urlscan.io logo urlscan.io
SecurityTrails logo

dhl468.com Open in urlscan Pro
43.154.29.55  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dhl468.com/
Effective URL: https://dhl468.com/
Submission: On July 17 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 6 domains to perform 24 HTTP transactions. The main IP is 43.154.29.55, located in Central, Hong Kong and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is dhl468.com.
TLS certificate: Issued by R3 on July 15th 2023. Valid for: 3 months.
This is the only time dhl468.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13 43.154.29.55 132203 (TENCENT-N...)
1 163.181.92.235 24429 (TAOBAO Zh...)
4 240e:978:306:... 4134 (CHINANET-...)
2 43.156.167.129 132203 (TENCENT-N...)
1 47.246.46.209 24429 (TAOBAO Zh...)
2 240e:97b:500:... 4134 (CHINANET-...)
2 2401:b180:700... 37963 (ALIBABA-C...)
24 8
13    43.154.29.55 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
dhl468.com
1    163.181.92.235 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
web.cdn.openinstall.io
4    240e:978:306:8:3::3eb (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
s4.cnzz.com
c.cnzz.com
2    43.156.167.129 (Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
www.ofmvwll.top
1    47.246.46.209 (Milan, Italy)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
web1.openinstall.io
2    240e:97b:500:2000::6 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
z3.cnzz.com
2    2401:b180:7003::1ac (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
cnzz.mmstat.com
Apex Domain
Subdomains		 Transfer
13 dhl468.com
dhl468.com
663 KB
6 cnzz.com
s4.cnzz.com — Cisco Umbrella Rank: 71029
c.cnzz.com — Cisco Umbrella Rank: 58721
z3.cnzz.com — Cisco Umbrella Rank: 167180
11 KB
2 mmstat.com
cnzz.mmstat.com — Cisco Umbrella Rank: 67646
759 B
2 ofmvwll.top
www.ofmvwll.top
85 B
2 openinstall.io
web.cdn.openinstall.io — Cisco Umbrella Rank: 80053
web1.openinstall.io — Cisco Umbrella Rank: 93312
47 KB
0 626bb.top Failed
yptp.626bb.top Failed
24 6
Domain Requested by
13 dhl468.com 2 redirects dhl468.com
2 cnzz.mmstat.com dhl468.com
2 z3.cnzz.com dhl468.com
2 c.cnzz.com s4.cnzz.com
2 www.ofmvwll.top dhl468.com
2 s4.cnzz.com dhl468.com
1 web1.openinstall.io web.cdn.openinstall.io
1 web.cdn.openinstall.io dhl468.com
0 yptp.626bb.top Failed dhl468.com
24 9

This site contains links to these domains. Also see Links.

Domain
www.cnzz.com
Subject Issuer Validity Valid
dhl468.com
R3		 2023-07-15 -
2023-10-13		 3 months crt.sh
*.cdn.openinstall.io
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-05 -
2023-09-16		 a year crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G3		 2023-01-28 -
2024-02-29		 a year crt.sh
www.ofmvwll.top
R3		 2023-06-17 -
2023-09-15		 3 months crt.sh
*.openinstall.io
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-07-05 -
2024-07-17		 a year crt.sh
*.mmstat.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-07-18 -
2023-08-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://dhl468.com/
Frame ID: 7981FEB3D8AFA5D08043447271932668
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

交友

Page URL History Show full URLs

  1. http://dhl468.com/ HTTP 301
    https://dhl468.com/ HTTP 302
    https://dhl468.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //[^./]+\.cnzz\.com/(?:z_stat.php|core)\?
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

96 %
HTTPS

43 %
IPv6

6
Domains

9
Subdomains

8
IPs

5
Countries

722 kB
Transfer

836 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dhl468.com/ HTTP 301
    https://dhl468.com/ HTTP 302
    https://dhl468.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dhl468.com/
Redirect Chain
  • http://dhl468.com/
  • https://dhl468.com/
  • https://dhl468.com/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dhl468.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.154.29.55 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
dc71730ea5193410538ac7345a2ec33a4825a06be22a12a575c0edbdcaaa5abb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 17 Jul 2023 11:04:27 GMT
etag
W/"64a1396a-feb"
last-modified
Sun, 02 Jul 2023 08:46:34 GMT
server
openresty/1.21.4.1
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding

Redirect headers

content-length
151
content-type
text/html
date
Mon, 17 Jul 2023 11:04:26 GMT
location
/
server
openresty/1.21.4.1
strict-transport-security
max-age=31536000; includeSubDomains; preload
pub_rem.js
dhl468.com/static/js/ 		471 B
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dhl468.com/static/js/pub_rem.js
Requested by
Host: dhl468.com
URL: https://dhl468.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.154.29.55 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
4c12f8882e4097d4736e5b3db0c9301e1deb2501294c2128135588b85c7509b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dhl468.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36

Response headers

date
Mon, 17 Jul 2023 11:04:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cl-cache-status
HIT
last-modified
Thu, 20 Apr 2023 16:19:19 GMT
server
openresty/1.21.4.1
etag
"64416607-1d7"
content-type
application/javascript; charset=utf-8
cache-control
max-age=43200
accept-ranges
bytes
content-length
471
expires
Sat, 15 Jul 2023 16:13:58 GMT
jquery-2.0.0.min.js
dhl468.com/static/js/ 		136 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dhl468.com/static/js/jquery-2.0.0.min.js
Requested by
Host: dhl468.com
URL: https://dhl468.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.154.29.55 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
d23248557c0f8442a9943f174b1771a7ed29f0694b55e54da8a1a8869d3cf779
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dhl468.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36

Response headers

date
Mon, 17 Jul 2023 11:04:27 GMT
content-encoding
gzip
cl-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 20 Apr 2023 16:19:19 GMT
server
openresty/1.21.4.1
etag
W/"64416607-220e9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=43200
expires
Sun, 16 Jul 2023 20:45:14 GMT
addons.js
dhl468.com/static/js/ 		185 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dhl468.com/static/js/addons.js
Requested by
Host: dhl468.com
URL: https://dhl468.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.154.29.55 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
30f4e01b13385c4caead998a1e49cc10110e55cf94d496baeb6b0c265acd2d65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dhl468.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36

Response headers

date
Mon, 17 Jul 2023 11:04:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cl-cache-status
HIT
last-modified
Thu, 20 Apr 2023 16:19:18 GMT
server
openresty/1.21.4.1
etag
"64416606-b9"
content-type
application/javascript; charset=utf-8
cache-control
max-age=43200
accept-ranges
bytes
content-length
185
expires
Sat, 15 Jul 2023 16:13:59 GMT
style.css
dhl468.com/static/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dhl468.com/static/css/style.css
Requested by
Host: dhl468.com
URL: https://dhl468.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.154.29.55 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
011fc7412aa3f07d5332ddacfc6ea6a4757191c240f649dd9e37728eea185850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dhl468.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36

Response headers

date
Mon, 17 Jul 2023 11:04:27 GMT
content-encoding
gzip
cl-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 20 Apr 2023 16:19:18 GMT
server
openresty/1.21.4.1
etag
W/"64416606-16b9"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sun, 16 Jul 2023 20:45:14 GMT
openinstall.js
web.cdn.openinstall.io/ 		46 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.cdn.openinstall.io/openinstall.js
Requested by
Host: dhl468.com
URL: https://dhl468.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.235 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
b1887b642f39ffc97b9c7d70fe2f52d9d9082e9a3d1240d6d29654df6b7fb8e3
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dhl468.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36

Response headers

date
Mon, 17 Jul 2023 10:15:37 GMT
strict-transport-security
max-age=86400
via
cache9.l2de2[0,0,304-0,H], cache7.l2de2[1,0], ens-cache9.de5[0,0,200-0,H], ens-cache10.de5[1,0]
age
2930
x-swift-cachetime
3596
x-cache
HIT TCP_MEM_HIT dirn:13:120583275
x-swift-savetime
Mon, 17 Jul 2023 10:15:41 GMT
content-length
47123
last-modified
Mon, 18 Jul 2022 07:57:10 GMT
server
Tengine
etag
"62d51256-b813"
vary
Accept-Encoding
ali-swift-global-savetime
1689588937
content-type
application/javascript
cache-control
max-age=7200
accept-ranges
bytes
timing-allow-origin
*
eagleid
a3b55c9e16895918673817900e
8ibTUDIp.888
dhl468.com/static/picture/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhl468.com/static/picture/8ibTUDIp.888
Requested by
Host: dhl468.com
URL: https://dhl468.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.154.29.55 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
95d160fbd1b679228c25d39df9ad3fb0b71daf9ac6277daffd076e59474f1705
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dhl468.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36

Response headers

date
Mon, 17 Jul 2023 11:04:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 20 Apr 2023 16:27:42 GMT
server
openresty/1.21.4.1
etag
"644167fe-2854"
content-type
application/octet-stream
accept-ranges
bytes
content-length
10324
cWlvvLWE.888
dhl468.com/static/picture/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhl468.com/static/picture/cWlvvLWE.888
Requested by
Host: dhl468.com
URL: https://dhl468.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.154.29.55 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
db4d9bfe86891b086e7c224deea0949a1c9f13dfae8bf4774d92793bc185b91c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dhl468.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36

Response headers

date
Mon, 17 Jul 2023 11:04:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 20 Apr 2023 16:27:44 GMT
server
openresty/1.21.4.1
etag
"64416800-64dc"
content-type
application/octet-stream
accept-ranges
bytes
content-length
25820
dexaV89T.888
dhl468.com/static/picture/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhl468.com/static/picture/dexaV89T.888
Requested by
Host: dhl468.com
URL: https://dhl468.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.154.29.55 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
5c5397786c4ba6083645242d06b1da8591cfcec764b225ea9358ff325722d020
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dhl468.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36

Response headers

date
Mon, 17 Jul 2023 11:04:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 20 Apr 2023 16:27:43 GMT
server
openresty/1.21.4.1
etag
"644167ff-4c76"
content-type
application/octet-stream
accept-ranges
bytes
content-length
19574
kJ1tPZdT.888
dhl468.com/static/picture/ 		521 KB
521 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhl468.com/static/picture/kJ1tPZdT.888
Requested by
Host: dhl468.com
URL: https://dhl468.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.154.29.55 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
c7e69806ac6efcfd16f90b5ff4648404ef68d0b0d95d66592ce3dea78f64f0e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dhl468.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36

Response headers

date
Mon, 17 Jul 2023 11:04:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 20 Apr 2023 16:27:43 GMT
server
openresty/1.21.4.1
etag
"644167ff-8227e"
content-type
application/octet-stream
accept-ranges
bytes
content-length
533118
i8DyIY2k.888
dhl468.com/static/picture/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhl468.com/static/picture/i8DyIY2k.888
Requested by
Host: dhl468.com
URL: https://dhl468.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.154.29.55 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
c09a849686cacc78be6768e43e0832eed67d46fdd6ef05893bd6ef4daf5ddebb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dhl468.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36

Response headers

date
Mon, 17 Jul 2023 11:04:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 20 Apr 2023 16:27:42 GMT
server
openresty/1.21.4.1
etag
"644167fe-7c94"
content-type
application/octet-stream
accept-ranges
bytes
content-length
31892
scrollreveal.js
dhl468.com/static/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dhl468.com/static/js/scrollreveal.js
Requested by
Host: dhl468.com
URL: https://dhl468.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.154.29.55 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
98072a57c669e83b21ef808d282011f68a11d77a259a213470304cb844bc850c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dhl468.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36

Response headers

date
Mon, 17 Jul 2023 11:04:27 GMT
content-encoding
gzip
cl-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 20 Apr 2023 16:19:19 GMT
server
openresty/1.21.4.1
etag
W/"64416607-2efc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=43200
expires
Sun, 16 Jul 2023 20:45:14 GMT
z_stat.php
s4.cnzz.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.cnzz.com/z_stat.php?id=1281253135&web_id=1281253135
Requested by
Host: dhl468.com
URL: https://dhl468.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:978:306:8:3::3eb , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
4c1885584bc441068b4f305e6882df62ae91b2731c0a89e7c470eb4d7f30e251

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dhl468.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36

Response headers

date
Mon, 17 Jul 2023 10:43:40 GMT
content-encoding
gzip
via
cache62.l2ea120-8[0,0,200-0,H], cache68.l2ea120-8[0,0], cache2.cn5485[0,0,200-0,H], cache16.cn5485[0,0]
age
1249
x-swift-cachetime
3599
x-cache
HIT TCP_MEM_HIT dirn:9:184966204
x-swift-savetime
Mon, 17 Jul 2023 10:43:41 GMT
content-length
4050
last-modified
Mon, 17 Jul 2023 10:43:40 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1689590620
content-type
application/javascript
cache-control
max-age=1800,s-maxage=3600
timing-allow-origin
*
eagleid
3ad80f2416895918695564859e
z_stat.php
s4.cnzz.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.cnzz.com/z_stat.php?id=1281285490&web_id=1281285490
Requested by
Host: dhl468.com
URL: https://dhl468.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:978:306:8:3::3eb , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
4ad9d940224867176d0cfa4f58cc6053e20d92fad59934ff40344baad9895bca

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dhl468.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36

Response headers

date
Mon, 17 Jul 2023 10:43:44 GMT
content-encoding
gzip
via
cache65.l2ea120-8[0,0,200-0,H], cache53.l2ea120-8[0,0], cache3.cn5485[0,0,200-0,H], cache16.cn5485[2,0]
age
1245
x-swift-cachetime
3598
x-cache
HIT TCP_MEM_HIT dirn:9:357427986
x-swift-savetime
Mon, 17 Jul 2023 10:43:46 GMT
content-length
4050
last-modified
Mon, 17 Jul 2023 10:43:44 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1689590624
content-type
application/javascript
cache-control
max-age=1800,s-maxage=3600
timing-allow-origin
*
eagleid
3ad80f2416895918695564862e
instatll
www.ofmvwll.top/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.ofmvwll.top/instatll?tag=Nanbei
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.156.167.129 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Caddy Caddy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dhl468.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
date
Mon, 17 Jul 2023 11:04:28 GMT
server
Caddy Caddy
instatll
www.ofmvwll.top/ 		11 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ofmvwll.top/instatll?tag=Nanbei
Requested by
Host: dhl468.com
URL: https://dhl468.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.156.167.129 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Caddy, Caddy /
Resource Hash
3b7c46ab3a12e6161756f55f8e7d39a87d2b9718e6d0f8abe0b97a87994f4b49

Request headers

Referer
https://dhl468.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Jul 2023 11:04:29 GMT
server
Caddy, Caddy
access-control-allow-methods
*
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
alt-svc
h3=":443"; ma=2592000
content-length
11
VRBng3LT.888
yptp.626bb.top/20230228/ 		0
0
init
web1.openinstall.io/web/dv7qbs/_/ 		645 B
1006 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web1.openinstall.io/web/dv7qbs/_/init?av=0&cv=0&hash=&sw=p6Cmpg&sh=p6Smpg&sp=1
Requested by
Host: web.cdn.openinstall.io
URL: https://web.cdn.openinstall.io/openinstall.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.46.209 Milan, Italy, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
5c4a450e2d76b3176c0597ea95907651639718b2834a2d35a1b90b8c79456f2d

Request headers

Referer
https://dhl468.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Mon, 17 Jul 2023 11:04:28 GMT
via
cache16.l2cm9-10[29,0], cache7.it2[234,0]
server
Tengine
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://dhl468.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
645
eagleid
2ff62e9b16895918687882782e
core.php
c.cnzz.com/ 		969 B
913 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/core.php?web_id=1281253135&t=z
Requested by
Host: s4.cnzz.com
URL: https://s4.cnzz.com/z_stat.php?id=1281253135&web_id=1281253135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:978:306:8:3::3eb , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
3b36bef68dfb808a7a65ac892436940a333896e6eeb7396ee3c1a332d1a13288

Request headers

Referer
https://dhl468.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 17 Jul 2023 11:02:55 GMT
content-encoding
gzip
via
cache11.l2ea120-8[56,55,200-0,M], cache46.l2ea120-8[57,0], cache6.cn5485[0,0,200-0,H], cache16.cn5485[0,0]
age
94
x-swift-cachetime
900
x-cache
HIT TCP_MEM_HIT dirn:9:415880352
x-swift-savetime
Mon, 17 Jul 2023 11:02:55 GMT
content-length
619
last-modified
Mon, 17 Jul 2023 11:02:55 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1689591775
content-type
application/javascript
timing-allow-origin
*
eagleid
3ad80f2416895918698886548e
expires
Mon, 17 Jul 2023 11:17:55 GMT
stat.htm
z3.cnzz.com/ 		2 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z3.cnzz.com/stat.htm?id=1281253135&r=&lg=en-us&ntime=none&cnzz_eid=626398836-1689590620-&showp=1600x1200&p=https%3A%2F%2Fdhl468.com%2F&t=%E4%BA%A4%E5%8F%8B&umuuid=1896385f1234fc-0c61eba7f1b358-72555c40-1d4c00-1896385f124a0e&h=1&rnd=62265962
Requested by
Host: dhl468.com
URL: https://dhl468.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:97b:500:2000::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dhl468.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36

Response headers

date
Mon, 17 Jul 2023 11:04:31 GMT
content-encoding
gzip
server
Tengine
vary
Accept-Encoding
content-type
text/html; charset=utf-8
9.gif
cnzz.mmstat.com/ 		43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnzz.mmstat.com/9.gif?abc=1&rnd=983790742
Requested by
Host: dhl468.com
URL: https://dhl468.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:b180:7003::1ac , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dhl468.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 11:04:31 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
core.php
c.cnzz.com/ 		969 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/core.php?web_id=1281285490&t=z
Requested by
Host: s4.cnzz.com
URL: https://s4.cnzz.com/z_stat.php?id=1281285490&web_id=1281285490
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:978:306:8:3::3eb , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d90f5c46de516cce7301732b101d6f0fe46bd5ef4977438a9fdd5ed51c98dec4

Request headers

Referer
https://dhl468.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 17 Jul 2023 11:03:03 GMT
content-encoding
gzip
via
cache1.l2ea120-8[0,0,200-0,H], cache66.l2ea120-8[1,0], cache9.cn5485[0,0,200-0,H], cache16.cn5485[1,0]
age
87
x-swift-cachetime
900
x-cache
HIT TCP_MEM_HIT dirn:10:29677394
x-swift-savetime
Mon, 17 Jul 2023 11:03:03 GMT
content-length
618
last-modified
Mon, 17 Jul 2023 11:03:03 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1689591783
content-type
application/javascript
timing-allow-origin
*
eagleid
3ad80f2416895918701898005e
expires
Mon, 17 Jul 2023 11:18:03 GMT
stat.htm
z3.cnzz.com/ 		2 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z3.cnzz.com/stat.htm?id=1281285490&r=&lg=en-us&ntime=none&cnzz_eid=146794880-1689590624-&showp=1600x1200&p=https%3A%2F%2Fdhl468.com%2F&t=%E4%BA%A4%E5%8F%8B&umuuid=1896385f1234fc-0c61eba7f1b358-72555c40-1d4c00-1896385f124a0e&h=1&rnd=1052548559
Requested by
Host: dhl468.com
URL: https://dhl468.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:97b:500:2000::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dhl468.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36

Response headers

date
Mon, 17 Jul 2023 11:04:31 GMT
content-encoding
gzip
server
Tengine
vary
Accept-Encoding
content-type
text/html; charset=utf-8
9.gif
cnzz.mmstat.com/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnzz.mmstat.com/9.gif?abc=1&rnd=857249824
Requested by
Host: dhl468.com
URL: https://dhl468.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:b180:7003::1ac , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dhl468.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 11:04:31 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
yptp.626bb.top
URL
https://yptp.626bb.top/20230228/VRBng3LT.888

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| xhr function| $ function| jQuery function| OpenInstall object| data object| scrollReveal object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1281253135 object| cnzz_image_334973099 object| cnzz_image_1916108484 object| _CNZZDbridge_1281285490 object| cnzz_image_1368608967 object| cnzz_image_499126757

8 Cookies

Domain/Path Name / Value
dhl468.com/ Name: cl_token
Value: 350b35a41fa490e1e1620725a455a8cb
dhl468.com/ Name: cl_time
Value: 1689591866
.dhl468.com/ Name: UM_distinctid
Value: 1896385f1234fc-0c61eba7f1b358-72555c40-1d4c00-1896385f124a0e
dhl468.com/ Name: CNZZDATA1281253135
Value: 626398836-1689590620-%7C1689590620
dhl468.com/ Name: CNZZDATA1281285490
Value: 146794880-1689590624-%7C1689590624
.mmstat.com/ Name: cna
Value: Pw48HZ/dG3YCAQAAAAC5hMLj
.cnzz.mmstat.com/ Name: sca
Value: 01f67d71
.cnzz.mmstat.com/ Name: atpsida
Value: 73cf1d0a6a275fed88aa6d3c_1689591871_1

6 Console Messages

Source Level URL
Text
security warning URL: https://dhl468.com/static/js/scrollreveal.js(Line 386)
Message:
Mixed Content: The page at 'https://dhl468.com/' was loaded over HTTPS, but requested an insecure element 'http://yptp.626bb.top/20230228/VRBng3LT.888'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://s4.cnzz.com/z_stat.php?id=1281253135&web_id=1281253135
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/core.php?web_id=1281253135&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://s4.cnzz.com/z_stat.php?id=1281253135&web_id=1281253135
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/core.php?web_id=1281253135&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://yptp.626bb.top/20230228/VRBng3LT.888
Message:
Failed to load resource: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH
javascript warning URL: https://s4.cnzz.com/z_stat.php?id=1281285490&web_id=1281285490
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/core.php?web_id=1281285490&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://s4.cnzz.com/z_stat.php?id=1281285490&web_id=1281285490
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/core.php?web_id=1281285490&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.cnzz.com
cnzz.mmstat.com
dhl468.com
s4.cnzz.com
web.cdn.openinstall.io
web1.openinstall.io
www.ofmvwll.top
yptp.626bb.top
z3.cnzz.com
yptp.626bb.top
163.181.92.235
2401:b180:7003::1ac
240e:978:306:8:3::3eb
240e:97b:500:2000::6
43.154.29.55
43.156.167.129
47.246.46.209
011fc7412aa3f07d5332ddacfc6ea6a4757191c240f649dd9e37728eea185850
30f4e01b13385c4caead998a1e49cc10110e55cf94d496baeb6b0c265acd2d65
3b36bef68dfb808a7a65ac892436940a333896e6eeb7396ee3c1a332d1a13288
3b7c46ab3a12e6161756f55f8e7d39a87d2b9718e6d0f8abe0b97a87994f4b49
4ad9d940224867176d0cfa4f58cc6053e20d92fad59934ff40344baad9895bca
4c12f8882e4097d4736e5b3db0c9301e1deb2501294c2128135588b85c7509b2
4c1885584bc441068b4f305e6882df62ae91b2731c0a89e7c470eb4d7f30e251
5c4a450e2d76b3176c0597ea95907651639718b2834a2d35a1b90b8c79456f2d
5c5397786c4ba6083645242d06b1da8591cfcec764b225ea9358ff325722d020
95d160fbd1b679228c25d39df9ad3fb0b71daf9ac6277daffd076e59474f1705
98072a57c669e83b21ef808d282011f68a11d77a259a213470304cb844bc850c
b1887b642f39ffc97b9c7d70fe2f52d9d9082e9a3d1240d6d29654df6b7fb8e3
c09a849686cacc78be6768e43e0832eed67d46fdd6ef05893bd6ef4daf5ddebb
c7e69806ac6efcfd16f90b5ff4648404ef68d0b0d95d66592ce3dea78f64f0e4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d23248557c0f8442a9943f174b1771a7ed29f0694b55e54da8a1a8869d3cf779
d90f5c46de516cce7301732b101d6f0fe46bd5ef4977438a9fdd5ed51c98dec4
db4d9bfe86891b086e7c224deea0949a1c9f13dfae8bf4774d92793bc185b91c
dc71730ea5193410538ac7345a2ec33a4825a06be22a12a575c0edbdcaaa5abb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855