ns2.gezegenkozmetik.com Open in urlscan Pro
54.36.28.180 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ns2.gezegenkozmetik.com/
Submission: On February 16 via api (February 16th 2024, 5:36:01 pm UTC) from US — Scanned from US

Summary HTTP 15 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 54.36.28.180, located in France and belongs to OVH, FR. The main domain is ns2.gezegenkozmetik.com.
TLS certificate: Issued by R3 on January 1st 2024. Valid for: 3 months.

This is the only time ns2.gezegenkozmetik.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	54.36.28.180 54.36.28.180	16276 (OVH) (OVH)
1	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
15	4

10 54.36.28.180 (France)

ASN16276 (OVH, FR)
PTR: ip180.ip-54-36-28.eu

ns2.gezegenkozmetik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
or-dr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	or-dr.com or-dr.com	460 KB
3	gstatic.com fonts.gstatic.com	41 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	1 KB
1	gezegenkozmetik.com ns2.gezegenkozmetik.com	8 KB
15	4

	Domain	Requested by
9	or-dr.com	ns2.gezegenkozmetik.com
3	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	ns2.gezegenkozmetik.com
1	ns2.gezegenkozmetik.com
15	4

This site contains links to these domains. Also see Links.

Domain
or-dr.com
www.maybank2u.com.my
sunwayflora.com
shop.switch.com.my
bjak.my
wordpress.org
graphthemes.com

Subject Issuer	Validity	Valid
*.or-dr.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ns2.gezegenkozmetik.com/
Frame ID: 9A5E823678ABAC23248F2623D4F1EA86
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ORDR - Oriented, Delusional & Robust

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

15
Requests

87 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

511 kB
Transfer

776 kB
Size

0
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://or-dr.com/
Title: ORDR

Search URL Search Domain Scan URL

URL: https://or-dr.com/index.php/category/business/
Title: Business

Search URL Search Domain Scan URL

URL: https://or-dr.com/index.php/2023/11/02/an-online-platform-for-property-maintenance-vendors-finder/
Title: An Online Platform for Property Maintenance Vendors Finder

Search URL Search Domain Scan URL

URL: https://or-dr.com/index.php/2023/11/02/
Title: November 2, 2023

Search URL Search Domain Scan URL

URL: https://or-dr.com/index.php/author/ordr/
Title: admin

Search URL Search Domain Scan URL

URL: https://or-dr.com/index.php/category/fintech/
Title: Fintech

Search URL Search Domain Scan URL

URL: https://or-dr.com/index.php/2023/09/10/insights-of-malaysian-banking-industry-2023/
Title: Insights of Malaysian Banking Industry -2023

Search URL Search Domain Scan URL

URL: https://or-dr.com/index.php/2023/09/10/
Title: September 10, 2023

Search URL Search Domain Scan URL

URL: https://or-dr.com/index.php/category/automotive/
Title: Automotive

Search URL Search Domain Scan URL

URL: https://or-dr.com/index.php/2023/08/01/all-new-omoda-5-by-chery-power-yet-fun/
Title: All New OMODA 5 by Chery – Power Yet Fun

Search URL Search Domain Scan URL

URL: https://or-dr.com/index.php/2023/08/01/
Title: August 1, 2023

Search URL Search Domain Scan URL

URL: https://www.maybank2u.com.my/maybank2u/malaysia/en/personal/cards/features_services/ezypay.page?utm_source=referak&utm_medium=blog&utm_campaign=EzyPay_ordr
Title: Maybank Credit Card - Enjoy 36 Months EzyPayments (0% interest!)

Search URL Search Domain Scan URL

URL: https://sunwayflora.com/?utm_source=referal&utm_medium=blog&utm_campaign=SunwayxBloggers
Title: New Launch Property in Bukit Jalil by Sunway Group

Search URL Search Domain Scan URL

URL: https://shop.switch.com.my/shop/iphone-15-pro-max-fp/0?utm_source=referal&utm_medium=blog&utm_campaign=ip15pmxBloggers
Title: Ready Stock iPhone 15 Pro Max with 5x Zoom at Switch now!

Search URL Search Domain Scan URL

URL: https://bjak.my/ms?utm_source=referal&utm_medium=blog&utm_campaign=BjakxBloggersReferal
Title: Compare Cheapest Car/Motorcycle Insurance

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: https://graphthemes.com/
Title: GraphThemes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
ns2.gezegenkozmetik.com/ 38 KB
8 KB 1546ms
1088ms Document
text/html 54.36.28.180
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ns2.gezegenkozmetik.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.36.28.180 , France, ASN16276 (OVH, FR),
Reverse DNS: ip180.ip-54-36-28.eu
Software: Apache /
Resource Hash: 1236ba9a1fef5e39d40d833dd24513020dafa4a899cc8dd15c5695163b78205c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: br
Content-Length: 7934
Content-Type: text/html; charset=UTF-8
Date: Fri, 16 Feb 2024 17:35:53 GMT
Keep-Alive: timeout=5, max=100
Link: <https://or-dr.com/index.php/wp-json/>; rel="https://api.w.org/"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK style.min.css
or-dr.com/wp-includes/css/dist/block-library/ 108 KB
13 KB 640ms
183ms Stylesheet
text/css 54.36.28.180
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://or-dr.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: ns2.gezegenkozmetik.com
URL: https://ns2.gezegenkozmetik.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.36.28.180 , France, ASN16276 (OVH, FR),
Reverse DNS: ip180.ip-54-36-28.eu
Software: Apache /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ns2.gezegenkozmetik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 17:35:54 GMT
Content-Encoding: br
Last-Modified: Wed, 31 Jan 2024 07:11:01 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13430

GET
H/1.1 200
OK style.css
or-dr.com/wp-content/themes/glossy-blog/ 50 KB
10 KB 618ms
177ms Stylesheet
text/css 54.36.28.180
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://or-dr.com/wp-content/themes/glossy-blog/style.css?ver=1.0.3
Requested by: Host: ns2.gezegenkozmetik.com
URL: https://ns2.gezegenkozmetik.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.36.28.180 , France, ASN16276 (OVH, FR),
Reverse DNS: ip180.ip-54-36-28.eu
Software: Apache /
Resource Hash: 18e042627a52d5321a37be6d67f35cd465278cf03cc2e388e2657c166f5cd021

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ns2.gezegenkozmetik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 17:35:54 GMT
Content-Encoding: br
Last-Modified: Fri, 03 Nov 2023 13:51:26 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9910

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 129ms
48ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Manjari%7CManrope%7CSora

Requested by

Host: ns2.gezegenkozmetik.com
URL: https://ns2.gezegenkozmetik.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58b188ba1f102492d8984ff535498e473ef0a195f9590865e0c5d741bc657e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ns2.gezegenkozmetik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Feb 2024 17:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 17:35:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Feb 2024 17:35:55 GMT

GET
H/1.1 200
OK jquery.min.js Show response
or-dr.com/wp-includes/js/jquery/ 86 KB
29 KB 718ms
101ms Script
application/javascript 54.36.28.180
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://or-dr.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: ns2.gezegenkozmetik.com
URL: https://ns2.gezegenkozmetik.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.36.28.180 , France, ASN16276 (OVH, FR),
Reverse DNS: ip180.ip-54-36-28.eu
Software: Apache /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ns2.gezegenkozmetik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 17:35:54 GMT
Content-Encoding: br
Last-Modified: Wed, 08 Nov 2023 07:28:51 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 29769

GET
H/1.1 200
OK jquery-migrate.min.js Show response
or-dr.com/wp-includes/js/jquery/ 13 KB
5 KB 771ms
98ms Script
application/javascript 54.36.28.180
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://or-dr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: ns2.gezegenkozmetik.com
URL: https://ns2.gezegenkozmetik.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.36.28.180 , France, ASN16276 (OVH, FR),
Reverse DNS: ip180.ip-54-36-28.eu
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ns2.gezegenkozmetik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 17:35:54 GMT
Content-Encoding: br
Last-Modified: Fri, 09 Jun 2023 05:49:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4685

GET
H/1.1 200
OK navigation.js Show response
or-dr.com/wp-content/themes/glossy-blog/js/ 6 KB
2 KB 736ms
98ms Script
application/javascript 54.36.28.180
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://or-dr.com/wp-content/themes/glossy-blog/js/navigation.js?ver=1.0.3
Requested by: Host: ns2.gezegenkozmetik.com
URL: https://ns2.gezegenkozmetik.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.36.28.180 , France, ASN16276 (OVH, FR),
Reverse DNS: ip180.ip-54-36-28.eu
Software: Apache /
Resource Hash: 42d21a6267c7d68e8a4ccd5c45c695408cad0a060b3ab6082d15abdc81fb62d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ns2.gezegenkozmetik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 17:35:54 GMT
Content-Encoding: br
Last-Modified: Fri, 03 Nov 2023 13:51:26 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1507

GET
H/1.1 200
OK masonry.pkgd.min.js Show response
or-dr.com/wp-content/themes/glossy-blog/js/ 24 KB
7 KB 782ms
176ms Script
application/javascript 54.36.28.180
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://or-dr.com/wp-content/themes/glossy-blog/js/masonry.pkgd.min.js?ver=1.0.3
Requested by: Host: ns2.gezegenkozmetik.com
URL: https://ns2.gezegenkozmetik.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.36.28.180 , France, ASN16276 (OVH, FR),
Reverse DNS: ip180.ip-54-36-28.eu
Software: Apache /
Resource Hash: 367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ns2.gezegenkozmetik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 17:35:54 GMT
Content-Encoding: br
Last-Modified: Fri, 03 Nov 2023 13:51:26 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7106

GET
H/1.1 200
OK scripts.js Show response
or-dr.com/wp-content/themes/glossy-blog/js/ 901 B
616 B 671ms
175ms Script
application/javascript 54.36.28.180
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://or-dr.com/wp-content/themes/glossy-blog/js/scripts.js?ver=GLOSSY_BLOG_VERSION
Requested by: Host: ns2.gezegenkozmetik.com
URL: https://ns2.gezegenkozmetik.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.36.28.180 , France, ASN16276 (OVH, FR),
Reverse DNS: ip180.ip-54-36-28.eu
Software: Apache /
Resource Hash: b87f05c7eba8081c252270ba6dd24ff0a1c44d40ec34d4a37eef2493e3df902f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ns2.gezegenkozmetik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 17:35:54 GMT
Content-Encoding: br
Last-Modified: Fri, 03 Nov 2023 13:51:26 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 316

GET
BLOB 200
OK 9715d1b1-2046-44ea-8921-1208ef3b0b3a
https://ns2.gezegenkozmetik.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ns2.gezegenkozmetik.com/9715d1b1-2046-44ea-8921-1208ef3b0b3a
Requested by: Host: ns2.gezegenkozmetik.com
URL: https://ns2.gezegenkozmetik.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 xn7_YHE41ni1AdIRqAuZuw1Bx9mbZk79FN_C-bk.woff2
fonts.gstatic.com/s/manrope/v15/ 14 KB
14 KB 120ms
44ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/manrope/v15/xn7_YHE41ni1AdIRqAuZuw1Bx9mbZk79FN_C-bk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Manjari%7CManrope%7CSora

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b933c1d28d9192885d290d1bbef9958dbc346cf05658d5468776c6d1c99e7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ns2.gezegenkozmetik.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 13:59:08 GMT
x-content-type-options: nosniff
age: 99408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14136
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 13:59:08 GMT

GET
H2 200 xMQOuFFYT72X5wkB_18qmnndmSdSnk-NKQI.woff2
fonts.gstatic.com/s/sora/v12/ 14 KB
15 KB 108ms
32ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sora/v12/xMQOuFFYT72X5wkB_18qmnndmSdSnk-NKQI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Manjari%7CManrope%7CSora

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dca9057773ffe97724df39aec4b4cde6b65b8f0858db67830d4eac4a8961c593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ns2.gezegenkozmetik.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 09:19:42 GMT
x-content-type-options: nosniff
age: 116174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14736
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:15:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 09:19:42 GMT

GET
H2 200 k3kQo8UPMOBO2w1UfdnoLg.woff2
fonts.gstatic.com/s/manjari/v11/ 12 KB
13 KB 107ms
30ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/manjari/v11/k3kQo8UPMOBO2w1UfdnoLg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Manjari%7CManrope%7CSora

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4f8bcc9ce3593e73e9b0cbd990cd26a195e700d92f585316c6704c0cafd3a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ns2.gezegenkozmetik.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 05:21:32 GMT
x-content-type-options: nosniff
age: 130464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12440
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:43:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 05:21:32 GMT

GET
H/1.1 200
OK Maybank-AMEX.png
or-dr.com/wp-content/uploads/2023/11/ 388 KB
388 KB 97ms
96ms Image
image/png 54.36.28.180
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://or-dr.com/wp-content/uploads/2023/11/Maybank-AMEX.png
Requested by: Host: ns2.gezegenkozmetik.com
URL: https://ns2.gezegenkozmetik.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.36.28.180 , France, ASN16276 (OVH, FR),
Reverse DNS: ip180.ip-54-36-28.eu
Software: Apache /
Resource Hash: 2afed952c728bee9becc979415ca343ba80bc7892b5fa8d0a93412033f482043

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ns2.gezegenkozmetik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 17:35:54 GMT
Last-Modified: Fri, 03 Nov 2023 13:59:07 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 397278

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
or-dr.com/wp-includes/js/ 18 KB
5 KB 103ms
103ms Script
application/javascript 54.36.28.180
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://or-dr.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: ns2.gezegenkozmetik.com
URL: https://ns2.gezegenkozmetik.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.36.28.180 , France, ASN16276 (OVH, FR),
Reverse DNS: ip180.ip-54-36-28.eu
Software: Apache /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ns2.gezegenkozmetik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 17:35:54 GMT
Content-Encoding: br
Last-Modified: Thu, 02 Feb 2023 00:53:25 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4647

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
ns2.gezegenkozmetik.com
or-dr.com
2607:f8b0:4006:81c::2003
2607:f8b0:4006:822::200a
54.36.28.180
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
1236ba9a1fef5e39d40d833dd24513020dafa4a899cc8dd15c5695163b78205c
18e042627a52d5321a37be6d67f35cd465278cf03cc2e388e2657c166f5cd021
2afed952c728bee9becc979415ca343ba80bc7892b5fa8d0a93412033f482043
367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2
42d21a6267c7d68e8a4ccd5c45c695408cad0a060b3ab6082d15abdc81fb62d2
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
58b188ba1f102492d8984ff535498e473ef0a195f9590865e0c5d741bc657e55
87b933c1d28d9192885d290d1bbef9958dbc346cf05658d5468776c6d1c99e7f
b87f05c7eba8081c252270ba6dd24ff0a1c44d40ec34d4a37eef2493e3df902f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
dca9057773ffe97724df39aec4b4cde6b65b8f0858db67830d4eac4a8961c593
f4f8bcc9ce3593e73e9b0cbd990cd26a195e700d92f585316c6704c0cafd3a55

ns2.gezegenkozmetik.com Open in urlscan Pro 54.36.28.180 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

87 %HTTPS

67 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

511 kBTransfer

776 kBSize

0 Cookies

17 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

Indicators

ns2.gezegenkozmetik.com Open in urlscan Pro
54.36.28.180 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

87 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

511 kB
Transfer

776 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions