Submitted URL: http://info-reschedule-parcel.com/
Effective URL: https://evri.package-reschedule-info.com/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On November 27 via api from IT — Scanned from IT

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 172.67.189.203, located in United States and belongs to CLOUDFLARENET, US. The main domain is evri.package-reschedule-info.com.
TLS certificate: Issued by WE1 on November 26th 2024. Valid for: 3 months.
This is the only time evri.package-reschedule-info.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.203.200 13335 (CLOUDFLAR...)
5 172.67.189.203 13335 (CLOUDFLAR...)
1 104.18.94.41 13335 (CLOUDFLAR...)
1 104.18.95.41 13335 (CLOUDFLAR...)
9 4
Apex Domain
Subdomains
Transfer
5 package-reschedule-info.com
evri.package-reschedule-info.com
71 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3147
16 KB
1 info-reschedule-parcel.com
info-reschedule-parcel.com
891 B
9 3
Domain Requested by
5 evri.package-reschedule-info.com evri.package-reschedule-info.com
2 challenges.cloudflare.com evri.package-reschedule-info.com
challenges.cloudflare.com
1 info-reschedule-parcel.com 1 redirects
9 3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
package-reschedule-info.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh
challenges.cloudflare.com
WE1
2024-11-03 -
2025-02-01
3 months crt.sh

This page contains 2 frames:

Primary Page: https://evri.package-reschedule-info.com/
Frame ID: 9B10B4B9E481EB13DF098CF35D1F7E98
Requests: 6 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/uqp02/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/normal/auto/
Frame ID: BF063A4CC57F91DEC698DC8BE3F346EC
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Ci siamo quasi…

Page URL History Show full URLs

  1. http://info-reschedule-parcel.com/ HTTP 307
    https://info-reschedule-parcel.com/ HTTP 301
    https://evri.package-reschedule-info.com/ Page URL

Page Statistics

9
Requests

78 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

87 kB
Transfer

182 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://info-reschedule-parcel.com/ HTTP 307
    https://info-reschedule-parcel.com/ HTTP 301
    https://evri.package-reschedule-info.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
evri.package-reschedule-info.com/
Redirect Chain
  • http://info-reschedule-parcel.com/
  • https://info-reschedule-parcel.com/
  • https://evri.package-reschedule-info.com/
10 KB
8 KB
Document
General
Full URL
https://evri.package-reschedule-info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.189.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d7be2c212aaccc6de156e32ed12dceb2d0d2ff4a03fc3097b059fba2faebb61
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
/uuSSEEVx6+3VmLqqI0/mSjr5++ogqV7nzxzUdy7IRsS7qgcdFKMvrNDspLaSWieVaJeRrhM++nTT7EaUkm7YAxXom2fzAtFMjc3YtUvDSmDTp9baO87ZDB5NkW9G9D3aRnyj+OJ9AXO8eCfCSO3HA==$bd0JdFvQQzkW/xrCmmWaoQ==
cf-mitigated
challenge
cf-ray
8e93a052ffc99f48-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Wed, 27 Nov 2024 16:52:01 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4d9061nXPJ1YmRufA2cqxsJvQkExEXNZUrk35GSvquhYJdk7JSxK7Hvy5RJ1k%2F3jlqIPKqlWJvHWXGnGAs52O2XbOtzB7LqWAQBHJriydev%2BHr9wr9NPx4p90ZKnHt3YbBu15R7DR6esUjFCMgUVwEjr3g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=33672&min_rtt=32753&rtt_var=14121&sent=7&recv=7&lost=0&retrans=0&sent_bytes=3949&recv_bytes=2301&delivery_rate=96339&cwnd=252&unsent_bytes=0&cid=c1fbb174c9712915&ts=531&x=0"
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e93a0491de6d2cf-FRA
content-type
text/html; charset=iso-8859-1
date
Wed, 27 Nov 2024 16:51:59 GMT
location
https://evri.package-reschedule-info.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8KGd1PXkUClQgTSwtGOloaEZ5GiLGPjlRQTwckPAotHKJOj%2FV3fy66NMHZ0Z%2BV8ep9pRTcNG%2F9fOWGoVa4nrHJEKLc%2B9%2FuhdKWZc2g92QnOcrxjEfrTugiy3D1AxWb6k4Rv0WXMUYvDJwVlM%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=26395&min_rtt=25988&rtt_var=10560&sent=7&recv=7&lost=0&retrans=0&sent_bytes=3938&recv_bytes=2264&delivery_rate=132107&cwnd=245&unsent_bytes=0&cid=a315345cfcc98bd4&ts=380&x=0"
v1
evri.package-reschedule-info.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/
97 KB
39 KB
Script
General
Full URL
https://evri.package-reschedule-info.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8e93a052ffc99f48
Requested by
Host: evri.package-reschedule-info.com
URL: https://evri.package-reschedule-info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.189.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d83b91fa5bbf3dcc738aca8e9ac0e8e27c8dd64e6bb94536fe1876c1b3fafd21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://evri.package-reschedule-info.com/?__cf_chl_rt_tk=ViHdP3pd4Ii3ItH0qXTSgqUoGqZG8cuYJOvk1oIAq8E-1732726321-1.0.1.1-7IWIsQNT8Z9ty1qbA0cMimJNkODQ_Ay_DDeKJSf9QQg

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0F7JjhJ6j3ihKc3%2B5Smu93syDaU%2BqLh5z%2FC8mYxQtsdi%2FHnn6fEJMiFdCuwzThjgoYihNoAfoR53pinR31Lmjr2Qz2Ff6jv%2Fnc3JGTuwIGQUBqSFGD5fEw9WqqEg1SyPVj%2BgS4By11iuoWEi9HxDDxKMIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e93a054895f9f48-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=27110&min_rtt=21006&rtt_var=5907&sent=20&recv=17&lost=0&retrans=0&sent_bytes=12828&recv_bytes=2588&delivery_rate=449756&cwnd=257&unsent_bytes=0&cid=c1fbb174c9712915&ts=783&x=0"
date
Wed, 27 Nov 2024 16:52:01 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
7560abf6-6f80-45c3-873d-ce090aeb6c67
https://evri.package-reschedule-info.com/ Frame
0
0

api.js
challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/
47 KB
16 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/api.js?onload=sLNwD4&render=explicit
Requested by
Host: evri.package-reschedule-info.com
URL: https://evri.package-reschedule-info.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8e93a052ffc99f48
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c61e2e1347b9aca3d8f0c9725490470651a1f6c02841ff71f90305ea391ca6d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://evri.package-reschedule-info.com
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8e93a0592f37bb5c-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 16:52:02 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 21 Nov 2024 17:58:42 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
evri.package-reschedule-info.com/
7 KB
7 KB
Image
General
Full URL
https://evri.package-reschedule-info.com/favicon.ico
Requested by
Host: evri.package-reschedule-info.com
URL: https://evri.package-reschedule-info.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.189.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19cd80ef6360c35ff0d98bec7716e554c97a3d733187c7be5278ee81bc4935e8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://evri.package-reschedule-info.com/

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BbnTLT6tyLI2ML5H4Kiml8wOyRA6RdsOXbHGLeYop5A2160Tg7Epu0hu%2BwAGNZ3L0QX9CwTeotD23tZOp8gEiD9WnEaHNMjsRtFGNVg2Q836CkjR%2BphW24CBrI1Ulv%2F83XbNxyJHIsVQrIqHGwphqS9nSw%3D%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=33187&min_rtt=21006&rtt_var=4615&sent=56&recv=27&lost=0&retrans=0&sent_bytes=53214&recv_bytes=2736&delivery_rate=1242144&cwnd=257&unsent_bytes=0&cid=c1fbb174c9712915&ts=996&x=0"
x-content-options
nosniff
date
Wed, 27 Nov 2024 16:52:01 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
Ar99qqAmHNcHDGn7I+ZyX/JV6GObV6sAUS8dk41VZC9Ss2SiFVSR9qUo7HQKI3oX7JtD6iWHe02ZasrKYKTOJrCaMdMBz5WfBcCo5YPxmp+2iNgXAiaqIc6+h5jsr2NOymA1MuTDMkSJiqeejFDsSA==$RTWB6/HBpKcB+2tcLXbuNQ==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8e93a055dae99f48-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
9PpQnlAR7.HpYpq3ry1.HVShlkRL19DSnnzXcqck_Gg-1732726321-1.2.1.1-mVu1RofoAwAssMuP1wa1.07k2lF3.PEUIm26Q6TyJa3vWECMrmO4W0I2JorejG8x
evri.package-reschedule-info.com/cdn-cgi/challenge-platform/h/b/flow/ov1/56067874:1732723971:Rwp6hG19wi9jfNohQe9Su8n-Qtzdmd7in5MBjRXrZYk/8e93a052ffc99f48/
13 KB
9 KB
XHR
General
Full URL
https://evri.package-reschedule-info.com/cdn-cgi/challenge-platform/h/b/flow/ov1/56067874:1732723971:Rwp6hG19wi9jfNohQe9Su8n-Qtzdmd7in5MBjRXrZYk/8e93a052ffc99f48/9PpQnlAR7.HpYpq3ry1.HVShlkRL19DSnnzXcqck_Gg-1732726321-1.2.1.1-mVu1RofoAwAssMuP1wa1.07k2lF3.PEUIm26Q6TyJa3vWECMrmO4W0I2JorejG8x
Requested by
Host: evri.package-reschedule-info.com
URL: https://evri.package-reschedule-info.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8e93a052ffc99f48
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.189.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f24392dd0317da7bf5f198b5ea8958a42845b8abc40634ddac1e5b6a8fdee36

Request headers

Referer
https://evri.package-reschedule-info.com/
CF-Chl-RetryAttempt
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
9PpQnlAR7.HpYpq3ry1.HVShlkRL19DSnnzXcqck_Gg-1732726321-1.2.1.1-mVu1RofoAwAssMuP1wa1.07k2lF3.PEUIm26Q6TyJa3vWECMrmO4W0I2JorejG8x

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=43K6MzP%2BO2MIVa9aaiejN9n8Q3xTUzeEKJz2EPEJ3PUwamstdO34wsVkHIgz6MrR7tlmUXVqHiwnrRKLl8RUtZYwq3dKa0yRAxJseKIzwgyTigEHhwPNJRVplmKbfSzLxndy2p4r3ucplqw6URhdMIK4QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e93a056abb39f48-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=36676&min_rtt=21006&rtt_var=11711&sent=63&recv=32&lost=0&retrans=0&sent_bytes=59089&recv_bytes=6497&delivery_rate=1242144&cwnd=257&unsent_bytes=0&cid=c1fbb174c9712915&ts=1138&x=0"
date
Wed, 27 Nov 2024 16:52:01 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
5X6CRVrg+g4k6AaQsHolq4cx+g+hea6WQfjYOQFEUwoYoc4Hhcr9ycNjFKsMEDWukfesxpaLw7w=$wLzWDW1072QHGbU/
server
cloudflare
000b471f-4749-4cbd-bd81-fb0c1fc185d0
https://evri.package-reschedule-info.com/ Frame
0
0

/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/uqp02/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/normal/auto/ Frame BF06
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/uqp02/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/api.js?onload=sLNwD4&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8e93a0633d7f9739-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 27 Nov 2024 16:52:03 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
favicon.ico
evri.package-reschedule-info.com/
7 KB
7 KB
Other
General
Full URL
https://evri.package-reschedule-info.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.189.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e68451083f4cc8beff9dafca5dc97afc85540b432741330cc2cd2555cd13eb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://evri.package-reschedule-info.com/

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AusgjJ5fhoS%2Fn1GIkF%2FnCDvH6Si9HitoP%2FNruW5%2FpLDhLSIw2Jye4P0ITMPvr3Bq3KKVzPWetdZNP01EynqO%2Fq6vnbjjWkDLG%2FDCNFc29ERYuhystQ5oN73VZGH0O1Er0EMT9aftc28UEPrb8sffz6v9PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=37925&min_rtt=21006&rtt_var=5343&sent=72&recv=37&lost=0&retrans=0&sent_bytes=68920&recv_bytes=6556&delivery_rate=1242144&cwnd=257&unsent_bytes=0&cid=c1fbb174c9712915&ts=3692&x=0"
x-content-options
nosniff
date
Wed, 27 Nov 2024 16:52:04 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
JgsDNoCKSqMJEtjJzM2jYKg4HF5ggkwv1vXyjLz014968zF3YcJlMFxIxZawLbjLbL0Xxq395k2LvS/4NmtjEQARkCMy/nCtahy27E+KQSMJpWVLo/vwO091gQSyouH1vjP6AEhlHmdpc1TCIkot/A==$O2XGE1n7oMx93553VPJwyQ==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8e93a066bce69f48-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
evri.package-reschedule-info.com
URL
blob:https://evri.package-reschedule-info.com/7560abf6-6f80-45c3-873d-ce090aeb6c67
Domain
evri.package-reschedule-info.com
URL
blob:https://evri.package-reschedule-info.com/000b471f-4749-4cbd-bd81-fb0c1fc185d0

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| UguGN4 function| LnvX8 function| sLNwD4 boolean| YlpT0 function| tfuh3 function| NxVm3 function| dYcI7 function| Hccvv8 function| LCNDU2 object| TpWxk7 object| unnYa3 object| EwpyK3 number| iDah3 object| angular object| uQyOK5 function| _ string| IXFVy3 object| turnstile boolean| fTUn6 boolean| QkNZe0

0 Cookies

3 Console Messages

Source Level URL
Text
network error URL: https://evri.package-reschedule-info.com/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://evri.package-reschedule-info.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://evri.package-reschedule-info.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN