shei.ju.mp Open in urlscan Pro
104.18.32.215 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shei.ju.mp/
Effective URL:
https://shei.ju.mp/
Submission: On October 17 via api (October 17th 2023, 4:01:59 am UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 19 HTTP transactions. The main IP is 104.18.32.215, located in and belongs to CLOUDFLARENET, US. The main domain is shei.ju.mp.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 17th 2023. Valid for: a year.

This is the only time shei.ju.mp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.64.155.41 172.64.155.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.18.32.215 104.18.32.215	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4 8	2620:100:6017... 2620:100:6017:15::a27d:20f	19679 (DROPBOX) (DROPBOX)
4	195.201.153.71 195.201.153.71	24940 (HETZNER-AS) (HETZNER-AS)
1	146.75.120.193 146.75.120.193	54113 (FASTLY) (FASTLY)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
19	9

1 172.64.155.41 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

shei.ju.mp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.32.215 (None, )

ASN13335 (CLOUDFLARENET, US)

shei.ju.mp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:100:6017:15::a27d:20f (United States) 4 redirects

ASN19679 (DROPBOX, US)

dl.dropbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dl.dropboxusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.201.153.71 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.71.153.201.195.clients.your-server.de

www5.cbox.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cbox.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	cbox.ws www5.cbox.ws — Cisco Umbrella Rank: 223483 static.cbox.ws — Cisco Umbrella Rank: 180624	107 KB
5	ju.mp 1 redirects shei.ju.mp	42 KB
4	dropboxusercontent.com dl.dropboxusercontent.com — Cisco Umbrella Rank: 18757	2 MB
4	dropbox.com 4 redirects dl.dropbox.com — Cisco Umbrella Rank: 56205	1001 B
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405 fonts.googleapis.com — Cisco Umbrella Rank: 49	35 KB
1	gstatic.com fonts.gstatic.com	126 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 7529	57 KB
19	7

	Domain	Requested by
5	shei.ju.mp	1 redirects shei.ju.mp
4	www5.cbox.ws	shei.ju.mp www5.cbox.ws static.cbox.ws
4	dl.dropboxusercontent.com	shei.ju.mp
4	dl.dropbox.com	4 redirects
2	static.cbox.ws	www5.cbox.ws
2	fonts.googleapis.com	shei.ju.mp
1	fonts.gstatic.com	fonts.googleapis.com
1	i.imgur.com	shei.ju.mp
1	ajax.googleapis.com	shei.ju.mp
19	9

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
twitter.com
music.apple.com
open.spotify.com
instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-17` - `2024-02-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cbox.ws R3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://shei.ju.mp/
Frame ID: E301A36ED61C9DBC9AC69B48323B3CC3
Requests: 15 HTTP requests in this frame

Frame: https://www5.cbox.ws/box/?boxid=940698&boxtag=LH8X2Q
Frame ID: 593618827DCCF258B803BA78B60BFDA0
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SHE¡ ☆★

Page URL History Show full URLs

http://shei.ju.mp/ HTTP 301
https://shei.ju.mp/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

79 %
HTTPS

56 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

2318 kB
Transfer

2542 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/sheilaclou?utm_source=qr
Title: 2000s.blog

Search URL Search Domain Scan URL

URL: https://twitter.com/mystariias?s=21&t=9I35c9pOyMwQNVAxOYpoKQ
Title: Twitter

Search URL Search Domain Scan URL

URL: https://music.apple.com/profile/livelaughlain
Title: Apple Music

Search URL Search Domain Scan URL

URL: https://open.spotify.com/user/nafjrh1liwuuidtt5efr9umdn?si=wzeomKIZS3-MXlZbPWyH6Q
Title: Spotify

Search URL Search Domain Scan URL

URL: https://instagram.com/gayforharuka?igshid=NDk5N2NlZjQ=
Title: Instagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shei.ju.mp/ HTTP 301
https://shei.ju.mp/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://dl.dropbox.com/s/brdv4yv2iaigjmp/glenplayer07.js HTTP 302
https://dl.dropboxusercontent.com/s/brdv4yv2iaigjmp/glenplayer07.js

Request Chain 11

https://dl.dropbox.com/s/8w4sembeqyz4rsq/Nintendo-DS-BIOS.ttf HTTP 302
https://dl.dropboxusercontent.com/s/8w4sembeqyz4rsq/Nintendo-DS-BIOS.ttf

Request Chain 12

https://dl.dropbox.com/s/xggwcxb6mlf6pwq/ROMANTIC.TTF HTTP 302
https://dl.dropboxusercontent.com/s/xggwcxb6mlf6pwq/ROMANTIC.TTF

Request Chain 13

https://dl.dropbox.com/s/q6te1rmeglfy4bf/pc-9800.ttf HTTP 302
https://dl.dropboxusercontent.com/s/q6te1rmeglfy4bf/pc-9800.ttf

19 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
shei.ju.mp/
Redirect Chain

http://shei.ju.mp/
https://shei.ju.mp/

116 KB
18 KB

346ms
323ms

Document
text/html

104.18.32.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shei.ju.mp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.32.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd6b2243f67e20fbc42c198e4c3fcba9a903306b3e0c1e93b936cf53c731cc7b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8175a4976e079c0d-FRA
content-encoding: gzip
content-type: text/html
date: Tue, 17 Oct 2023 04:01:54 GMT
expires: Tue, 17 Oct 2023 04:01:54 GMT
last-modified: Wed, 09 Aug 2023 00:39:26 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 8175a494281e3a72-FRA
Cache-Control: max-age=0
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 17 Oct 2023 04:01:53 GMT
Expires: Tue, 17 Oct 2023 04:01:53 GMT
Location: https://shei.ju.mp/
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 image02.jpg
shei.ju.mp/assets/images/ 6 KB
6 KB 347ms
347ms Image
image/jpeg 104.18.32.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shei.ju.mp/assets/images/image02.jpg?v=d16646d9
Requested by: Host: shei.ju.mp
URL: https://shei.ju.mp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.32.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f931c78869d307ac71dcfb712a0e8e68b1b0f0fa2ab6fd266571e3e080f5dba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shei.ju.mp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 04:01:54 GMT
cf-cache-status: MISS
last-modified: Sat, 21 Jan 2023 23:24:14 GMT
server: cloudflare
etag: "1703-5f2ce76d52838"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8175a499dfc39c0d-FRA
content-length: 5891
expires: Tue, 24 Oct 2023 04:01:54 GMT

GET
H2 200 image03.jpg
shei.ju.mp/assets/images/ 6 KB
6 KB 342ms
342ms Image
image/jpeg 104.18.32.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shei.ju.mp/assets/images/image03.jpg?v=d16646d9
Requested by: Host: shei.ju.mp
URL: https://shei.ju.mp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.32.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b03d3e3dae1c5d81420fc1540052e6ef19a75205c535af6bc73ae904a8078e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shei.ju.mp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 04:01:54 GMT
cf-cache-status: MISS
last-modified: Sat, 21 Jan 2023 23:24:14 GMT
server: cloudflare
etag: "16e3-5f2ce76d55ee8"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8175a499dfc59c0d-FRA
content-length: 5859
expires: Tue, 24 Oct 2023 04:01:54 GMT

GET
H2 200 image04.jpg
shei.ju.mp/assets/images/ 11 KB
12 KB 380ms
379ms Image
image/jpeg 104.18.32.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shei.ju.mp/assets/images/image04.jpg?v=d16646d9
Requested by: Host: shei.ju.mp
URL: https://shei.ju.mp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.32.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def294c13330c9be0d7138cd0863933269e77094b3e3e600b7dd4e907513604d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shei.ju.mp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 04:01:54 GMT
cf-cache-status: MISS
last-modified: Sat, 21 Jan 2023 23:24:14 GMT
server: cloudflare
etag: "2dbc-5f2ce76d59980"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8175a499efc89c0d-FRA
content-length: 11708
expires: Tue, 24 Oct 2023 04:01:54 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7/ 93 KB
34 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js

Requested by

Host: shei.ju.mp
URL: https://shei.ju.mp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shei.ju.mp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 18:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Oct 2024 18:16:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
500 B 46ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=ABeeZee|Karla

Requested by

Host: shei.ju.mp
URL: https://shei.ju.mp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b075045371024380d87763c2201b64b8fb535d91991f83f89c615bb21f17989

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shei.ju.mp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Oct 2023 04:01:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 04:01:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Oct 2023 04:01:54 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 45ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: shei.ju.mp
URL: https://shei.ju.mp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shei.ju.mp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Oct 2023 04:01:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 04:01:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Oct 2023 04:01:54 GMT

GET
H2

200

glenplayer07.js Show response
dl.dropboxusercontent.com/s/brdv4yv2iaigjmp/
Redirect Chain

https://dl.dropbox.com/s/brdv4yv2iaigjmp/glenplayer07.js
https://dl.dropboxusercontent.com/s/brdv4yv2iaigjmp/glenplayer07.js

2 KB
1 KB

590ms
590ms

Script
application/javascript

2620:100:6017:15::a27d:20f
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.dropboxusercontent.com/s/brdv4yv2iaigjmp/glenplayer07.js

Requested by

Host: shei.ju.mp
URL: https://shei.ju.mp/

Protocol

Server

2620:100:6017:15::a27d:20f , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

999d162032c4296df93623fba73bcc6532dd30ecb24631acfea0f28b8211dfc0

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shei.ju.mp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date: Tue, 17 Oct 2023 04:01:54 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-dropbox-request-id: de5a851db56941c9a65dd0d9c8e4f8c5
x-dropbox-response-origin: far_remote
content-disposition: inline; filename="glenplayer07.js"; filename*=UTF-8''glenplayer07.js
pragma: public
server: envoy
x-server-response-time: 407
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noimageindex

Redirect headers

content-security-policy: sandbox
date: Tue, 17 Oct 2023 04:01:54 GMT
content-encoding: gzip
accept-encoding: identity,gzip
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-type: text/html; charset=utf-8
location: https://dl.dropboxusercontent.com/s/brdv4yv2iaigjmp/glenplayer07.js
x-dropbox-request-id: 101f57d3e85e4121a6f580b10e2c1bff
cache-control: no-cache
x-dropbox-response-origin: far_remote
x-robots-tag: noindex, nofollow, noimageindex

GET
H2 200 / Show response
www5.cbox.ws/box/ Frame 5936 12 KB
4 KB 50ms
9ms Document
text/html 195.201.153.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.cbox.ws/box/?boxid=940698&boxtag=LH8X2Q
Requested by: Host: shei.ju.mp
URL: https://shei.ju.mp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.153.71 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.71.153.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 69732ff006036a24564739639634d230d25a0dde4834c36e1e5b497e7c80071c

Request headers

Referer: https://shei.ju.mp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=60
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 17 Oct 2023 04:01:54 GMT
last-modified: Fri, 16 Jun 2023 02:12:54 GMT
p3p: CP="NOI DSP COR NID CURa OUR NOR"
server: nginx
x-cache: MISS

GET
H2 200 Edu1x4q.jpg
i.imgur.com/ 56 KB
57 KB 47ms
8ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Edu1x4q.jpg

Requested by

Host: shei.ju.mp
URL: https://shei.ju.mp/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

774da877b8c2ee33aa74e8f947a0085144a9c4f55bafa3b585ae7e5416e00559

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shei.ju.mp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 04:01:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 1792207
x-cache: Miss from cloudfront, HIT, HIT
content-length: 57456
x-served-by: cache-iad-kiad7000172-IAD, cache-fra-etou8220114-FRA
last-modified: Wed, 24 Aug 2022 14:08:33 GMT
server: cat factory 1.0
x-timer: S1697515314.282544,VS0,VE1
etag: "0c83a0b016ca566091816f8e8a8752f3"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -pXb1_8pMf2cF0EMrJe-ejxKZBvX87A9izvnfA1xaovr6Ma2fJLRPQ==
x-cache-hits: 18, 1

GET
DATA 200
OK truncated
/ 346 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5f143b8313a4bbb052d777d1e6ba805436665133944c9a642fab50132795dd1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 263 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55ddfcf02e6c3537c8b561b6ca0226aa82e46c9d570552152272044f1bf9967f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2

200

Nintendo-DS-BIOS.ttf
dl.dropboxusercontent.com/s/8w4sembeqyz4rsq/
Redirect Chain

https://dl.dropbox.com/s/8w4sembeqyz4rsq/Nintendo-DS-BIOS.ttf
https://dl.dropboxusercontent.com/s/8w4sembeqyz4rsq/Nintendo-DS-BIOS.ttf

22 KB
23 KB

536ms
526ms

Font
application/octet-stream

2620:100:6017:15::a27d:20f
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.dropboxusercontent.com/s/8w4sembeqyz4rsq/Nintendo-DS-BIOS.ttf

Requested by

Host: shei.ju.mp
URL: https://shei.ju.mp/

Protocol

Server

2620:100:6017:15::a27d:20f , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

cf30f591e0da4a1381cfcce3af33be9a1fecbcb2a8925877f8c69506f3be0c76

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shei.ju.mp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date: Tue, 17 Oct 2023 04:01:54 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-dropbox-request-id: 64641f6f671f431e8a644221a6991056
x-dropbox-response-origin: far_remote
content-disposition: inline; filename="Nintendo-DS-BIOS.ttf"; filename*=UTF-8''Nintendo-DS-BIOS.ttf
content-length: 22556
pragma: public
server: envoy
etag: 1647485123633820n
x-server-response-time: 285
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noimageindex

Redirect headers

content-security-policy: sandbox
date: Tue, 17 Oct 2023 04:01:54 GMT
content-encoding: gzip
accept-encoding: identity,gzip
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://dl.dropboxusercontent.com/s/8w4sembeqyz4rsq/Nintendo-DS-BIOS.ttf
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: no-cache
x-dropbox-response-origin: far_remote
x-robots-tag: noindex, nofollow, noimageindex
x-dropbox-request-id: 260596b477f849c28960076742b325b5

GET
H2

200

ROMANTIC.TTF
dl.dropboxusercontent.com/s/xggwcxb6mlf6pwq/
Redirect Chain

https://dl.dropbox.com/s/xggwcxb6mlf6pwq/ROMANTIC.TTF
https://dl.dropboxusercontent.com/s/xggwcxb6mlf6pwq/ROMANTIC.TTF

57 KB
57 KB

1486ms
1477ms

Font
application/octet-stream

2620:100:6017:15::a27d:20f
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.dropboxusercontent.com/s/xggwcxb6mlf6pwq/ROMANTIC.TTF

Requested by

Host: shei.ju.mp
URL: https://shei.ju.mp/

Protocol

Server

2620:100:6017:15::a27d:20f , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

321e8265234f6a885d93a2d20dcc3d2b1bac8252f351bbf8732f697fe9978e94

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shei.ju.mp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date: Tue, 17 Oct 2023 04:01:54 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-dropbox-request-id: 28b9bd9d59da47c3a7ca1bac18d017e4
x-dropbox-response-origin: far_remote
content-disposition: inline; filename="ROMANTIC.TTF"; filename*=UTF-8''ROMANTIC.TTF
content-length: 57996
pragma: public
server: envoy
etag: 1625904392372544n
x-server-response-time: 360
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noimageindex

Redirect headers

content-security-policy: sandbox
date: Tue, 17 Oct 2023 04:01:54 GMT
content-encoding: gzip
accept-encoding: identity,gzip
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://dl.dropboxusercontent.com/s/xggwcxb6mlf6pwq/ROMANTIC.TTF
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: no-cache
x-dropbox-response-origin: far_remote
x-robots-tag: noindex, nofollow, noimageindex
x-dropbox-request-id: 10c7f46416c94e71b0b219caa8c22ab8

GET
H2

200

pc-9800.ttf
dl.dropboxusercontent.com/s/q6te1rmeglfy4bf/
Redirect Chain

https://dl.dropbox.com/s/q6te1rmeglfy4bf/pc-9800.ttf
https://dl.dropboxusercontent.com/s/q6te1rmeglfy4bf/pc-9800.ttf

2 MB
2 MB

684ms
674ms

Font
application/octet-stream

2620:100:6017:15::a27d:20f
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.dropboxusercontent.com/s/q6te1rmeglfy4bf/pc-9800.ttf

Requested by

Host: shei.ju.mp
URL: https://shei.ju.mp/

Protocol

Server

2620:100:6017:15::a27d:20f , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

ef8a08868d2d279aac1f3d646899c574775b1b8d692de54f1de08722eded7333

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shei.ju.mp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date: Tue, 17 Oct 2023 04:01:54 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-dropbox-request-id: 8a7b7cf6b5c44589b56dee19232622ff
x-dropbox-response-origin: far_remote
content-disposition: inline; filename="pc-9800.ttf"; filename*=UTF-8''pc-9800.ttf
content-length: 1915728
pragma: public
server: envoy
etag: 1656474971172458n
x-server-response-time: 331
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noimageindex

Redirect headers

content-security-policy: sandbox
date: Tue, 17 Oct 2023 04:01:54 GMT
content-encoding: gzip
accept-encoding: identity,gzip
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://dl.dropboxusercontent.com/s/q6te1rmeglfy4bf/pc-9800.ttf
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: no-cache
x-dropbox-response-origin: far_remote
x-robots-tag: noindex, nofollow, noimageindex
x-dropbox-request-id: 2ac0bb96e7c84ff2a17ecc2ba563e374

GET
H2 200 /
www5.cbox.ws/box/ Frame 5936 17 KB
5 KB 10ms
9ms Stylesheet
text/css 195.201.153.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.cbox.ws/box/?boxid=940698&boxtag=LH8X2Q&sec=css&theme=7&v=1674174143&h=ff04eb4b
Requested by: Host: www5.cbox.ws
URL: https://www5.cbox.ws/box/?boxid=940698&boxtag=LH8X2Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.153.71 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.71.153.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 805abcc9aa45d741ff196868c90af978ed698806d889020c20af5c2b045b9e92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www5.cbox.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 04:01:54 GMT
content-encoding: gzip
server: nginx
x-cache: MISS
p3p: CP="NOI DSP COR NID CURa OUR NOR"
content-type: text/css;charset=UTF-8
cache-control: public, max-age=10368000
expires: Wed, 14 Feb 2024 04:01:54 GMT

GET
H2 200 jsc_10_1662968291.js Show response
static.cbox.ws/jsc/ Frame 5936 76 KB
26 KB 59ms
20ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cbox.ws/jsc/jsc_10_1662968291.js
Requested by: Host: www5.cbox.ws
URL: https://www5.cbox.ws/box/?boxid=940698&boxtag=LH8X2Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee9be91699ff4cf58c547b83514c18568a274bfa1a5e63726714798cf33fc4a0

Request headers

Referer: https://www5.cbox.ws/
Origin: https://www5.cbox.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 04:01:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22294179
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Sep 2022 07:38:20 GMT
server: cloudflare
etag: W/"631ee1ec-64a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsaHYZ0iqToOs7r%2BuCPeYrkhoS5wxC8Snu0mePUSmaz9WjFS2jnssWv9NcdSQfUiBx%2BGKhHyhFwlUrwdzhJbUS5ODCT%2FFzKLRujYDu7gUwhInbwTBVSIk%2FtTPs6ol69vXcTmSHQP6qKF9FP43A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8175a49a9cb1382c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontawesome-webfont.woff2
static.cbox.ws/fonts/ Frame 5936 70 KB
71 KB 19ms
19ms Font
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cbox.ws/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www5.cbox.ws
URL: https://www5.cbox.ws/box/?boxid=940698&boxtag=LH8X2Q&sec=css&theme=7&v=1674174143&h=ff04eb4b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://www5.cbox.ws/
Origin: https://www5.cbox.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 04:01:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22293849
alt-svc: h3=":443"; ma=86400
content-length: 71896
last-modified: Fri, 29 Jul 2016 08:15:26 GMT
server: cloudflare
etag: "579b109e-118d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xG1sNYn4wBXNbTcInSft3fRJ9N55lwvvRplfASDBIwY6uXnjt2cOhcg9ZirFSCU236zhEuG3ajWeg97WsZr%2FuJ%2Fd7%2BpP5gPLKRBMW0a9hL5CyerBy1l5KP02K9p2JWxKaLraKRQfDdS2WWREg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8175a49a9cb5382c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 5936 198 B
0 Image
image/x-icon

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7f556737034e1f62f52cae62a87cfb2b8b4ce81cafc6ac89cf5a094c8c38d23

Request headers

Referer: https://www5.cbox.ws/
Origin: https://www5.cbox.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/x-icon

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 34ms
11ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shei.ju.mp
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 09:56:40 GMT
x-content-type-options: nosniff
age: 583515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Oct 2024 09:56:40 GMT

GET
H2 204 / Show response
www5.cbox.ws/box/ Frame 5936 0
87 B 7ms
6ms XHR
text/plain 195.201.153.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.cbox.ws/box/?sec=relayreg&boxid=940698&boxtag=LH8X2Q&_v=1063&cid=1697&chash=901903058&m=ws
Requested by: Host: static.cbox.ws
URL: https://static.cbox.ws/jsc/jsc_10_1662968291.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.153.71 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.71.153.201.195.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www5.cbox.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 04:01:57 GMT
server: nginx
x-cache: MISS
p3p: CP="NOI DSP COR NID CURa OUR NOR"

GET
H2 200 / Show response
www5.cbox.ws/box/ Frame 5936 17 B
195 B 7ms
6ms XHR
text/html 195.201.153.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.cbox.ws/box/?sec=ar&boxid=940698&boxtag=LH8X2Q&_v=1063&p=18
Requested by: Host: static.cbox.ws
URL: https://static.cbox.ws/jsc/jsc_10_1662968291.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.153.71 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.71.153.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 3ad73136fec8fd4fc3e21cba6f12c02fc215862e9d7e5eea4f8b290cec390bbe

Request headers

Accept: */*
Referer: https://www5.cbox.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 17 Oct 2023 04:01:57 GMT
cache-control: no-store, no-cache
content-encoding: gzip
server: nginx
x-cache: MISS
p3p: CP="NOI DSP COR NID CURa OUR NOR"

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dropboxusercontent.com/	1969-12-31 23:59:59	Name: uc_session Value: 5StlSrjFSHY01RBcNH22foSEyt2caT4tieUDBbNibznq13OXZXkvQ5W24LazwPdZ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
dl.dropbox.com
dl.dropboxusercontent.com
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
shei.ju.mp
static.cbox.ws
www5.cbox.ws
104.18.32.215
146.75.120.193
172.64.155.41
195.201.153.71
2620:100:6017:15::a27d:20f
2a00:1450:4001:813::200a
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
2a06:98c1:3121::3
2b075045371024380d87763c2201b64b8fb535d91991f83f89c615bb21f17989
321e8265234f6a885d93a2d20dcc3d2b1bac8252f351bbf8732f697fe9978e94
3ad73136fec8fd4fc3e21cba6f12c02fc215862e9d7e5eea4f8b290cec390bbe
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
55ddfcf02e6c3537c8b561b6ca0226aa82e46c9d570552152272044f1bf9967f
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
69732ff006036a24564739639634d230d25a0dde4834c36e1e5b497e7c80071c
774da877b8c2ee33aa74e8f947a0085144a9c4f55bafa3b585ae7e5416e00559
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
805abcc9aa45d741ff196868c90af978ed698806d889020c20af5c2b045b9e92
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8b03d3e3dae1c5d81420fc1540052e6ef19a75205c535af6bc73ae904a8078e0
999d162032c4296df93623fba73bcc6532dd30ecb24631acfea0f28b8211dfc0
cf30f591e0da4a1381cfcce3af33be9a1fecbcb2a8925877f8c69506f3be0c76
def294c13330c9be0d7138cd0863933269e77094b3e3e600b7dd4e907513604d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f143b8313a4bbb052d777d1e6ba805436665133944c9a642fab50132795dd1
e7f556737034e1f62f52cae62a87cfb2b8b4ce81cafc6ac89cf5a094c8c38d23
ee9be91699ff4cf58c547b83514c18568a274bfa1a5e63726714798cf33fc4a0
ef8a08868d2d279aac1f3d646899c574775b1b8d692de54f1de08722eded7333
f931c78869d307ac71dcfb712a0e8e68b1b0f0fa2ab6fd266571e3e080f5dba1
fd6b2243f67e20fbc42c198e4c3fcba9a903306b3e0c1e93b936cf53c731cc7b

shei.ju.mp Open in urlscan Pro 104.18.32.215 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

79 %HTTPS

56 %IPv6

7 Domains

9 Subdomains

9 IPs

3 Countries

2318 kBTransfer

2542 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

1 Cookies

Indicators

shei.ju.mp Open in urlscan Pro
104.18.32.215 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

79 %
HTTPS

56 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

2318 kB
Transfer

2542 kB
Size

1
Cookies

19 HTTP transactions
3 data transactions