70027%26dpuuid%3D%24%24visitor_id%24%24 HTTP 302
https://dpm.demdex.net/ibs:dpid=70027&dpuuid=5074430891303709278

Request Chain 119

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlFSMkRRQUFBRWVsN2dOZQ==

Request Chain 121

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZQR2DQAAAEel7gNe&expires=90

Request Chain 124

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQR2DQAAAEel7gNe

Request Chain 132

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=ZQR2DQAAAEel7gNe HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZQR2DQAAAEel7gNe

Request Chain 133

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZQR2DQAAAEel7gNe

Request Chain 135

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZQR2DQAAAEel7gNe

Request Chain 144

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZQR2DQAAAEel7gNe&img=1

Request Chain 145

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZQR2DQAAAEel7gNe&t=2592000&o=0

Request Chain 147

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 307
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 302
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

145 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
expresslogisticdelivery.online/
Redirect Chain

http://expresslogisticdelivery.online/
https://expresslogisticdelivery.online/

102 KB
103 KB

1088ms
688ms

Document
text/html

131.153.147.42
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://expresslogisticdelivery.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.147.42 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS: wghp2.wghservers.com
Software: Apache / PHP/7.2.34
Resource Hash: 955286b8db32d1f72b8408b41882c3c913106f0c6010703f3ff47f4a3999dd8d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: en-GB,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 15 Sep 2023 15:19:39 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked
X-Powered-By: PHP/7.2.34

Redirect headers

Connection: Keep-Alive
Content-Length: 223
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 15 Sep 2023 15:19:39 GMT
Keep-Alive: timeout=5, max=100
Location: https://expresslogisticdelivery.online/
Server: Apache

GET
H/1.1 200
OK jquery.js Show response
expresslogisticdelivery.online/ 86 KB
86 KB 511ms
168ms Script
application/javascript 131.153.147.42
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://expresslogisticdelivery.online/jquery.js
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.147.42 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS: wghp2.wghservers.com
Software: Apache /
Resource Hash: 2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Fri, 15 Sep 2023 15:19:40 GMT
Last-Modified: Thu, 02 Feb 2023 00:55:36 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 88145

GET
H/1.1 200
OK mainstyle.css
expresslogisticdelivery.online/ 9 KB
9 KB 507ms
170ms Stylesheet
text/css 131.153.147.42
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://expresslogisticdelivery.online/mainstyle.css
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.147.42 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS: wghp2.wghservers.com
Software: Apache /
Resource Hash: 89ef4b4bb5da90db155119f1eb64cd0f0a941b900fe61062b445e6901a1af320

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Fri, 15 Sep 2023 15:19:40 GMT
Last-Modified: Thu, 02 Feb 2023 00:55:38 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8847

GET
H2 200 css
fonts.googleapis.com/ 16 KB
2 KB 166ms
57ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto|Lato:400,900|Source+Sans+Pro:400,700|Montserrat:800

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be982855b3c5ec16cb537729f5a423b4c0cfd9e3ca5d280da0e0b24389b681e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 15:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 15:19:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 15:19:40 GMT

GET
H/1.1 200
OK ainstylemobile.css
expresslogisticdelivery.online/ 4 KB
4 KB 506ms
168ms Stylesheet
text/css 131.153.147.42
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://expresslogisticdelivery.online/ainstylemobile.css
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.147.42 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS: wghp2.wghservers.com
Software: Apache /
Resource Hash: 99c998e8493d8cd50b3c83cf6fda0d9ef28890a23917df842adfeb4c48f07795

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Fri, 15 Sep 2023 15:19:40 GMT
Last-Modified: Thu, 02 Feb 2023 00:55:38 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4059

GET
H2 200 2cb3e62148b528138a35061500162dee
db.onlinewebfonts.com/c/ 1 KB
679 B 581ms
187ms Stylesheet
text/css 15.204.22.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://db.onlinewebfonts.com/c/2cb3e62148b528138a35061500162dee?family=Nasalization
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.204.22.185 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: ip185.ip-15-204-22.us
Software: nginx /
Resource Hash: 19a578a6fc266b1e74e11e8480575044918ebd626e9a7fb8b9798d0bf696fee5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:18:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
nginx-cache: HIT
cache-control: public,max-age=86400,must-revalidate
access-control-allow-headers: X-Requested-With

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 139ms
59ms Stylesheet
text/css 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer: https://expresslogisticdelivery.online/
Origin: https://expresslogisticdelivery.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ES3B4KWSMZYHMCZY
age: 301728
alt-svc: h3=":443"; ma=86400
x-amz-id-2: NNeIRmx2mx2fGwabsglQNWfvShR/gh3/Zk8vg10CTsFcECe0BRueNEPYrB+FbIWLuGrEPNfPdHo=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfNpB9LdJvfyjmYPwEBSo710zj%2B8eF%2FUFHELM6A8ZlS4opO3e5fx0gUOqsKwHwDmLcKOMEJJgTVa%2BiRNTjGSjFUoN3MsGiNvTtN0mylgN882af0BrfdmfBq93R7%2BpUlWm9kTSwRacBm5Px0SkRG8f%2B3%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 8071d96e6ee94145-LHR

GET
H2 500 /
zn1gqrxzvrld7vjwm-upscx.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 0
0 124ms
44ms Script
text/html 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn1gqrxzvrld7vjwm-upscx.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_1GqrxzvRld7vjWm&Q_LOC=https%3A%2F%%20%20%20%202Fwww.ups.com%2Fus%2Fen%2FHome.page
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
85 KB 156ms
52ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-863311277&l=dataLayer&cx=c

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d202462fa181e9a83e72d37961ec6d7e4fe86dd12093df74e007597f5e4af66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86874
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 15 Sep 2023 15:19:40 GMT

GET
H2 200 s53446805633548 Show response
smetrics.ups.com/b/ss/upsprod/10/JS-2.22.4/ 4 KB
4 KB 155ms
70ms Script
application/x-javascript 63.140.62.214
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.ups.com/b/ss/upsprod/10/JS-2.22.4/s53446805633548?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=18%2F4%2F2023%2017%3A8%3A23%204%20-60&cid.&tealiumVisitorID.&id=01882f9d0d4100514541f183b0300506f002306700670&as=1&.tealiumVisitorID&.cid&d.&nsid=0&jsonv=1&.d&sdid=247372AEB916DEA1-186B76FFCA47972B&mid=80477850157020223832244980402018286968&aamlh=6&ce=UTF-8&ns=unitedparcelservice&cdp=2&g=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&c.&dom_referrer=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2Fglobal.page&.c&ch=home&c4=Home.page&c5=en&v6=17&v9=%23tabs_0_tabPane_0&c13=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&v14=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&c17=ups%7Cyoda%7Cprod%7Cut4.48.202305100307%7C-%7C-&v17=Track&c18=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&c19=17&v19=guest&c22=guest&c32=%23tabs_0_tabPane_0&c33=home&v37=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&v49=www.ups.com&v50=1684426001737&c51=www.ups.com&v51=01882f9d0d4100514541f183b0300506f002306700670&v55=ups.com&v61=Track&v62=UPS%20Shipping%20%26%20Logistics%20Solutions%20%7C%20Your%20Ultimate%20Home%20for%20Global%20Delivery%20Services%20%7C%20UPS%20-%20United%20States&v64=tab&v70=app_tsr%7C-%7C-&c72=Track&c73=Home.page&c74=large&v93=1684426001737_1684426103538&v171=en&v219=GPC%3A%20false&pe=lnk_o&pev2=Track&s=1024x600&c=24&j=1.6&v=N&k=Y&bw=1137&bh=518&mcorgid=036784BD57A8BB277F000101%40AdobeOrg&AQE=1

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

b92a7f28c84fc31b7c4a3c9bf60ef27a45a6daea9281bc8f7c9fc2852be0909f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-aam-tid: yK5fgmcGR5Q=
date: Fri, 15 Sep 2023 15:19:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 3646
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v050-0e03aa7e8.edge-irl1.demdex.com 6 ms
pragma: no-cache
last-modified: Sat, 16 Sep 2023 15:19:40 GMT
server: jag
etag: 3639536346567245824-4617941816593066748
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 14 Sep 2023 15:19:40 GMT

GET Roboto-Light.ttf
www.ups.com/assets/resources/webcontent/styles/fonts/ 0
0

GET Roboto-Regular.woff
www.ups.com/assets/resources/webcontent/styles/fonts/ 0
0

GET Roboto-Regular.woff2
www.ups.com/assets/resources/webcontent/styles/fonts/ 0
0

GET Roboto-Regular.ttf
www.ups.com/assets/resources/webcontent/styles/fonts/ 0
0

GET Roboto-Medium.woff
www.ups.com/assets/resources/webcontent/styles/fonts/ 0
0

GET Roboto-Medium.woff2
www.ups.com/assets/resources/webcontent/styles/fonts/ 0
0

GET Roboto-Medium.ttf
www.ups.com/assets/resources/webcontent/styles/fonts/ 0
0

GET Roboto-Bold.woff
www.ups.com/assets/resources/webcontent/styles/fonts/ 0
0

GET Roboto-Bold.woff2
www.ups.com/assets/resources/webcontent/styles/fonts/ 0
0

GET Roboto-Bold.ttf
www.ups.com/assets/resources/webcontent/styles/fonts/ 0
0

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/e50626d8/www-widgetapi.vflset/ 198 KB
62 KB 149ms
46ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e50626d8/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b60d31e87f46e64be5c43997e8deda163ff9934c5a21d4f24381ad534459ca78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 11 Sep 2023 22:05:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 321234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62719
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:19:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Sep 2024 22:05:46 GMT

GET
H2 200 DZlgJRFL.min.js Show response
scripts.demandbase.com/ 97 KB
27 KB 130ms
46ms Script
application/javascript 18.239.50.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/DZlgJRFL.min.js

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.50.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-50-124.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8e572717255297748a4ec49b10ed5c184a5b37f04c73e84b788444481e59bdc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id: mJOsChSbx1e4ZYqFU0EZPtNO5vGhQdBA
content-encoding: gzip
via: 1.1 8be4072f43c8c13d02688a798ea634a4.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 14:31:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P3
age: 2885
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 09 Aug 2023 20:48:06 GMT
server: AmazonS3
etag: W/"743ccfab8293ad5113a8bdc06cf518b9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: f_RGR2HeNSDPg96Qgng0_A4e8YOc_dFw299Cz0ezm_fsy9hFZuu3Mg==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 137ms
44ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Fri, 15 Sep 2023 02:39:17 GMT
Content-Encoding: gzip
Via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 45624
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 4WjZkr-Y5AZ1s-LtYrDjZjPvX2jnfZacwvs46Pkdo9BxXdkHfYcVlw==

GET
H2 200 286726385262010 Show response
connect.facebook.net/signals/config/ 300 KB
87 KB 243ms
151ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/286726385262010?v=2.9.104&r=stable

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

13b46473883bdb5fd13116df1840a2fd59e0c7683ea555b33531bc53c561b71b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 15 Sep 2023 15:19:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88005
x-xss-protection: 0
pragma: public
x-fb-debug: rBQKkpp5+67mND3Xu+GJ+qBUc6WW7F6Leqd8/0QFFil0DuIRTtT2NOx4aX4oKRr8xgl/YHxV7b6rDOSXhowx3A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 137ms
45ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 15 Sep 2023 15:19:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53155
x-xss-protection: 0
pragma: public
x-fb-debug: W+POhkno6HqJnfUgGc3l1AgNfUjrh5Js9gdoRnminP7ysgixAGWLQmbgBu4+acPAtZgfhFzoXb3UfXhSvn83Rg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
66 KB 232ms
129ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6451349

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b3d4202b01b50a7494c522588dfb0c1791e7096d0c1d500b5ad3ee1101e6943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67074
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Sep 2023 15:19:40 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 230ms
125ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aacede08eec2bdcf96fbd7e1d841798a95df694ae2a9975e151c4d4abde9c880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 15 Sep 2023 15:19:40 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/ups/yoda/prod/ 348 KB
85 KB 144ms
51ms Script
application/javascript 2600:9000:223e:e800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.js
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:e800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b9ea587533f998fecbe3a97db8d8bb2be60021c7ae1633efe5cc3691b27425c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id: JgiHzbn1bQZ_2b8bjEvINANZ4LbWq8LX
content-encoding: br
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 15:18:06 GMT
last-modified: Thu, 14 Sep 2023 05:12:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 113
x-amz-server-side-encryption: AES256
etag: W/"be48d8e3f2b5429e3e78899ed98eb958"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: DPpr9th5jKPqR36i7KMmTE6VCc6UcxFSSh860ABAahPYiroTQMofQA==

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/ups/yoda/prod/ 169 KB
51 KB 69ms
62ms Script
application/javascript 2600:9000:223e:e800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.sync.js
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:e800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b93d36bd3debd6e4848dbedc48b3b039700d920ffb7e2cdd9b19a8e5e0119eb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id: c7_ROw.petB5XHkwEaIIWVYz2.q8IAha
content-encoding: br
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 15:17:39 GMT
last-modified: Thu, 14 Sep 2023 05:12:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 153
x-amz-server-side-encryption: AES256
etag: W/"d1f935bd3f1659e557e43ccc70e5d07d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: MVuG47KWVQqh3S7qZmD3KT28OU9Dc5P_x_QWCsFYOu92heNYr4TKgg==

GET
H2 200 ups.vendor.161a0d161a0d.css
www.ups.com/assets/resources/webcontent/styles/ 108 KB
13 KB 237ms
125ms Stylesheet
text/css 2a02:26f0:3500:885::353a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ups.com/assets/resources/webcontent/styles/ups.vendor.161a0d161a0d.css

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:885::353a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

5b3e11b240f440e96161637812cba67f43632ed86ebe3d2308a7ee8e71fdf60b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1694791180691_388276617_1066983760_38_10494_49_50_255";dur=1
content-length: 12686
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 11 Sep 2023 22:53:29 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Fri, 15 Sep 2023 15:19:40 GMT

GET
H2 200 ups.styles.b112d13750ec.css
www.ups.com/assets/resources/webcontent/styles/ 272 KB
35 KB 178ms
66ms Stylesheet
text/css 2a02:26f0:3500:885::353a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ups.com/assets/resources/webcontent/styles/ups.styles.b112d13750ec.css

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:885::353a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

f451530350ec58738762de87c5b9e0b9b7c99f72f8d9baa4715dd386a8e94373

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1694791180753_388276617_1066983761_43_10400_49_0_255";dur=1
content-length: 35424
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 11 Sep 2023 04:28:36 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Fri, 15 Sep 2023 15:19:40 GMT

GET
H2 200 UPS_Smart_Banner.1.2.1.js Show response
www.ups.com/assets/resources/webcontent/scripts/ 514 B
652 B 177ms
66ms Script
application/javascript 2a02:26f0:3500:885::353a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ups.com/assets/resources/webcontent/scripts/UPS_Smart_Banner.1.2.1.js

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:885::353a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

18f66b7ccbef28fbffe4a0726a2336bd80e8e4ed6daf08784f77761d9b35bf1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1694791180753_388276617_1066983762_41_10319_49_0_219";dur=1
content-length: 222
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Tue, 12 Sep 2023 01:40:08 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Fri, 15 Sep 2023 15:19:40 GMT

GET
H2 200 utag.11.js Show response
tags.tiqcdn.com/utag/ups/yoda/prod/ 107 KB
34 KB 90ms
85ms Script
application/javascript 2600:9000:223e:e800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.11.js?utv=ut4.48.202303231153
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:e800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0774e016e92aa14ab1add775c1ad103b8e3fa6a73ad2b5c88a05a9f84d1ce8bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id: 2NZiRiw0EjAThk58E_E6KKmqM.q0v2Tp
content-encoding: br
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 15:19:41 GMT
last-modified: Thu, 14 Sep 2023 05:12:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
etag: W/"0ef778e53060155bce24de54f86c0eb4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: GKXE4yxIc3Wrzujed7yvHLlr4Vv66TDBB-RV2el1ADYJKeyvZL1P1g==

GET
H2 200 utag.12.js Show response
tags.tiqcdn.com/utag/ups/yoda/prod/ 12 KB
4 KB 108ms
102ms Script
application/javascript 2600:9000:223e:e800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.12.js?utv=ut4.48.202302161226
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:e800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af53949a1155bc09395045f8c4c04b54f8c3daad9067925c8293f06c08c10655

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id: MYAZiVjuMqfhLy2IWSEN0tfpp3ajuvSm
content-encoding: br
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 15:19:41 GMT
last-modified: Thu, 14 Sep 2023 05:12:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
etag: W/"c5979ceb1e5a4138af4b6579b9deb76e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: vA2oLdewXNej-WTl33_BkymTMiJNhcXUAFMgx7Tt3lBQcQQzX4eipQ==

GET
H2 200 utag.14.js Show response
tags.tiqcdn.com/utag/ups/yoda/prod/ 8 KB
3 KB 100ms
95ms Script
application/javascript 2600:9000:223e:e800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.14.js?utv=ut4.48.202303301115
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:e800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5be6ace24661bba23d780b702de4b60bf0b7bf6e350a48ccf080810c44b6c7f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id: VMSGaFgKw1fg_ONvqn6YjJGEC5rX9VTr
content-encoding: br
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 15:17:50 GMT
last-modified: Thu, 14 Sep 2023 05:12:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 111
x-amz-server-side-encryption: AES256
etag: W/"88dcc5b1a8e7a73e37df5512e1ac5e52"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Bw1UbymNtpar1bJwVBapveNrXMeF2PM6ism6n1_U3H9-YFEUnYyH0g==

GET
H2 200 utag.15.js Show response
tags.tiqcdn.com/utag/ups/yoda/prod/ 23 KB
7 KB 101ms
96ms Script
application/javascript 2600:9000:223e:e800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.15.js?utv=ut4.48.202207181153
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:e800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 98642960d68c574a229d85960f9eac637da89b07966f7ea001af7e2834f97c38

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id: T6DhZ6CTDfZA7CmHGKT59NTxwMpnO4Fj
content-encoding: br
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 15:14:57 GMT
last-modified: Thu, 14 Sep 2023 05:12:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 293
x-amz-server-side-encryption: AES256
etag: W/"410235da0c660152b5182faae6698836"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: gfbQGxJfrouVdSNORvFEukux5nVCTwTjb_Mb-tltN9m6NIYZ8-l_Dw==

GET
H2 200 utag.19.js Show response
tags.tiqcdn.com/utag/ups/yoda/prod/ 3 KB
2 KB 102ms
97ms Script
application/javascript 2600:9000:223e:e800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.19.js?utv=ut4.48.202108101731
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:e800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a92e4cb228571c0669873950953ca5ffe863b53d98fc5de2902f2d7b33e1d23

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id: lihZyITa_7qRKFT9WLVMYDWjHVIeUhJJ
content-encoding: br
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 15:14:57 GMT
last-modified: Thu, 14 Sep 2023 05:12:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 293
x-amz-server-side-encryption: AES256
etag: W/"73bf2a7e7253d3362924fdda90fd69c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: c8YgmMGw4jMCmO4uPopdqNSURuY0LZjjSbRJdiXQhXdX7pnchuDIbw==

GET
H2 200 utag.21.js Show response
tags.tiqcdn.com/utag/ups/yoda/prod/ 2 KB
2 KB 103ms
98ms Script
application/javascript 2600:9000:223e:e800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.21.js?utv=ut4.48.202108101731
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:e800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f15b621bc234dd04b570f127a7d1e2f5ceb00129f5703421b94c9ed505a2c10e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id: 2hHw8kL._CO1wlpKALjQY5xY0.01PX31
content-encoding: br
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 15:15:21 GMT
last-modified: Thu, 14 Sep 2023 05:12:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 263
x-amz-server-side-encryption: AES256
etag: W/"3f994040822333f67d2c65c330e38291"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: tmTysbkpNjMsxH3FAzoi5JuU2zNs7QsFGkb2jELD8YrJKtijd_YDKw==

GET
H2 200 utag.22.js Show response
tags.tiqcdn.com/utag/ups/yoda/prod/ 2 KB
1 KB 102ms
97ms Script
application/javascript 2600:9000:223e:e800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.22.js?utv=ut4.48.202210131118
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:e800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ecd7230997a208b445edb48e9ecaceaf29ff577e9c588ffede355305372c2f23

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id: u12kf_FyDhrYXIhQ1Tmj3tywUCk931J9
content-encoding: br
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 15:17:55 GMT
last-modified: Thu, 14 Sep 2023 05:12:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 106
x-amz-server-side-encryption: AES256
etag: W/"c5f6efb0a0c4710d65317ed87b719bae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: C8BM_oJCHdDPhJHMuftCjjFX4EUi2nPeZE0G3fT4lvjNtQWs7au-Aw==

GET
H2 200 utag.36.js Show response
tags.tiqcdn.com/utag/ups/yoda/prod/ 18 KB
6 KB 106ms
101ms Script
application/javascript 2600:9000:223e:e800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.36.js?utv=ut4.48.202205261106
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:e800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d390471147a4364808896692b6377a3f307918037f827daf0d6aedc2d221dd0a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id: WoATVwp3Yu7OosiL0GCBJJE.qeatSSpo
content-encoding: br
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 15:18:50 GMT
last-modified: Thu, 14 Sep 2023 05:12:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 52
x-amz-server-side-encryption: AES256
etag: W/"e607618b60a1e6a8eff006a0adb2b058"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: qyKM9tL302U4jgdww97-mDdPZT6MnVbQuKnL5ZRFJDTU3lBsWnswiQ==

GET
H2 200 01882f9d0d4100514541f183b0300506f002306700670 Show response
visitor-service-eu-central-1.tealiumiq.com/ups/yoda/ 2 B
213 B 154ms
44ms Script
application/json 18.158.81.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-eu-central-1.tealiumiq.com/ups/yoda/01882f9d0d4100514541f183b0300506f002306700670?callback=utag.ut%5B%22writevayoda%22%5D&rnd=1684426103916

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.158.81.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-81-252.eu-central-1.compute.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-version: 8e95aa14cbcb6e769ac35b73a85f42752b628529-SNAPSHOT
date: Fri, 15 Sep 2023 15:19:40 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: eu-central-1
content-length: 2
x-nodeid: i-027ca00db99946602
content-type: application/json;charset=utf-8

GET
H2 200 01882f9d0d4100514541f183b0300506f002306700670 Show response
visitor-service-eu-central-1.tealiumiq.com/ups/yoda/ 2 B
212 B 154ms
44ms Script
application/json 18.158.81.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-eu-central-1.tealiumiq.com/ups/yoda/01882f9d0d4100514541f183b0300506f002306700670?callback=utag.ut%5B%22writevayoda%22%5D&rnd=1684426104121

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.158.81.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-81-252.eu-central-1.compute.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-version: 8e95aa14cbcb6e769ac35b73a85f42752b628529-SNAPSHOT
date: Fri, 15 Sep 2023 15:19:40 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: eu-central-1
content-length: 2
x-nodeid: i-05d91806e15b48e7f
content-type: application/json;charset=utf-8

GET
H2 200 10.ff5c35506eb6156df16c.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 64 KB
20 KB 103ms
98ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/10.ff5c35506eb6156df16c.chunk.js?Q_CLIENTVERSION=1.91.0&Q_CLIENTTYPE=web&Q_BRANDID=www.ups.com

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f33f4452c207172ffbf94d57edf631a8a29deaeed7934869204a066d8ff2f53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 140227
cf-polished: origSize=66398
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 08 May 2023 22:42:37 GMT
cf-bgj: minify
server: cloudflare
etag: W/"1035e-187fd87ef48"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8071d96efa3535fb-MAN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 5.38c3d23ae44011b71597.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
1 KB 83ms
79ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/5.38c3d23ae44011b71597.chunk.js?Q_CLIENTVERSION=1.91.0&Q_CLIENTTYPE=web&Q_BRANDID=upscx

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d07bc02d4a4a9fdc299caf0e23c71844fbcfbc8981fbc97b31d4362910299307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 26067
cf-polished: origSize=2522
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 08 May 2023 22:42:37 GMT
cf-bgj: minify
server: cloudflare
etag: W/"9da-187fd87ef48"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8071d96efa2f35fb-MAN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.ecb6e5626e4e126a641d.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 91ms
87ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.ecb6e5626e4e126a641d.chunk.js?Q_CLIENTVERSION=1.91.0&Q_CLIENTTYPE=web&Q_BRANDID=upscx

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53e7181dbff28237aa2e8949532257c029ade2874f141d16d3f5709ce376059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 26067
cf-polished: origSize=29372
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 08 May 2023 22:42:37 GMT
cf-bgj: minify
server: cloudflare
etag: W/"72bc-187fd87ef48"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8071d96efa3335fb-MAN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 trtCMc5CJO Show response
code.jivosite.com/widget/ 17 KB
6 KB 154ms
46ms Script
application/javascript 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/widget/trtCMc5CJO
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 9594f58594d09951bd8004ff33e7c724c40fae49ccd3cc14cfa6ba3cc8ac8b4c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:40 GMT
content-encoding: br
via: 1.1 sharxy
x-cached-since: 2023-09-15T15:19:40+00:00
x-geo-shard: ya
content-length: 5914
x-node: am3-up-gc95
last-modified: Mon, 11 Sep 2023 10:08:17 GMT
server: nginx
etag: "64fee711-171a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cache: HIT
accept-ranges: bytes
expires: Fri, 15 Sep 2023 17:19:40 GMT

GET
H/1.1 200
OK logo.png
expresslogisticdelivery.online/ 68 KB
68 KB 500ms
170ms Image
image/png 131.153.147.42
SS-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expresslogisticdelivery.online/logo.png
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.147.42 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS: wghp2.wghservers.com
Software: Apache /
Resource Hash: 0548b0e20c18314ca306078f3575702788586b5f186cc40b1aaee8874956d89a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Fri, 15 Sep 2023 15:19:41 GMT
Last-Modified: Thu, 02 Feb 2023 02:07:50 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 69848

GET
H/1.1 404
Not Found icp.gif
expresslogisticdelivery.online/img/ 315 B
315 B 181ms
170ms Image
text/html 131.153.147.42
SS-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expresslogisticdelivery.online/img/icp.gif
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.147.42 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS: wghp2.wghservers.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Fri, 15 Sep 2023 15:19:41 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 403 r80dkxphnw1kax8f6pqflisbkzhffliv.js
code.tidio.co/ 0
0 138ms
73ms Script
text/html 104.26.9.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.tidio.co/r80dkxphnw1kax8f6pqflisbkzhffliv.js
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:41 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BxsepljhyMVdr0DZAGPT81AmEaQBhQtBRdgVzPQkl0Nnhlp%2B1E%2FojplcYfGLYG0WfFmRUEMTDMGTCzWt6vxNhhJm77mxF2qyd0ymFr9LI03%2Boa1UtfFyBIcX6wFJyY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 8071d9716fa8b2ed-MAN

GET
H2 200 telegram-512.png
cdn3.iconfinder.com/data/icons/popular-services-brands-vol-2/512/ 10 KB
10 KB 137ms
60ms Image
image/webp 2606:4700:3108::ac42:2ad3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.iconfinder.com/data/icons/popular-services-brands-vol-2/512/telegram-512.png

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

772e8e7e097a157acf064e1ef936983e241061e91d2f55ac43d4cbcc179397a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:41 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 253565
cf-polished: origFmt=png, origSize=18633
content-disposition: inline; filename="telegram-512.webp"
alt-svc: h3=":443"; ma=86400
content-length: 9812
x-request-id: 3ae66000-82db-41d8-ba95-b3f2e31701d7
cf-bgj: imgq:100,h2pri
last-modified: Wed, 06 Sep 2023 21:07:17 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VRdSbf7N9cobys8XMNsiWzLnQ1hHHU736BWTMN1SG5o9%2BcMJZWlgsoJdfmxC%2BN6y3AnB48XAzMRGTrNA8X9CouzpzS3Rm4PIVy64KhVzZGORP8RoZWydpgjLkqoX70yQIi0E50VjqExtbdNCdA2SOw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8071d9717ecc7779-LHR
expires: Sat, 14 Sep 2024 15:19:41 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 85 KB
30 KB 168ms
70ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fca0501546a4848b0f47c79cbe855cf33daa523d86be824258051c56d91fea31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inqChatLaunch10005649.js Show response
ups.inq.com/chatskins/launch/ 5 KB
2 KB 451ms
159ms Script
application/javascript 52.189.67.17
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.inq.com/chatskins/launch/inqChatLaunch10005649.js

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.189.67.17 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Nuance Server /

Resource Hash

4f76ca22e59064d77fe48f2d09e53e8b66117476f1408552fcb3141f82f88c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:41 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 07 Sep 2023 06:05:34 GMT
server: Nuance Server
content-encoding: gzip
etag: W/"5079-1694066734069"
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 ups.vendor.cf1e21.js Show response
www.ups.com/assets/resources/webcontent/scripts/vendor/ 167 KB
45 KB 107ms
104ms Script
application/javascript 2a02:26f0:3500:885::353a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ups.com/assets/resources/webcontent/scripts/vendor/ups.vendor.cf1e21.js

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:885::353a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

1bcc189b988d0422a192ac53940c869e860721a884854f370b7743ea602a7e80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1694791180970_388276617_1066984588_212_10452_46_0_182";dur=1
content-length: 46029
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Thu, 07 Sep 2023 01:18:00 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Fri, 15 Sep 2023 15:19:40 GMT

GET
H2 200 ups.scripts.933434.js Show response
www.ups.com/assets/resources/webcontent/scripts/ 83 KB
20 KB 144ms
141ms Script
application/javascript 2a02:26f0:3500:885::353a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ups.com/assets/resources/webcontent/scripts/ups.scripts.933434.js

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:885::353a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

015ae1c2d4e6330d7679343c2328009caf737690c342245505a0345500a55272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=8, origin; dur=0, ak_p; desc="1694791180977_388276617_1066984589_2307_9545_46_0_182";dur=1
content-length: 19641
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Tue, 12 Sep 2023 04:29:25 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Fri, 15 Sep 2023 15:19:40 GMT

GET
H2 200 3J2JveSw Show response
www.ups.com/QVoXkmk2iU33X/o508/C25GWZoo5c/iJicVz9uk7Q9m3/Kg4Rdw/NzF/ 211 KB
80 KB 65ms
62ms Script
application/javascript 2a02:26f0:3500:885::353a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ups.com/QVoXkmk2iU33X/o508/C25GWZoo5c/iJicVz9uk7Q9m3/Kg4Rdw/NzF/3J2JveSw

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:885::353a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2833f710d3165e43ad163dd70a1911fb6125c3a2643a7d2ea75430ae575d8546

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Wed, 02 Aug 2023 16:14:22 GMT
etag: "22c0d111c53b2ea939716069200f6c1546ba70e5050e31c71e1ef3d46f41daef"
stored-attribute-sha-checksum: 2833f710d3165e43ad163dd70a1911fb6125c3a2643a7d2ea75430ae575d8546
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1694791180969_388276617_1066984590_29_6329_46_0_182";dur=1
content-length: 80521
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 chatLoader.min.js Show response
media-us1.digital.nuance.com/media/launch/ 22 KB
7 KB 113ms
42ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1683177521520

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a5c0d1c704db9fdc2d1647276dd467f8b502465006843d65dcf3ee077637cae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:41 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 07 Sep 2023 03:03:00 GMT
content-encoding: gzip
etag: W/"22376-1694055780000"
vary: accept-encoding
x-azure-ref: 20230915T151941Z-v1fk4bwqe15kp5gca0rvsgc4tn000000029g0000000120ru
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=3600
x-xss-protection: 1; mode=block
expires: Thu, 14 Sep 2023 17:48:14 GMT

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 117ms
42ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
32 KB 60ms
57ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.91.0&Q_CLIENTTYPE=web&Q_BRANDID=upscx

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80612033ea475d4cebf196357cc1f0b9eec98c0cfcaff55531acacd5bf3a459a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3292
cf-polished: origSize=104979
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 08 May 2023 22:42:37 GMT
cf-bgj: minify
server: cloudflare
etag: W/"19a13-187fd87ef48"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8071d9710e6d35fb-MAN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 FeedbackButtonModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 63 KB
23 KB 57ms
55ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.91.0&Q_CLIENTTYPE=web&%20%20%20%20%20%20%20%20%20%20Q_BRANDID=upscx

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b24c5b325810b01a60487c8a42151b8f6ac44d1173722ec526c54fe7c4b7c762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 26067
cf-polished: origSize=65177
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 08 May 2023 22:42:37 GMT
cf-bgj: minify
server: cloudflare
etag: W/"fe99-187fd87ef48"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8071d9710e7235fb-MAN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 256 B
578 B 49ms
49ms Image
image/png 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Thu, 23 Oct 2031 07:06:15 GMT
date: Fri, 15 Sep 2023 15:19:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9327615
cf-polished: origSize=757
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-envoy-upstream-service-time: 8
content-length: 256
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Sep 2021 19:50:52 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 8071d9715f1a35fb-MAN
trace-id: ce3d8fc557813dd5
servershortname

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/afd1b6e5/www-widgetapi.vflset/ 209 KB
65 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/afd1b6e5/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

200d2ad791858632f23e69eb768c5dd5bb8686158b5350c21f6237fc295b73ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65996
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 20:30:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 14 Sep 2024 15:09:04 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 4 KB
2 KB 176ms
46ms XHR
application/json 99.80.170.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=036784BD57A8BB277F000101%40AdobeOrg&d_nsid=0&ts=1694791181387

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.sync.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.170.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-170-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

196cb1ebc67c4f33a694c1743aa576f5fc13a3ad26415bf0d4c78e24699207cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://expresslogisticdelivery.online/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v050-09fd9db29.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 5fj9TvGwQ/s=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://expresslogisticdelivery.online
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1295
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 sync Show response
s.company-target.com/s/ Frame FCB0 634 B
977 B 189ms
111ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/DZlgJRFL.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 04135ef84d6560261e74329eaf5659ad74a463a47bbe1117e1d82541818732f3

Request headers

Referer: https://expresslogisticdelivery.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Fri, 15 Sep 2023 15:19:41 GMT
via: 1.1 google

GET
H/1.1 200
OK location.js Show response
akamai.tiqcdn.com/location/ 18 B
564 B 198ms
96ms XHR
application/x-javascript 104.64.124.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.tiqcdn.com/location/location.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.64.124.239 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-124-239.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Fri, 15 Sep 2023 15:19:41 GMT
Last-Modified: Mon, 30 Apr 2018 23:09:19 GMT
Server: AkamaiNetStorage
ETag: "6c98be5fda77913799e8ef24b86a7abd:1525129759"
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-EdgeScape-Location
Cache-Control: max-age=1296000
X-EdgeScape-Location: country_code=GB,region_code=EN,city=MANCHESTER,areacode=0,zip=0,bandwidth=5000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18
Expires: Sat, 30 Sep 2023 15:19:41 GMT

GET
H2 200 script.js Show response
aap-p.ups.com/ 142 KB
44 KB 161ms
51ms Script
text/javascript 2600:9000:2490:7e00:3:3268:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aap-p.ups.com/script.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:7e00:3:3268:b180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

42d7b7c8cf3e49c9c2a8b76e8e14148bb373a3c4fcdcefc931b52cb19172d123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P6
age: 409
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 44298
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Sep 2023 15:10:27 GMT
server: -
etag: 84e8542d2172bd5ee24e08ec018d168a
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: kn_R8zGaKTmEIYR25uPYLy2uEH96eppqiCBwjYduFNLX52qycehC-g==
expires: Fri, 15 Sep 2023 15:22:52 GMT

GET
H2 200 TADEN-6MDCS-UHH5M-YHPKQ-2GBH3 Show response
s.go-mpulse.net/boomerang/ Frame C36B 209 KB
51 KB 149ms
48ms Script
application/javascript 2a02:26f0:3100:789::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/TADEN-6MDCS-UHH5M-YHPKQ-2GBH3
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3100:789::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4e973e1b8e6b798931086cf372b83e40c417e33c0922087dad0eb2f89fa891ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:41 GMT
content-encoding: br
last-modified: Thu, 10 Aug 2023 02:22:03 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
x-n: S
timing-allow-origin: *
content-length: 52061

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 4 KB
2 KB 188ms
91ms XHR
application/json 18.66.97.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fexpresslogisticdelivery.online%2F&page_title=Express%20Shipping%20%26%20Logistics%20Solutions%20%7C%20Your%20Ultimate%20Home%20for%20Global%20Delivery%20Services%20-%20United%20States
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/DZlgJRFL.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-57.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 5d8ef46ec20dc86c782ae49b982bb27bfceac74bd7d7353312aba61cc1d85fe9

Request headers

Referer: https://expresslogisticdelivery.online/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 15:19:41 GMT
identification-source: CACHE
content-encoding: gzip
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
request-id: 9a11a60f-421e-4bc4-a67d-4eaf9c4299b4
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://expresslogisticdelivery.online
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: t3wo8ImfnU9-SltOxoExYLoCcxsjoItg1Zo_fFjJfoOWABBz9632zQ==
expires: Thu, 14 Sep 2023 15:19:41 GMT

GET
H2 200 InqFramework.js
media-us1.digital.nuance.com/media/launch/ci/ 0
224 KB 201ms
197ms Other
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/ci/InqFramework.js?codeVersion=1683177521520

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:41 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 07 Sep 2023 03:03:00 GMT
content-encoding: gzip
etag: W/"1241990-1694055780000"
vary: accept-encoding
x-azure-ref: 20230915T151941Z-v1fk4bwqe15kp5gca0rvsgc4tn000000029g0000000120w2
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=3600
x-xss-protection: 1; mode=block
expires: Thu, 14 Sep 2023 17:48:39 GMT

GET
H2 200 pre-acif.js
ups.inq.com/tagserver/acif/ 0
594 B 154ms
151ms Other
application/javascript 52.189.67.17
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.inq.com/tagserver/acif/pre-acif.js

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.189.67.17 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Nuance Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:41 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 02 Sep 2023 05:49:26 GMT
server: Nuance Server
etag: W/"195-1693633766000"
p3p: policyref="http://ups.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND PHY DEM ONL STA NAV UNI LOC COM CNT"
content-type: application/javascript;charset=UTF-8
cache-control: max-age=3600
accept-ranges: bytes
content-length: 195
x-xss-protection: 1; mode=block

GET
H2 200 acif.js
media-us1.digital.nuance.com/media/launch/acif/ 0
112 KB 200ms
197ms Other
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/acif/acif.js

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:41 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 30 Aug 2023 20:25:58 GMT
content-encoding: gzip
etag: W/"383831-1693427158000"
vary: accept-encoding
x-azure-ref: 20230915T151941Z-v1fk4bwqe15kp5gca0rvsgc4tn000000029g0000000120w3
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=3600
x-xss-protection: 1; mode=block
expires: Thu, 14 Sep 2023 17:48:35 GMT

GET
H2 200 acif-configs.js
media-us1.digital.nuance.com/media/sites/10005649/assets/automatons/ 0
9 KB 200ms
197ms Other
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/sites/10005649/assets/automatons/acif-configs.js

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:41 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 13 Jul 2023 19:20:19 GMT
content-encoding: gzip
etag: W/"76533-1689276019361"
vary: accept-encoding
x-azure-ref: 20230915T151941Z-v1fk4bwqe15kp5gca0rvsgc4tn000000029g0000000120w4
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=3600
x-xss-protection: 1; mode=block
expires: Thu, 14 Sep 2023 17:48:35 GMT

GET
H2 200 trtCMc5CJO Show response
code.jivosite.com/script/widget/config/ 3 KB
1 KB 140ms
48ms XHR
application/x-javascript 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/script/widget/config/trtCMc5CJO
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/widget/trtCMc5CJO
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 1ab00a593e6ca2e74aa1ff7d2e13c8737df3225df541c517f64638a81bddd3f8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:41 GMT
content-encoding: gzip
via: 1.1 sharxy
server: nginx
vary: Accept-Encoding
x-cached-since: 2023-09-15T15:19:41+00:00
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=7200
cache: HIT
accept-ranges: bytes
x-geo-shard: ya
content-length: 1178
x-node: am3-up-gc94
expires: Fri, 15 Sep 2023 17:19:41 GMT

GET
DATA 200
OK truncated
/ 476 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bee6952e3c65ca306993ac329e88cd15ae16205a3562085177910f666820232

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type: image/svg+xml

GET
H2 200 social-icons-2022.png
www.ups.com/assets/resources/webcontent/images/ 1022 B
1 KB 236ms
235ms Image
image/webp 2a02:26f0:3500:885::353a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ups.com/assets/resources/webcontent/images/social-icons-2022.png

Requested by

Host: www.ups.com
URL: https://www.ups.com/assets/resources/webcontent/styles/ups.styles.b112d13750ec.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:885::353a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

75f7045d88bbed2a8641c5520581bdba49263a5e1fd5608c0199f61c447a965d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ups.com/assets/resources/webcontent/styles/ups.styles.b112d13750ec.css
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:41 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 09:22:23 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=43200
server-timing: cdn-cache; desc=HIT, edge; dur=38, ak_p; desc="1694791181605_388276617_1066987091_13314_12046_45_0_146";dur=1
content-length: 1022
x-xss-protection: 1; mode=block
expires: Sat, 16 Sep 2023 03:19:41 GMT

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65256e1e0467ba0e94c23dbaccb2493162f7d17e4737f08d25628dcaa8197dd5

Request headers

Referer
Origin: https://expresslogisticdelivery.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 2cb3e62148b528138a35061500162dee.woff
db.onlinewebfonts.com/t/ 13 KB
13 KB 564ms
188ms Font
application/x-font-woff 15.204.22.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://db.onlinewebfonts.com/t/2cb3e62148b528138a35061500162dee.woff
Requested by: Host: db.onlinewebfonts.com
URL: https://db.onlinewebfonts.com/c/2cb3e62148b528138a35061500162dee?family=Nasalization
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.204.22.185 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: ip185.ip-15-204-22.us
Software: nginx /
Resource Hash: 50e1e74372cffb578cde95d6f6227921496817e98574f347e15c43241d37fc8e

Request headers

Referer: https://db.onlinewebfonts.com/c/2cb3e62148b528138a35061500162dee?family=Nasalization
Origin: https://expresslogisticdelivery.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:18:51 GMT
server: nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/x-font-woff
access-control-allow-origin: *
nginx-cache: HIT
cache-control: public,max-age=86400,must-revalidate
access-control-allow-headers: X-Requested-With
content-length: 13480

GET
H/1.1 200
OK images7.jpg
expresslogisticdelivery.online/ 86 KB
87 KB 197ms
197ms Image
image/jpeg 131.153.147.42
SS-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expresslogisticdelivery.online/images7.jpg
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.147.42 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS: wghp2.wghservers.com
Software: Apache /
Resource Hash: cf44fb68aeae82d1349f798f1518236d850f11af8c5c7f668c9df462382d5ee8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Fri, 15 Sep 2023 15:19:41 GMT
Last-Modified: Thu, 02 Feb 2023 00:55:38 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 88570

GET
H/1.1 200
OK images8.jpg
expresslogisticdelivery.online/ 95 KB
95 KB 197ms
196ms Image
image/jpeg 131.153.147.42
SS-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expresslogisticdelivery.online/images8.jpg
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.147.42 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS: wghp2.wghservers.com
Software: Apache /
Resource Hash: 7d5f26539390047033dd657d54989a06f27bb35f4d9f5f7d17b126c87840a513

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Fri, 15 Sep 2023 15:19:41 GMT
Last-Modified: Thu, 02 Feb 2023 00:55:38 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 97385

GET
H/1.1 200
OK images10.jpg
expresslogisticdelivery.online/ 161 KB
161 KB 196ms
196ms Image
image/jpeg 131.153.147.42
SS-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expresslogisticdelivery.online/images10.jpg
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.147.42 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS: wghp2.wghservers.com
Software: Apache /
Resource Hash: 7d894dc089864ff3fa46e9dffa5e2260fe4f6b1384aab9c5822e807f072191a5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Fri, 15 Sep 2023 15:19:41 GMT
Last-Modified: Thu, 02 Feb 2023 00:55:37 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 164946

GET
H/1.1 200
OK images5.jpg
expresslogisticdelivery.online/ 92 KB
92 KB 196ms
195ms Image
image/jpeg 131.153.147.42
SS-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expresslogisticdelivery.online/images5.jpg
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.147.42 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS: wghp2.wghservers.com
Software: Apache /
Resource Hash: c989d9323bb49053bd329f56634bd5715df7924a5ffad4eed729837228bd3ac4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Fri, 15 Sep 2023 15:19:41 GMT
Last-Modified: Thu, 02 Feb 2023 00:55:37 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 94213

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/ 22 KB
5 KB 187ms
74ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_GB.i9ZNRm2Z950.O/d=1/rs=AN8SPfr0gAhi21i2OcJAFWwTWTk8rY_YDQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 13:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 13:00:00 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.i9ZNRm2Z950.O/d=1/exm=el_conf/ed=1/rs=AN8SPfr0gAhi21i2OcJAFWwTWTk8rY_YDQ/ 216 KB
76 KB 188ms
75ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.i9ZNRm2Z950.O/d=1/exm=el_conf/ed=1/rs=AN8SPfr0gAhi21i2OcJAFWwTWTk8rY_YDQ/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_GB.i9ZNRm2Z950.O/d=1/rs=AN8SPfr0gAhi21i2OcJAFWwTWTk8rY_YDQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f057f2ea50996360cb788c5fc87da25674f5a3b48dc1d549440ae68817597415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 11 Sep 2023 15:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77700
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 15:12:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Sep 2024 15:06:25 GMT

GET
H2 200 1ha2ld6jg Show response
embed.tawk.to/64ff518db1aaa13b7a764253/ 2 KB
923 B 558ms
488ms Script
application/x-javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/64ff518db1aaa13b7a764253/1ha2ld6jg

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e5f725ac49435b434497bfd28f94bbc7ea7e526e21a6b7a6a72e889c716e900

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://expresslogisticdelivery.online/
Origin: https://expresslogisticdelivery.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:42 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
etag: W/"stable-v4-65040be8d34"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 8071d975585123ad-LHR
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK dest5.html Show response
ups.demdex.net/ Frame 2580 7 KB
3 KB 218ms
45ms Document
text/html 34.248.15.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.sync.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.15.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-15-130.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://expresslogisticdelivery.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v050-096fd6b03.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Wy79WjlpTiE=
content-encoding: gzip
date: Fri, 15 Sep 2023 15:19:41 GMT
last-modified: Wed, 28 Jun 2023 12:57:16 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZQR2DQAAAEel7gNe
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=86420127051692298840012751909852690323
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZQR2DQAAAEel7gNe

42 B
942 B

49ms
49ms

Image
image/gif

99.80.170.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZQR2DQAAAEel7gNe

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

HTTP/1.1

Server

99.80.170.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-170-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

DCS: dcs-prod-irl1-1-v050-093c44046.edge-irl1.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: VLhyk+zTQT8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZQR2DQAAAEel7gNe
Date: Fri, 15 Sep 2023 15:19:41 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 200
OK dest5.html Show response
ups.demdex.net/ Frame 89D5 7 KB
3 KB 205ms
46ms Document
text/html 34.248.15.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.demdex.net/dest5.html?d_nsid=0

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.15.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-15-130.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://expresslogisticdelivery.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v050-03af3081a.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 31wJKifIQqA=
content-encoding: gzip
date: Fri, 15 Sep 2023 15:19:41 GMT
last-modified: Wed, 28 Jun 2023 12:58:14 GMT
vary: accept-encoding

GET
H/1.1 404
Not Found get_params Show response
expresslogisticdelivery.online/_bm/ 315 B
515 B 170ms
170ms XHR
text/html 131.153.147.42
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://expresslogisticdelivery.online/_bm/get_params?type=get-akid
Requested by: Host: www.ups.com
URL: https://www.ups.com/QVoXkmk2iU33X/o508/C25GWZoo5c/iJicVz9uk7Q9m3/Kg4Rdw/NzF/3J2JveSw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.147.42 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS: wghp2.wghservers.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Fri, 15 Sep 2023 15:19:41 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

POST 3J2JveSw
www.ups.com/QVoXkmk2iU33X/o508/C25GWZoo5c/iJicVz9uk7Q9m3/Kg4Rdw/NzF/ 0
0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame FCB0
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1710515981&external_user_id=7c83caaf-8077-4271-ac1f-24a3af966d77
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1710515981&external_user_id=7c83caaf-8077-4271-ac1f-24a3af966d77&C=1

43 B
342 B

65ms
58ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1710515981&external_user_id=7c83caaf-8077-4271-ac1f-24a3af966d77&C=1
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:19:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmXFkyt7QXLLIJyUNg9VMINU2o6Ckb9RMJ8%2B%2FWvrFsLi%2BzWywo%2BEj9lG0fN0ICIaYhOu8rtIW6JA%2BtcvXfbPfw3uf8sOJjG9sxQzLkMD5k0EV%2FCXMSEECmO195jF1mC4c0fIh7thWl0Zwg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8071d976c9db3622-MAN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:19:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgDlTZOs2RNZT5HKFKvSVR%2B%2B7OnFJevdV7V%2FBJ9XS7Rb42a13Cqx5rHcConugjVvbSdr8W1dTEA7e6MIaQu86Oozz%2BsDaFngAsUddTYYAPRmqYSl8pMFkQRecN9%2FimiAr4wZb%2FOX%2ByMDhg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=18&expiry=1710515981&external_user_id=7c83caaf-8077-4271-ac1f-24a3af966d77&C=1
cache-control: no-cache
cf-ray: 8071d97628b93622-MAN
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame FCB0 43 B
392 B 336ms
105ms Image
image/gif 2600:1f18:612b:4264:68e0:e587:d65a:6262
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIDM=7c83caaf-8077-4271-ac1f-24a3af966d77
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:68e0:e587:d65a:6262 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 15 Sep 2023 15:19:41 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame FCB0 0
239 B 204ms
47ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?nid=5578&put=7c83caaf-8077-4271-ac1f-24a3af966d77&v=1181926
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK trtCMc5CJO Show response
node-ya-6.jivosite.com/widget/status/2304583/ 213 B
776 B 360ms
226ms XHR
application/json 57.128.74.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://node-ya-6.jivosite.com/widget/status/2304583/trtCMc5CJO?rnd=0.9557781290237966

Requested by

Host: code.jivosite.com
URL: https://code.jivosite.com/widget/trtCMc5CJO

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

57.128.74.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3227025.ip-57-128-74.eu

Software

nginx /

Resource Hash

e29f190bafe0cc5041f307ce00d885f6cb7762e9e818976114c23a3a068e7e1d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma: no-cache
Date: Fri, 15 Sep 2023 15:19:42 GMT
Content-Security-Policy: frame-ancestors 'none';
Server: nginx
X-Botmode: no
X-Geoip: GB;ENG;Stretford (Trafford Park)
X-Frame-Options: DENY
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://expresslogisticdelivery.online
Access-Control-Expose-Headers: X-Geoip, X-Botmode
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Max-Age: 1728000
Content-Length: 213

GET
H2 200 nuance-chat.html
www.ups.com/nuance/ Frame 671D 0
0 443ms
442ms Document
text/html 2a02:26f0:3500:885::353a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ups.com/nuance/nuance-chat.html?IFRAME&nuance-frame-ac=0

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:885::353a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://expresslogisticdelivery.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-store, no-cache
content-encoding: gzip
content-length: 1712
content-type: text/html
date: Fri, 15 Sep 2023 15:19:42 GMT
link: <https://www.ups.com/assets/resources/styles/fonts/Roboto-Regular.woff>;rel="preload";as="font";type="font/woff";crossorigin
pragma: no-cache
referrer-policy: same-origin
server: Apache
server-timing: ak_p; desc="1694791181716_388276617_1066987544_40763_9757_48_0_255";dur=1
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-akam-sw-version: 0.5.0
x-akamai-transformed: 9 236 0 pmb=mNONE,1mTOE,1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 sync Show response
s.company-target.com/s/ Frame 48E1 74 B
311 B 111ms
110ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash: f5fc14181849cb5f911a632a9663dd875bd7fa4a0565d05a17d8185cf643853c

Request headers

Referer: https://expresslogisticdelivery.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74
content-type: text/html; charset=UTF-8
date: Fri, 15 Sep 2023 15:19:41 GMT
via: 1.1 google

GET
H2 200 activityi;src=6451349;type=sitev;cat=upsal0;ord=5287103999035;gtm=4%20%20%20%20%20%20%20%20%20%205fe35h0;auiddc=539378998.1684426025;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page Show response
6451349.fls.doubleclick.net/ Frame 70F6 504 B
784 B 218ms
84ms Document
text/html 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6451349.fls.doubleclick.net/activityi;src=6451349;type=sitev;cat=upsal0;ord=5287103999035;gtm=4%20%20%20%20%20%20%20%20%20%205fe35h0;auiddc=539378998.1684426025;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page?

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

a8e38cd0d4e81de926333bf0bbb674e272a142c3c822266590c38509fef13186

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://expresslogisticdelivery.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 257
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 15:19:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 73A3
Redirect Chain

https://insight.adsrvr.org/track/up?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&upid=3xdvk81&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&upid=3xdvk81&upv=1.1.0

0
181 B

45ms
44ms

Document
text/html

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&upid=3xdvk81&upv=1.1.0
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://expresslogisticdelivery.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Fri, 15 Sep 2023 15:19:41 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Fri, 15 Sep 2023 15:19:41 GMT
location: https://match.adsrvr.org/track/upb/?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&upid=3xdvk81&upv=1.1.0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 451 464526.gif
id.rlcdn.com/ 0
42 B 72ms
62ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
419 B 598ms
481ms XHR
text/html 2600:9000:2247:e000:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=t3wo8ImfnU9-SltOxoExYLoCcxsjoItg1Zo_fFjJfoOWABBz9632zQ==&api-version=v2
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/DZlgJRFL.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2247:e000:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Fri, 15 Sep 2023 07:42:40 GMT
via: 1.1 e358da22fa4c7897bb31c3c67470d266.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P2
age: 27425
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: xkyI9QfF8zpk_c2eE6atNwCoMU2K4SPVHKAKaCmm8dmMW8YxuUYPAA==

POST 829
ups.blueconic.net/DG/DEFAULT/rest/rpc/ 0
0

GET
H2 200 chatLoader.min.js Show response
media-us1.digital.nuance.com/media/launch/ 22 KB
7 KB 121ms
121ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1694066716726

Requested by

Host: ups.inq.com
URL: https://ups.inq.com/chatskins/launch/inqChatLaunch10005649.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a5c0d1c704db9fdc2d1647276dd467f8b502465006843d65dcf3ee077637cae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:41 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 07 Sep 2023 03:03:00 GMT
content-encoding: gzip
etag: W/"22376-1694055780000"
vary: accept-encoding
x-azure-ref: 20230915T151941Z-v1fk4bwqe15kp5gca0rvsgc4tn000000029g0000000120x4
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=3600
x-xss-protection: 1; mode=block
expires: Thu, 14 Sep 2023 17:48:14 GMT

GET
H2 200 utag.58.js Show response
tags.tiqcdn.com/utag/ups/yoda/prod/ 6 KB
3 KB 45ms
45ms Script
application/javascript 2600:9000:223e:e800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.58.js?utv=ut4.48.202307240103
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:e800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54546cd1fba4a8ee341ef7f0f3bd48b3e4b120a1674e2f4ff9390108e9868fdb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id: jquUd_F63IEJYyOJnXSI..ZAe1oworwO
content-encoding: br
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 15:15:21 GMT
last-modified: Thu, 14 Sep 2023 05:12:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 261
x-amz-server-side-encryption: AES256
etag: W/"023b816e7d322b44a5c45b655390a5be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: nbikL6LxubSxf3pb6HLFp_fXNSqqi1uv6dG6P3nq4TMhqNVHDPs9sw==

GET
H2 200 utag.65.js Show response
tags.tiqcdn.com/utag/ups/yoda/prod/ 27 KB
5 KB 46ms
46ms Script
application/javascript 2600:9000:223e:e800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.65.js?utv=ut4.48.202308170346
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:e800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48af2bf2df5510592af4425b7c0531134b3428fa5970a812c6fa4476f4c0313b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id: I1nAxmsjHSu6AuQCpdi3wxPCjhyBFKbm
content-encoding: br
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
date: Fri, 15 Sep 2023 15:14:57 GMT
last-modified: Thu, 14 Sep 2023 05:12:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 294
x-amz-server-side-encryption: AES256
etag: W/"8b76d083de9aa7864a622119365dfbdf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: pbErI3x3bPyY3CN-jfYGOHkc42TncoIglOnCnWD5oAwXbTERAAWGFA==

GET
DATA 200
OK truncated Show response
/ Frame 61AB 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: en-GB,en;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
4 KB 152ms
44ms Image
image/svg+xml 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Tue, 12 Sep 2023 08:22:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 08:22:54 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1023 B 48ms
47ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Thu, 14 Sep 2023 17:37:27 GMT
x-content-type-options: nosniff
age: 78134
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 910
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 13 Sep 2024 17:37:27 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 45ms
45ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Wed, 13 Sep 2023 05:39:04 GMT
x-content-type-options: nosniff
age: 207637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 12 Sep 2024 05:39:04 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 43ms
42ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=tealium&ttd_tpi=1&gdpr=0
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 15 Sep 2023 15:19:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEO5JHlI75otdYz7LcaAFrJU&google_cver=1
dpm.demdex.net/ Frame 2580
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODY0MjAxMjcwNTE2OTIyOTg4NDAwMTI3NTE5MDk4NTI2OTAzMjM=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEO5JHlI75otdYz7LcaAFrJU&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

48ms
48ms

Image
image/gif

99.80.170.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEO5JHlI75otdYz7LcaAFrJU&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

HTTP/1.1

Server

99.80.170.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-170-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ups.demdex.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

DCS: dcs-prod-irl1-1-v050-00c5a57fc.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: XPO7sFoUQqk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:19:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEO5JHlI75otdYz7LcaAFrJU&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 src=6451349;type=sitev;cat=upsal0;ord=5287103999035;gtm=4%20%20%20%20%20%20%20%20%20%205fe35h0;auiddc=539378998.1684426025;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page Show response
adservice.google.com/ddm/fls/i/ Frame B0EA 506 B
638 B 180ms
85ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/src=6451349;type=sitev;cat=upsal0;ord=5287103999035;gtm=4%20%20%20%20%20%20%20%20%20%205fe35h0;auiddc=539378998.1684426025;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page

Requested by

Host: 6451349.fls.doubleclick.net
URL: https://6451349.fls.doubleclick.net/activityi;src=6451349;type=sitev;cat=upsal0;ord=5287103999035;gtm=4%20%20%20%20%20%20%20%20%20%205fe35h0;auiddc=539378998.1684426025;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c14f9d675008513a6d98f2e40dc88dc546ad2e626b1ddc20ac0195fa5511682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6451349.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 263
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 15:19:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 403
Forbidden config.json Show response
c.go-mpulse.net/api/ Frame C36B 119 B
398 B 340ms
244ms XHR
application/json 2a02:26f0:3500:981::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=TADEN-6MDCS-UHH5M-YHPKQ-2GBH3&d=expresslogisticdelivery.online&t=5649304&v=1.766.0&if=&sl=0&si=0da27135-44b2-4cf2-b13d-d6564879e071-s1198r&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=265833
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/TADEN-6MDCS-UHH5M-YHPKQ-2GBH3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:981::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0397100ec4050ce0fd52764d4f9d859fe53303beba7e27eaf4f96da5a3cc5d9b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 15 Sep 2023 15:19:42 GMT
Cache-Control: public, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 119
Content-Type: application/json

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2580 70 B
264 B 42ms
42ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=expresslogisticdelivery.online&ttd_tpi=1
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ups.demdex.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 15 Sep 2023 15:19:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 / Show response
ups.blueconic.net/DG/DEFAULT/rest/rpc/ 14 B
725 B 119ms
118ms Script
text/javascript 44.217.21.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.blueconic.net/DG/DEFAULT/rest/rpc/?requests=%5B%7B%22method%22%3A%22getProfile%22%2C%22params%22%3A%22null%22%2C%22id%22%3A%221694791181773%22%7D%2C%7B%22method%22%3A%22setProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22language%5C%22%3A%5B%5C%22en%5C%22%5D%2C%5C%22currentscreenwidth%5C%22%3A%5B1600%5D%2C%5C%22currentscreenheight%5C%22%3A%5B1200%5D%2C%5C%22currentresolution%5C%22%3A%5B%5C%221600x1200%5C%22%5D%2C%5C%22entrypage%5C%22%3A%5B%5C%22https%3A%2F%2Fexpresslogisticdelivery.online%2F%5C%22%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22language%5C%22%2C%5C%22currentscreenwidth%5C%22%2C%5C%22currentscreenheight%5C%22%2C%5C%22currentresolution%5C%22%2C%5C%22entrypage%5C%22%5D%7D%7D%22%2C%22id%22%3A%221694791181774%22%7D%2C%7B%22method%22%3A%22addProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22consented_objectives%5C%22%3A%5B%5C%22tealium_analytics%5C%22%2C%5C%22tealium_affiliates%5C%22%2C%5C%22tealium_display_ads%5C%22%2C%5C%22tealium_search%5C%22%2C%5C%22tealium_email%5C%22%2C%5C%22tealium_personalization%5C%22%2C%5C%22tealium_social%5C%22%2C%5C%22tealium_big_data%5C%22%2C%5C%22tealium_misc%5C%22%2C%5C%22tealium_cookiematch%5C%22%2C%5C%22tealium_cdp%5C%22%2C%5C%22tealium_mobile%5C%22%2C%5C%22tealium_engagement%5C%22%2C%5C%22tealium_monitoring%5C%22%2C%5C%22tealium_crm%5C%22%5D%2C%5C%22resolution%5C%22%3A%5B%5C%221600x1200%5C%22%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22listener_tealium_consent%5C%22%3A%5B%5C%22consented_objectives%5C%22%5D%2C%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22resolution%5C%22%5D%7D%7D%22%2C%22id%22%3A%221694791181775%22%7D%2C%7B%22method%22%3A%22createEvent%22%2C%22params%22%3A%22%7B%5C%22type%5C%22%3A%5B%5C%22PAGEVIEW%5C%22%5D%2C%5C%22referrer%5C%22%3A%5B%5C%22%5C%22%5D%2C%5C%22profile%5C%22%3A%5B%5D%7D%22%2C%22id%22%3A%221694791181776%22%7D%5D&referer=https%3A%2F%2Fexpresslogisticdelivery.online%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-09-15T16%3A19%3A42%2B01%3A00&callback=bc_json830

Requested by

Host: aap-p.ups.com
URL: https://aap-p.ups.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.217.21.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-217-21-216.compute-1.amazonaws.com

Software

- /

Resource Hash

6934da14329621e16ac4215bc595dd1c60c9aa7e7e4b6d72efa3a267c8244fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
accept-ch: sec-ch-ua-platform-version
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 34
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

src=6451349;type=sitev;cat=upsal0;ord=5287103999035;gtm=4%20%20%20%20%20%20%20%20%20%205fe35h0;auiddc=539378998.1684426025;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page Show response
6451349.fls.doubleclick.net/ddm/fls/r/ Frame 349C
Redirect Chain

https://adservice.google.co.uk/ddm/fls/i/src=6451349;type=sitev;cat=upsal0;ord=5287103999035;gtm=4%20%20%20%20%20%20%20%20%20%205fe35h0;auiddc=539378998.1684426025;gdid=dYmQxMT;~oref=https%3A%2F%2F...
https://6451349.fls.doubleclick.net/ddm/fls/r/src=6451349;type=sitev;cat=upsal0;ord=5287103999035;gtm=4%20%20%20%20%20%20%20%20%20%205fe35h0;auiddc=539378998.1684426025;gdid=dYmQxMT;~oref=https%3A%...

703 B
377 B

85ms
84ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6451349.fls.doubleclick.net/ddm/fls/r/src=6451349;type=sitev;cat=upsal0;ord=5287103999035;gtm=4%20%20%20%20%20%20%20%20%20%205fe35h0;auiddc=539378998.1684426025;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/src=6451349;type=sitev;cat=upsal0;ord=5287103999035;gtm=4%20%20%20%20%20%20%20%20%20%205fe35h0;auiddc=539378998.1684426025;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

832d2c5d559a32f0002a2e1452f2c7572aeb8b65648e2883b3d1da4bf56cc82a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 271
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 15:19:42 GMT
expires: Fri, 15 Sep 2023 15:19:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 15:19:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://6451349.fls.doubleclick.net/ddm/fls/r/src=6451349;type=sitev;cat=upsal0;ord=5287103999035;gtm=4%20%20%20%20%20%20%20%20%20%205fe35h0;auiddc=539378998.1684426025;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
mpp.vindicosuite.com/sync/ Frame 2580 24 B
24 B 204ms
112ms Image
text/plain 35.186.236.204
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mpp.vindicosuite.com/sync/?pid=27&fr=1
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.236.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ups.demdex.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24
content-type: text/plain; charset=utf-8

POST 3J2JveSw
www.ups.com/QVoXkmk2iU33X/o508/C25GWZoo5c/iJicVz9uk7Q9m3/Kg4Rdw/NzF/ 0
0

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=280EDA3B95CC653926C9C9B694776445
dpm.demdex.net/ Frame 2580
Redirect Chain

https://c.bing.com/c.gif?uid=86420127051692298840012751909852690323&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=280EDA3B95CC653926C9C9B694776445

42 B
942 B

46ms
46ms

Image
image/gif

99.80.170.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=280EDA3B95CC653926C9C9B694776445

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

HTTP/1.1

Server

99.80.170.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-170-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ups.demdex.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

DCS: dcs-prod-irl1-2-v050-0885b218e.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: OOUF168pRnI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:19:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 58A076862B344445A3537A8685C91F09 Ref B: LON04EDGE0911 Ref C: 2023-09-15T15:19:42Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=280EDA3B95CC653926C9C9B694776445
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 serving
bs.serving-sys.com/ Frame 2580 0
105 B 175ms
46ms Image
text/plain 18.198.194.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=1&euuid=86420127051692298840012751909852690323&redir=true
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.194.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-194-141.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ups.demdex.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 349C 49 KB
18 KB 92ms
90ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 6451349.fls.doubleclick.net
URL: https://6451349.fls.doubleclick.net/ddm/fls/r/src=6451349;type=sitev;cat=upsal0;ord=5287103999035;gtm=4%20%20%20%20%20%20%20%20%20%205fe35h0;auiddc=539378998.1684426025;gdid=dYmQxMT;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e79508a44168446bbd6e0196cf4203b09afad0267cb80da5958172c1ff85c50f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6451349.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18494
x-xss-protection: 0
server: cafe
etag: 5879359867132392387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 15:19:42 GMT

GET
H/1.1

200
OK

ibs:dpid=70027&dpuuid=5074430891303709278
dpm.demdex.net/ Frame 2580
Redirect Chain

https://pix-us.revjet.com/idsync/adobe/1?aam_id=86420127051692298840012751909852690323&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D70027%26dpuuid%3D%24%24visitor_id%24%24
https://dpm.demdex.net/ibs:dpid=70027&dpuuid=5074430891303709278

42 B
942 B

47ms
46ms

Image
image/gif

99.80.170.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=70027&dpuuid=5074430891303709278

Protocol

HTTP/1.1

Server

99.80.170.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-170-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ups.demdex.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

DCS: dcs-prod-irl1-1-v050-0430d195e.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: WF0aRfbhTJQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:19:42 GMT
access-control-allow-methods: GET, POST, OPTIONS
location: https://dpm.demdex.net/ibs:dpid=70027&dpuuid=5074430891303709278
cache-control: no-store
access-control-allow-credentials: true
content-length: 0
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/863311277/ Frame 349C 4 KB
2 KB 192ms
91ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863311277/?random=1694791182529&cv=9&fst=1694791182529&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6451349.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D6451349%3Btype%3Dsitev%3Bcat%3Dupsal0%3Bord%3D5287103999035%3Bgtm%3D4%2520%2520%2520%2520%2520%2520%2520%2520%2520%25205fe35h0%3Bauiddc%3D539378998.1684426025%3Bgdid%3DdYmQxMT%3B~oref%3Dhttps%253A%252F%252Fwww.ups.com%252Fus%252Fen%252FHome.page&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a03cadc6b71f9cbe33aea547b98e3ea371fe820694c57d5cb58ca408bfd2c59b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6451349.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1540
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2580
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlFSMkRRQUFBRWVsN2dOZQ==

170 B
243 B

55ms
54ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlFSMkRRQUFBRWVsN2dOZQ==

Requested by

Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ups.demdex.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:19:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-man4133-MAN
pragma: no-cache
date: Fri, 15 Sep 2023 15:19:42 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1694791183.670938,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlFSMkRRQUFBRWVsN2dOZQ==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST 3J2JveSw
www.ups.com/QVoXkmk2iU33X/o508/C25GWZoo5c/iJicVz9uk7Q9m3/Kg4Rdw/NzF/ 0
0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 2580
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZQR2DQAAAEel7gNe&expires=90

0
239 B

47ms
47ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZQR2DQAAAEel7gNe&expires=90
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ups.demdex.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-man4133-MAN
pragma: no-cache
date: Fri, 15 Sep 2023 15:19:42 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1694791183.725503,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZQR2DQAAAEel7gNe&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/863311277/ Frame 349C 42 B
455 B 160ms
59ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/863311277/?random=1694791182529&cv=9&fst=1694790000000&num=1&guid=ON&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https%3A%2F%2F6451349.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D6451349%3Btype%3Dsitev%3Bcat%3Dupsal0%3Bord%3D5287103999035%3Bgtm%3D4%2520%2520%2520%2520%2520%2520%2520%2520%2520%25205fe35h0%3Bauiddc%3D539378998.1684426025%3Bgdid%3DdYmQxMT%3B~oref%3Dhttps%253A%252F%252Fwww.ups.com%252Fus%252Fen%252FHome.page&ref=https%3A%2F%2Fadservice.google.com%2F&fmt=3&is_vtc=1&random=2232936374&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6451349.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:19:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/863311277/ Frame 349C 42 B
455 B 160ms
60ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/863311277/?random=1694791182529&cv=9&fst=1694790000000&num=1&guid=ON&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https%3A%2F%2F6451349.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D6451349%3Btype%3Dsitev%3Bcat%3Dupsal0%3Bord%3D5287103999035%3Bgtm%3D4%2520%2520%2520%2520%2520%2520%2520%2520%2520%25205fe35h0%3Bauiddc%3D539378998.1684426025%3Bgdid%3DdYmQxMT%3B~oref%3Dhttps%253A%252F%252Fwww.ups.com%252Fus%252Fen%252FHome.page&ref=https%3A%2F%2Fadservice.google.com%2F&fmt=3&is_vtc=1&random=2232936374&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6451349.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:19:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2580
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQR2DQAAAEel7gNe

43 B
770 B

61ms
60ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQR2DQAAAEel7gNe
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ups.demdex.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:19:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bux5gzrUjm0tP75pgBU03SCXD%2FQ6VHqSu8phtmwXmypLPQs%2B4snWRfhOCqROF2601SVJBf%2FoBgodxlefx8kfbsBCzwVzRLNB4h5oPcVBdw%2Bds0fa6kE%2FttGIMrp1QiA5D1bkfxrtN53l8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8071d97cdc220693-MAN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

x-served-by: cache-man4133-MAN
pragma: no-cache
date: Fri, 15 Sep 2023 15:19:42 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1694791183.826892,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQR2DQAAAEel7gNe
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 bundle_en_US.js Show response
code.jivosite.com/js/ 1 MB
296 KB 49ms
48ms Script
application/javascript 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/js/bundle_en_US.js?rand=1694518181
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/widget/trtCMc5CJO
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: ab23123c4cd9d1d97e08874a7c00cb2dc300431af8bc91a352eb6d719530139b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:42 GMT
content-encoding: br
via: 1.1 sharxy
x-cached-since: 2023-09-15T15:14:05+00:00
x-geo-shard: ya
content-length: 302375
x-node: am3-up-gc95
last-modified: Mon, 11 Sep 2023 10:08:17 GMT
server: nginx
etag: "64fee711-49d27"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes

GET
H2 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 121 B
182 B 169ms
166ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/64ff518db1aaa13b7a764253/1ha2ld6jg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://expresslogisticdelivery.online/
Origin: https://expresslogisticdelivery.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:43 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
content-encoding: br
etag: W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8071d97d387e23ad-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 81 KB
29 KB 274ms
272ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/64ff518db1aaa13b7a764253/1ha2ld6jg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://expresslogisticdelivery.online/
Origin: https://expresslogisticdelivery.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:43 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
content-encoding: br
etag: W/"ce3014b09c6dfbd6f92bc585fd840580"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8071d97d388023ad-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 209 KB
61 KB 385ms
382ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/64ff518db1aaa13b7a764253/1ha2ld6jg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ef1c0033184fc3d9927468f3e3fcf00bdef6607fef645c9d4d80e0cd6c17ee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://expresslogisticdelivery.online/
Origin: https://expresslogisticdelivery.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:43 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
content-encoding: br
etag: W/"c7d717342f2392436e14ee5e894cff01"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8071d97d388323ad-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 206 KB
41 KB 382ms
380ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/64ff518db1aaa13b7a764253/1ha2ld6jg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2b5298695dd08a5ac6f7df92d8001910b3df9d66045e7bc3251226a3bbd02a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://expresslogisticdelivery.online/
Origin: https://expresslogisticdelivery.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:43 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
content-encoding: br
etag: W/"cc2f5caa9ea6bd869eabebe15472439c"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8071d97d388623ad-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 2 KB
1 KB 161ms
159ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/64ff518db1aaa13b7a764253/1ha2ld6jg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf2971fed2be2f47a0d7d0e48e0e0937690a7ae2afe740e452ded692a4eef189

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://expresslogisticdelivery.online/
Origin: https://expresslogisticdelivery.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:43 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
content-encoding: br
etag: W/"950ed0d9394df6df8ab8e30ac9b0cdcc"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8071d97d388723ad-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 151 B
310 B 156ms
154ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/64ff518db1aaa13b7a764253/1ha2ld6jg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://expresslogisticdelivery.online/
Origin: https://expresslogisticdelivery.online
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:43 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
content-encoding: br
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8071d97d388923ad-LHR
alt-svc: h3=":443"; ma=86400

GET
H2

200

bounce
ib.adnxs.com/ Frame 2580
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=ZQR2DQAAAEel7gNe
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZQR2DQAAAEel7gNe

43 B
902 B

41ms
40ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZQR2DQAAAEel7gNe

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ups.demdex.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:19:43 GMT
an-x-request-uuid: a1870636-484a-481e-bc8f-8fd299141a59
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.138.196.108; 217.138.196.108; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:19:43 GMT
an-x-request-uuid: aa9522bf-9781-4eea-9c7b-c6dc85d59c12
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZQR2DQAAAEel7gNe
cache-control: no-store, no-cache, private
x-proxy-origin: 217.138.196.108; 217.138.196.108; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 2580
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZQR2DQAAAEel7gNe

43 B
273 B

109ms
35ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZQR2DQAAAEel7gNe
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ups.demdex.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:19:43 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-man4133-MAN
pragma: no-cache
date: Fri, 15 Sep 2023 15:19:43 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1694791183.029321,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZQR2DQAAAEel7gNe
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 widget.css
code.jivosite.com/css/2637168/ 241 KB
55 KB 45ms
45ms Stylesheet
text/css 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/css/2637168/widget.css
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 124f36b7fccc97ad826b0b48e3b01467daf09d16bd7137afaba6e9a66e7a32d3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:43 GMT
content-encoding: br
via: 1.1 sharxy
x-cached-since: 2023-09-15T15:13:37+00:00
x-geo-shard: ya
content-length: 55734
x-node: am3-up-gc95
last-modified: Mon, 11 Sep 2023 10:08:16 GMT
server: nginx
etag: "64fee710-d9b6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=864000
cache: HIT
accept-ranges: bytes
expires: Mon, 25 Sep 2023 15:13:37 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2580
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZQR2DQAAAEel7gNe

1 B
450 B

125ms
38ms

Image
text/html

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZQR2DQAAAEel7gNe
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ups.demdex.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-type: text/html; charset=utf-8
date: Fri, 15 Sep 2023 15:19:43 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-man4133-MAN
pragma: no-cache
date: Fri, 15 Sep 2023 15:19:43 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1694791183.349417,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZQR2DQAAAEel7gNe
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 agent_message.mp3 Show response
code.jivosite.com/sounds/ Frame 3C46 4 KB
3 KB 46ms
45ms XHR
audio/mpeg 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/sounds/agent_message.mp3
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:43 GMT
content-encoding: gzip
via: 1.1 sharxy
x-cached-since: 2023-09-15T15:15:34+00:00
x-geo-shard: ya
content-length: 2927
x-node: am3-up-gc95
last-modified: Mon, 11 Sep 2023 10:08:17 GMT
server: nginx
etag: "64fee711-b6f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cache: HIT
accept-ranges: bytes
expires: Sun, 15 Oct 2023 15:15:34 GMT

GET
H2 200 notification.mp3 Show response
code.jivosite.com/sounds/ Frame 3C46 6 KB
3 KB 47ms
46ms XHR
audio/mpeg 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/sounds/notification.mp3
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:43 GMT
content-encoding: gzip
via: 1.1 sharxy
x-cached-since: 2023-09-15T15:04:56+00:00
x-geo-shard: ya
content-length: 3182
x-node: am3-up-gc94
last-modified: Mon, 11 Sep 2023 10:08:17 GMT
server: nginx
etag: "64fee711-c6e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cache: HIT
accept-ranges: bytes
expires: Sun, 15 Oct 2023 15:04:56 GMT

GET
H2 200 outgoing_message.mp3 Show response
code.jivosite.com/sounds/ Frame 3C46 5 KB
4 KB 46ms
45ms XHR
audio/mpeg 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/sounds/outgoing_message.mp3
Requested by: Host: expresslogisticdelivery.online
URL: https://expresslogisticdelivery.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:43 GMT
content-encoding: gzip
via: 1.1 sharxy
x-cached-since: 2023-09-15T15:16:01+00:00
x-geo-shard: ya
content-length: 3808
x-node: am3-up-gc95
last-modified: Mon, 11 Sep 2023 10:08:17 GMT
server: nginx
etag: "64fee711-ee0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cache: HIT
accept-ranges: bytes
expires: Sun, 15 Oct 2023 15:16:01 GMT

GET
DATA 200
OK truncated
/ 565 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37839cc51901d7a5e547203eb313f8213235f57bb98be3c73231687b4679144

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 344 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87f7fb75be0f1cf81179a38a061119b81ecefbc8a4067a667487e135b4ac9878

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type: image/svg+xml

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 178ms
178ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=64ff518db1aaa13b7a764253&widgetId=1ha2ld6jg&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89a272f09dc36738f1afad13483f2a02e2d43a6a1e3deeb96b2cd4e1841bd7ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:43 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-d73z
server: cloudflare
etag: W/"2-2-0"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 8071d9805e9d23ad-LHR
access-control-allow-headers: content-type,x-tawk-token

POST
H3 400 start Show response
va.tawk.to/v1/session/ 64 B
329 B 214ms
176ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c83dfb92ba52b1be7ab6226fbf540d4797a3994436912f1270f25da43971ef11

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://expresslogisticdelivery.online/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 15 Sep 2023 15:19:43 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://expresslogisticdelivery.online
access-control-allow-credentials: true
cf-ray: 8071d9819cf0886d-LHR
access-control-allow-headers: content-type,x-tawk-token
content-length: 64
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-d73z

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 162ms
162ms Preflight 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://expresslogisticdelivery.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://expresslogisticdelivery.online
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8071d9805eb523ad-LHR
date: Fri, 15 Sep 2023 15:19:43 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-z6db

GET

partner
sync.search.spotxchange.com/ Frame 2580
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZQR2DQAAAEel7gNe&img=1

0
0

GET
H2

200

b.php
www.facebook.com/fr/ Frame 2580
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZQR2DQAAAEel7gNe&t=2592000&o=0

43 B
715 B

175ms
69ms

Image
image/gif

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZQR2DQAAAEel7gNe&t=2592000&o=0

Protocol

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ups.demdex.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 08:19:43 PDT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
pragma: public
x-fb-debug: qlo5VPR7k5iN2J2o7iFyFj/Eyles4KZHOCz8imuMzbR3AiV3etxP24cIPa91zFmTIscS6nspEfaGey4G2hH6qQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}
content-type: image/gif
origin-agent-cluster: ?0
cache-control: public, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Fri, 15 Sep 2023 08:19:43 PDT

Redirect headers

x-served-by: cache-man4133-MAN
pragma: no-cache
date: Fri, 15 Sep 2023 15:19:43 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1694791184.550586,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZQR2DQAAAEel7gNe&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/languages/ 16 KB
4 KB 97ms
59ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Fri, 15 Sep 2023 15:19:43 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 26389
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 07:48:52 GMT
server: cloudflare
etag: W/"585ba00b2c167b90c210161454f843b5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8071d981ad13886d-LHR

GET
H/1.1

200
OK

ibs:dpid=152416&dpuuid=
dpm.demdex.net/ Frame 2580
Redirect Chain

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

42 B
960 B

46ms
46ms

Image
image/gif

99.80.170.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Protocol

HTTP/1.1

Server

99.80.170.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-170-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ups.demdex.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

DCS: dcs-prod-irl1-1-v050-093d863cb.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: VkbtwbAuQ3w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 300,104
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:19:44 GMT
via: 1.1 9a3c643f228eb943137621235dabf790.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
location: https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
cache-control: private, max-age=0, no-cache
content-length: 0
x-amz-cf-id: jkO1BBDwBpjHoZCA1ptHeZIr5U-3OyCtm69sap6s1GxRxlUP29_TxA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 i.js Show response
datacloud.tealiumiq.com/tealium_ttd/main/16/ 39 B
615 B 139ms
45ms Script
application/javascript 18.194.224.139

General

Check archive.org

Show headers Download Go to

Full URL: https://datacloud.tealiumiq.com/tealium_ttd/main/16/i.js?jsonp=utag.ut.tealium_pass_ttdid
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.224.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd9b11bb7723d648dee86c40524b1f927054223967194dee794d19ac49fac3a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://expresslogisticdelivery.online/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 15:19:47 GMT
x-serverid: uconnect_i-03f4bb18eaf2bff0f
x-tid: 71a3ce77eecc48a79b274d8483a218fb
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: tealium_ttd:main:16:datacloud
x-ulver: 8e95aa14cbcb6e769ac35b73a85f42752b628529-SNAPSHOT
content-type: application/javascript
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: eu-central-1
content-length: 39
x-uuid: 71a3ce77-eecc-48a7-9b27-4d8483a218fb
expires: Fri, 15 Sep 2023 15:19:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.ups.com
URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Light.ttf

Domain: www.ups.com
URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Regular.woff

Domain: www.ups.com
URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Regular.woff2

Domain: www.ups.com
URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Regular.ttf

Domain: www.ups.com
URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Medium.woff

Domain: www.ups.com
URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Medium.woff2

Domain: www.ups.com
URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Medium.ttf

Domain: www.ups.com
URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Bold.woff

Domain: www.ups.com
URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Bold.woff2

Domain: www.ups.com
URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Bold.ttf

Domain: www.ups.com
URL: https://www.ups.com/QVoXkmk2iU33X/o508/C25GWZoo5c/iJicVz9uk7Q9m3/Kg4Rdw/NzF/3J2JveSw

Domain: ups.blueconic.net
URL: https://ups.blueconic.net/DG/DEFAULT/rest/rpc/829?referer=https%3A%2F%2Fexpresslogisticdelivery.online%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-09-15T16%3A19%3A41%2B01%3A00&ts=1694791181775

Domain: www.ups.com
URL: https://www.ups.com/QVoXkmk2iU33X/o508/C25GWZoo5c/iJicVz9uk7Q9m3/Kg4Rdw/NzF/3J2JveSw

Domain: www.ups.com
URL: https://www.ups.com/QVoXkmk2iU33X/o508/C25GWZoo5c/iJicVz9uk7Q9m3/Kg4Rdw/NzF/3J2JveSw

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZQR2DQAAAEel7gNe&img=1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UPS (Transportation)

232 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: D3gLA2Ypb_M
.youtube.com/	1970-01-20 19:05:43	Name: VISITOR_INFO1_LIVE Value: QWlcPzsWct8
.expresslogisticdelivery.online/	1970-01-20 23:33:33	Name: CONSENTMGR Value: consent:true%7Cts:1694791181462
.expresslogisticdelivery.online/	1970-01-20 23:32:07	Name: utag_main Value: v_id:018a996d248f00624b2e1edbff940307c002707400b08$_sn:1$_se:1$_ss:1$_st:1694792981456$ses_id:1694791181456%3Bexp-session$_pn:1%3Bexp-session$fs_sample_user:false%3Bexp-session
.demdex.net/	1970-01-20 19:05:43	Name: demdex Value: 86420127051692298840012751909852690323
.expresslogisticdelivery.online/	1969-12-31 23:59:59	Name: AMCVS_036784BD57A8BB277F000101%40AdobeOrg Value: 1
.company-target.com/	1970-01-21 00:22:31	Name: tuuid Value: 7c83caaf-8077-4271-ac1f-24a3af966d77
.company-target.com/	1970-01-21 00:22:31	Name: tuuid_lu Value: 1694791181\|ix:0\|mctv:0\|rp:0
.everesttech.net/	1970-01-20 23:32:07	Name: everest_g_v2 Value: g_surferid~ZQR2DQAAAEel7gNe
.casalemedia.com/	1970-01-20 23:32:07	Name: CMID Value: ZQR2DV9TBr2RKvUBHd984AAA
.casalemedia.com/	1970-01-20 16:56:07	Name: CMPS Value: 4531
.casalemedia.com/	1970-01-20 16:56:07	Name: CMPRO Value: 4531
.adsrvr.org/	1970-01-20 23:33:33	Name: TDID Value: f25602dd-6587-4adb-a6f6-7063bbedf20f
.dpm.demdex.net/	1970-01-20 19:05:43	Name: dpm Value: 86420127051692298840012751909852690323
.expresslogisticdelivery.online/	1970-01-21 00:22:31	Name: AMCV_036784BD57A8BB277F000101%40AdobeOrg Value: -2121179033%7CMCIDTS%7C19616%7CMCMID%7C85955534779732054960038948374766624343%7CMCAAMLH-1695395981%7C6%7CMCAAMB-1695395981%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1694798381s%7CNONE%7CMCSYNCSOP%7C411-19623%7CvVersion%7C5.3.0
.tremorhub.com/	1970-01-20 23:32:28	Name: tvid Value: 49589555538249dd900ee51740c6e651
.tremorhub.com/	1970-01-21 00:22:31	Name: tv_UIDM Value: 7c83caaf-8077-4271-ac1f-24a3af966d77
.doubleclick.net/	1970-01-21 00:08:07	Name: IDE Value: AHWqTUnAJHqIC4wbhPffYtYn-kRm6VoFP-h63Tq0FrENBqERckOvxSVwLSQB2rOD788
ups.blueconic.net/	1970-01-20 14:56:35	Name: AWSALBCORS Value: Rhrh+KvKOs6Ak6Pe2g+xY1Ruq4kBsKl5hXUlewanlNDuGc8us98aPprAF33kPXTUfc2yYebitDGxmOZIzRbwqPrfM9MqAHyHqW1k2FXb9sXyu6Wl66eRjNXLXrfL
.bing.com/	1970-01-21 00:08:07	Name: MUID Value: 280EDA3B95CC653926C9C9B694776445
.c.bing.com/	1970-01-20 14:56:35	Name: MR Value: 0
.revjet.com/	1970-01-21 00:22:31	Name: trx Value: 5074430891303709278
.adnxs.com/	1970-01-20 16:56:07	Name: uuid2 Value: 6137967563861651102
.adnxs.com/	1970-01-20 16:56:07	Name: anj Value: dTM7k!M4.FErk#WF']wIg2C')et:Dl!]tbPl1MwL(!R7qUY#Q]SLI52YWJX#G9!WRCeLFpVz(_N/X%W#.wL5oa9/sZwfzrVL1[%d<wEexQ67Oe!@GDA*QRoP
expresslogisticdelivery.online/	1969-12-31 23:59:59	Name: twk_idm_key Value: LnkORMnnYB7FvUK3hAUUI
.pubmatic.com/	1970-01-20 16:56:07	Name: KRTBCOOKIE_218 Value: 4056-ZQR2DQAAAEel7gNe&KRTB&22978-ZQR2DQAAAEel7gNe&KRTB&23194-ZQR2DQAAAEel7gNe&KRTB&23209-ZQR2DQAAAEel7gNe
.pubmatic.com/	1970-01-20 15:29:43	Name: PugT Value: 1694791183
.demdex.net/	1970-01-20 19:05:43	Name: dextp Value: 771-1-1694791181949\|903-1-1694791182050\|20-1-1694791182150\|1957-1-1694791182269\|3462-1-1694791182370\|70027-1-1694791182470\|144230-1-1694791182571\|144231-1-1694791182711\|144232-1-1694791182813\|144233-1-1694791182913\|144234-1-1694791183014\|144235-1-1694791183335\|144236-1-1694791183436\|144237-1-1694791183536\|152416-1-1694791183637
expresslogisticdelivery.online/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.undertone.com/	1970-01-20 23:32:07	Name: UTID Value: 0a6cc868e5b94628a8034a4322506ebd
.undertone.com/	1970-01-20 23:32:07	Name: UTID_ENC Value: m7v7izib7vv8ohh08tubhj99

42 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://zn1gqrxzvrld7vjwm-upscx.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_1GqrxzvRld7vjWm&Q_LOC=https%3A%2F%%20%20%20%202Fwww.ups.com%2Fus%2Fen%2FHome.page Message: Failed to load resource: the server responded with a status of 500 ()
javascript	error	URL: https://expresslogisticdelivery.online/ Message: Access to font at 'https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Regular.woff' from origin 'https://expresslogisticdelivery.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://expresslogisticdelivery.online/ Message: Access to font at 'https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Regular.woff2' from origin 'https://expresslogisticdelivery.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://expresslogisticdelivery.online/ Message: Access to font at 'https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Light.ttf' from origin 'https://expresslogisticdelivery.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Light.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://expresslogisticdelivery.online/ Message: Access to font at 'https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Bold.woff2' from origin 'https://expresslogisticdelivery.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Bold.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://expresslogisticdelivery.online/ Message: Access to font at 'https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Medium.woff' from origin 'https://expresslogisticdelivery.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Medium.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://expresslogisticdelivery.online/ Message: Access to font at 'https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Bold.ttf' from origin 'https://expresslogisticdelivery.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Bold.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://expresslogisticdelivery.online/ Message: Access to font at 'https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Medium.woff2' from origin 'https://expresslogisticdelivery.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Medium.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://expresslogisticdelivery.online/ Message: Access to font at 'https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Regular.ttf' from origin 'https://expresslogisticdelivery.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Regular.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://expresslogisticdelivery.online/ Message: Access to font at 'https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Medium.ttf' from origin 'https://expresslogisticdelivery.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Medium.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://expresslogisticdelivery.online/ Message: Access to font at 'https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Bold.woff' from origin 'https://expresslogisticdelivery.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ups.com/assets/resources/webcontent/styles/fonts/Roboto-Bold.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://code.tidio.co/r80dkxphnw1kax8f6pqflisbkzhffliv.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://expresslogisticdelivery.online/img/icp.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://expresslogisticdelivery.online/ Message: Access to XMLHttpRequest at 'https://www.ups.com/QVoXkmk2iU33X/o508/C25GWZoo5c/iJicVz9uk7Q9m3/Kg4Rdw/NzF/3J2JveSw' from origin 'https://expresslogisticdelivery.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ups.com/QVoXkmk2iU33X/o508/C25GWZoo5c/iJicVz9uk7Q9m3/Kg4Rdw/NzF/3J2JveSw Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://expresslogisticdelivery.online/_bm/get_params?type=get-akid Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://ups.demdex.net/dest5.html?d_nsid=0(Line 12) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.ups.com') does not match the recipient window's origin ('https://expresslogisticdelivery.online').
javascript	error	URL: https://expresslogisticdelivery.online/ Message: Access to XMLHttpRequest at 'https://ups.blueconic.net/DG/DEFAULT/rest/rpc/829?referer=https%3A%2F%2Fexpresslogisticdelivery.online%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-09-15T16%3A19%3A41%2B01%3A00&ts=1694791181775' from origin 'https://expresslogisticdelivery.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ups.blueconic.net/DG/DEFAULT/rest/rpc/829?referer=https%3A%2F%2Fexpresslogisticdelivery.online%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-09-15T16%3A19%3A41%2B01%3A00&ts=1694791181775 Message: Failed to load resource: net::ERR_FAILED
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.ups.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
javascript	error	URL: https://expresslogisticdelivery.online/ Message: Access to XMLHttpRequest at 'https://www.ups.com/QVoXkmk2iU33X/o508/C25GWZoo5c/iJicVz9uk7Q9m3/Kg4Rdw/NzF/3J2JveSw' from origin 'https://expresslogisticdelivery.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ups.com/QVoXkmk2iU33X/o508/C25GWZoo5c/iJicVz9uk7Q9m3/Kg4Rdw/NzF/3J2JveSw Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://c.go-mpulse.net/api/config.json?key=TADEN-6MDCS-UHH5M-YHPKQ-2GBH3&d=expresslogisticdelivery.online&t=5649304&v=1.766.0&if=&sl=0&si=0da27135-44b2-4cf2-b13d-d6564879e071-s1198r&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=265833 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	error	URL: https://expresslogisticdelivery.online/ Message: Access to XMLHttpRequest at 'https://www.ups.com/QVoXkmk2iU33X/o508/C25GWZoo5c/iJicVz9uk7Q9m3/Kg4Rdw/NzF/3J2JveSw' from origin 'https://expresslogisticdelivery.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ups.com/QVoXkmk2iU33X/o508/C25GWZoo5c/iJicVz9uk7Q9m3/Kg4Rdw/NzF/3J2JveSw Message: Failed to load resource: net::ERR_FAILED
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
other	warning	Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZQR2DQAAAEel7gNe&img=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://va.tawk.to/v1/session/start Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6451349.fls.doubleclick.net
aap-p.ups.com
ads.undertone.com
adservice.google.co.uk
adservice.google.com
akamai.tiqcdn.com
api.company-target.com
bs.serving-sys.com
c.bing.com
c.go-mpulse.net
cdn3.iconfinder.com
cm.everesttech.net
cm.g.doubleclick.net
code.jivosite.com
code.tidio.co
connect.facebook.net
datacloud.tealiumiq.com
db.onlinewebfonts.com
dpm.demdex.net
dsum-sec.casalemedia.com
embed.tawk.to
evt.undertone.com
expresslogisticdelivery.online
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
media-us1.digital.nuance.com
mpp.vindicosuite.com
node-ya-6.jivosite.com
partners.tremorhub.com
pix-us.revjet.com
pixel.rubiconproject.com
s.company-target.com
s.go-mpulse.net
scripts.demandbase.com
siteintercept.qualtrics.com
smetrics.ups.com
sync-tm.everesttech.net
sync.search.spotxchange.com
tag-logger.demandbase.com
tags.tiqcdn.com
translate.google.com
translate.googleapis.com
ups.blueconic.net
ups.demdex.net
ups.inq.com
us-u.openx.net
use.fontawesome.com
va.tawk.to
visitor-service-eu-central-1.tealiumiq.com
www.facebook.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.ups.com
www.youtube.com
zn1gqrxzvrld7vjwm-upscx.siteintercept.qualtrics.com
sync.search.spotxchange.com
ups.blueconic.net
www.ups.com
104.17.209.240
104.26.9.183
104.64.124.239
108.138.15.119
108.138.189.11
13.32.121.71
131.153.147.42
142.250.185.66
15.204.22.185
151.101.2.49
172.217.18.102
172.64.148.101
18.158.81.252
18.194.224.139
18.198.194.141
18.239.50.124
18.66.97.57
185.89.210.212
198.47.127.205
2600:1f18:612b:4264:68e0:e587:d65a:6262
2600:9000:223e:e800:7:2bfb:7c00:93a1
2600:9000:2247:e000:1d:8d6d:3b40:93a1
2600:9000:2490:7e00:3:3268:b180:93a1
2606:4700:10::6816:1883
2606:4700:3108::ac42:2ad3
2606:4700:e0::ac40:670b
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:802::200e
2a00:1450:4001:811::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200a
2a02:26f0:3100:789::11a6
2a02:26f0:3500:885::353a
2a02:26f0:3500:981::11a6
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a13:1ec0::1037
34.248.15.130
34.96.71.22
34.98.64.218
35.186.236.204
35.244.174.68
44.217.21.216
52.189.67.17
52.212.121.189
52.223.40.198
57.128.74.65
63.140.62.214
69.173.144.139
72.251.232.132
99.80.170.99
015ae1c2d4e6330d7679343c2328009caf737690c342245505a0345500a55272
0397100ec4050ce0fd52764d4f9d859fe53303beba7e27eaf4f96da5a3cc5d9b
04135ef84d6560261e74329eaf5659ad74a463a47bbe1117e1d82541818732f3
0548b0e20c18314ca306078f3575702788586b5f186cc40b1aaee8874956d89a
0774e016e92aa14ab1add775c1ad103b8e3fa6a73ad2b5c88a05a9f84d1ce8bb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
124f36b7fccc97ad826b0b48e3b01467daf09d16bd7137afaba6e9a66e7a32d3
13b46473883bdb5fd13116df1840a2fd59e0c7683ea555b33531bc53c561b71b
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
18f66b7ccbef28fbffe4a0726a2336bd80e8e4ed6daf08784f77761d9b35bf1c
196cb1ebc67c4f33a694c1743aa576f5fc13a3ad26415bf0d4c78e24699207cd
19a578a6fc266b1e74e11e8480575044918ebd626e9a7fb8b9798d0bf696fee5
1ab00a593e6ca2e74aa1ff7d2e13c8737df3225df541c517f64638a81bddd3f8
1bcc189b988d0422a192ac53940c869e860721a884854f370b7743ea602a7e80
200d2ad791858632f23e69eb768c5dd5bb8686158b5350c21f6237fc295b73ea
2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b
2833f710d3165e43ad163dd70a1911fb6125c3a2643a7d2ea75430ae575d8546
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
3e5f725ac49435b434497bfd28f94bbc7ea7e526e21a6b7a6a72e889c716e900
42d7b7c8cf3e49c9c2a8b76e8e14148bb373a3c4fcdcefc931b52cb19172d123
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48af2bf2df5510592af4425b7c0531134b3428fa5970a812c6fa4476f4c0313b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b93d36bd3debd6e4848dbedc48b3b039700d920ffb7e2cdd9b19a8e5e0119eb
4b9ea587533f998fecbe3a97db8d8bb2be60021c7ae1633efe5cc3691b27425c
4bee6952e3c65ca306993ac329e88cd15ae16205a3562085177910f666820232
4d202462fa181e9a83e72d37961ec6d7e4fe86dd12093df74e007597f5e4af66
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e973e1b8e6b798931086cf372b83e40c417e33c0922087dad0eb2f89fa891ac
4f76ca22e59064d77fe48f2d09e53e8b66117476f1408552fcb3141f82f88c46
50e1e74372cffb578cde95d6f6227921496817e98574f347e15c43241d37fc8e
54546cd1fba4a8ee341ef7f0f3bd48b3e4b120a1674e2f4ff9390108e9868fdb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b3e11b240f440e96161637812cba67f43632ed86ebe3d2308a7ee8e71fdf60b
5be6ace24661bba23d780b702de4b60bf0b7bf6e350a48ccf080810c44b6c7f1
5d8ef46ec20dc86c782ae49b982bb27bfceac74bd7d7353312aba61cc1d85fe9
5ef1c0033184fc3d9927468f3e3fcf00bdef6607fef645c9d4d80e0cd6c17ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
65256e1e0467ba0e94c23dbaccb2493162f7d17e4737f08d25628dcaa8197dd5
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
6934da14329621e16ac4215bc595dd1c60c9aa7e7e4b6d72efa3a267c8244fdb
6a92e4cb228571c0669873950953ca5ffe863b53d98fc5de2902f2d7b33e1d23
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
75f7045d88bbed2a8641c5520581bdba49263a5e1fd5608c0199f61c447a965d
772e8e7e097a157acf064e1ef936983e241061e91d2f55ac43d4cbcc179397a0
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d5f26539390047033dd657d54989a06f27bb35f4d9f5f7d17b126c87840a513
7d894dc089864ff3fa46e9dffa5e2260fe4f6b1384aab9c5822e807f072191a5
7f33f4452c207172ffbf94d57edf631a8a29deaeed7934869204a066d8ff2f53
80612033ea475d4cebf196357cc1f0b9eec98c0cfcaff55531acacd5bf3a459a
832d2c5d559a32f0002a2e1452f2c7572aeb8b65648e2883b3d1da4bf56cc82a
87f7fb75be0f1cf81179a38a061119b81ecefbc8a4067a667487e135b4ac9878
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89a272f09dc36738f1afad13483f2a02e2d43a6a1e3deeb96b2cd4e1841bd7ad
89ef4b4bb5da90db155119f1eb64cd0f0a941b900fe61062b445e6901a1af320
8b3d4202b01b50a7494c522588dfb0c1791e7096d0c1d500b5ad3ee1101e6943
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e572717255297748a4ec49b10ed5c184a5b37f04c73e84b788444481e59bdc8
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
955286b8db32d1f72b8408b41882c3c913106f0c6010703f3ff47f4a3999dd8d
9594f58594d09951bd8004ff33e7c724c40fae49ccd3cc14cfa6ba3cc8ac8b4c
98642960d68c574a229d85960f9eac637da89b07966f7ea001af7e2834f97c38
99c998e8493d8cd50b3c83cf6fda0d9ef28890a23917df842adfeb4c48f07795
9c14f9d675008513a6d98f2e40dc88dc546ad2e626b1ddc20ac0195fa5511682
a03cadc6b71f9cbe33aea547b98e3ea371fe820694c57d5cb58ca408bfd2c59b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2b5298695dd08a5ac6f7df92d8001910b3df9d66045e7bc3251226a3bbd02a7
a53e7181dbff28237aa2e8949532257c029ade2874f141d16d3f5709ce376059
a5c0d1c704db9fdc2d1647276dd467f8b502465006843d65dcf3ee077637cae0
a8e38cd0d4e81de926333bf0bbb674e272a142c3c822266590c38509fef13186
aacede08eec2bdcf96fbd7e1d841798a95df694ae2a9975e151c4d4abde9c880
ab23123c4cd9d1d97e08874a7c00cb2dc300431af8bc91a352eb6d719530139b
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
af53949a1155bc09395045f8c4c04b54f8c3daad9067925c8293f06c08c10655
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24c5b325810b01a60487c8a42151b8f6ac44d1173722ec526c54fe7c4b7c762
b60d31e87f46e64be5c43997e8deda163ff9934c5a21d4f24381ad534459ca78
b92a7f28c84fc31b7c4a3c9bf60ef27a45a6daea9281bc8f7c9fc2852be0909f
be982855b3c5ec16cb537729f5a423b4c0cfd9e3ca5d280da0e0b24389b681e8
bf2971fed2be2f47a0d7d0e48e0e0937690a7ae2afe740e452ded692a4eef189
c83dfb92ba52b1be7ab6226fbf540d4797a3994436912f1270f25da43971ef11
c989d9323bb49053bd329f56634bd5715df7924a5ffad4eed729837228bd3ac4
cf44fb68aeae82d1349f798f1518236d850f11af8c5c7f668c9df462382d5ee8
d07bc02d4a4a9fdc299caf0e23c71844fbcfbc8981fbc97b31d4362910299307
d390471147a4364808896692b6377a3f307918037f827daf0d6aedc2d221dd0a
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
dd9b11bb7723d648dee86c40524b1f927054223967194dee794d19ac49fac3a9
e29f190bafe0cc5041f307ce00d885f6cb7762e9e818976114c23a3a068e7e1d
e37839cc51901d7a5e547203eb313f8213235f57bb98be3c73231687b4679144
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79508a44168446bbd6e0196cf4203b09afad0267cb80da5958172c1ff85c50f
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
ecd7230997a208b445edb48e9ecaceaf29ff577e9c588ffede355305372c2f23
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f057f2ea50996360cb788c5fc87da25674f5a3b48dc1d549440ae68817597415
f15b621bc234dd04b570f127a7d1e2f5ceb00129f5703421b94c9ed505a2c10e
f451530350ec58738762de87c5b9e0b9b7c99f72f8d9baa4715dd386a8e94373
f5fc14181849cb5f911a632a9663dd875bd7fa4a0565d05a17d8185cf643853c
fca0501546a4848b0f47c79cbe855cf33daa523d86be824258051c56d91fea31
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

expresslogisticdelivery.online Open in urlscan Pro 131.153.147.42 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

145 Requests

81 %HTTPS

45 %IPv6

43 Domains

65 Subdomains

55 IPs

7 Countries

2810 kBTransfer

7048 kBSize

31 Cookies

4 Outgoing links

Page URL History

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

expresslogisticdelivery.online Open in urlscan Pro
131.153.147.42 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

81 %
HTTPS

45 %
IPv6

43
Domains

65
Subdomains

55
IPs

7
Countries

2810 kB
Transfer

7048 kB
Size

31
Cookies

145 HTTP transactions
5 data transactions