urlscan.io logo urlscan.io
SecurityTrails logo

dhlpost-hcm.com Open in urlscan Pro
2606:4700:3034::681f:4cce  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dhlpost-hcm.com/
Effective URL: http://dhlpost-hcm.com/
Submission: On December 15 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3034::681f:4cce, located in United States and belongs to CLOUDFLARENET, US. The main domain is dhlpost-hcm.com.
This is the only time dhlpost-hcm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700:3034::681f:4cce (United States)

ASN13335 (CLOUDFLARENET, US)
dhlpost-hcm.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2606:4700::6812:d44 (United States)

ASN13335 (CLOUDFLARENET, US)
w.ladicdn.com
2    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2606:4700:3036::6812:2b05 (United States)

ASN13335 (CLOUDFLARENET, US)
uhchat.net
1    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
img.youtube.com
2    52.74.211.60 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-211-60.ap-southeast-1.compute.amazonaws.com
a.ladipage.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
Domain Requested by
12 fonts.gstatic.com fonts.googleapis.com
6 w.ladicdn.com dhlpost-hcm.com
3 www.youtube.com dhlpost-hcm.com
www.youtube.com
3 uhchat.net dhlpost-hcm.com
uhchat.net
2 a.ladipage.com w.ladicdn.com
2 dhlpost-hcm.com 1 redirects
1 img.youtube.com dhlpost-hcm.com
1 fonts.googleapis.com dhlpost-hcm.com
29 8

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
ladicdn.com
Cloudflare Inc ECC CA-3		 2020-07-13 -
2021-07-13		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-31 -
2021-07-31		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
a.ladipage.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh

This page contains 3 frames:

Primary Page: http://dhlpost-hcm.com/
Frame ID: 86748DCAF825669861B23AD23D7A1744
Requests: 26 HTTP requests in this frame

Frame: https://www.youtube.com/embed/o82eFkglZIw?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=http%3A%2F%2Fdhlpost-hcm.com&widgetid=1
Frame ID: EC05D9382767154506ED79489A72FA0D
Requests: 1 HTTP requests in this frame

Frame: https://uhchat.net/chat/?f=bea454&title=Chuy%E1%BB%83n%20ph%C3%A1t%20nhanh%20qu%E1%BB%91c%20t%E1%BA%BF%20DHL&parent=http%3A%2F%2Fdhlpost-hcm.com%2F&ref=
Frame ID: D6DA268E64BF87B7C16A6AF8B676BCFD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://dhlpost-hcm.com/ HTTP 301
    http://dhlpost-hcm.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

29
Requests

97 %
HTTPS

90 %
IPv6

7
Domains

8
Subdomains

10
IPs

3
Countries

412 kB
Transfer

780 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dhlpost-hcm.com/ HTTP 301
    http://dhlpost-hcm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • http://www.youtube.com/iframe_api HTTP 307
  • https://www.youtube.com/iframe_api

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
dhlpost-hcm.com/
Redirect Chain
  • https://dhlpost-hcm.com/
  • http://dhlpost-hcm.com/
128 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://dhlpost-hcm.com/
Protocol
HTTP/1.1
Server
2606:4700:3034::681f:4cce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e7a793464defd0adb5a4c91369ddc2ab3980dc065227820cee394d5e53c1a0b

Request headers

Host
dhlpost-hcm.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Dec 2020 16:41:28 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d15e7cf410f8d18ce9e9ccbd63d9a0be21608050488; expires=Thu, 14-Jan-21 16:41:28 GMT; path=/; domain=.dhlpost-hcm.com; HttpOnly; SameSite=Lax
Last-Modified
Tue, 15 Dec 2020 16:37:09 GMT
Vary
Accept-Encoding,User-Agent
CF-Cache-Status
DYNAMIC
cf-request-id
0708e04bf20000d6f908a48000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cvtLXC3FN%2F9y%2F2soMmJlJAXlXJUg0H3uBiEez0tt7%2F3wvCkkzz%2FIAji45oSIuTNjcoqHsL%2BmFTOB5vO%2F6TwiavtN35678J1L%2BiSjV7CZBQC2coKzzg6HdYBNdP4%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
60219cbfed81d6f9-FRA
Content-Encoding
gzip

Redirect headers

date
Tue, 15 Dec 2020 16:41:28 GMT
cache-control
max-age=3600
expires
Tue, 15 Dec 2020 17:41:28 GMT
location
http://dhlpost-hcm.com/
cf-request-id
0708e04bdb0000becee61dd000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GA%2Bxr1llbL5etsTMxIMPAGOphK4oUN8RQj69RYA%2FGc5DHzPwsW3Sl2F1132Px6srvMR8jauF26LLT8wnZApiz5zTtxRiI6llT3RIoElDBtVY7MyUDDzFKE2DziU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
60219cbfbce5bece-FRA
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
Requested by
Host: dhlpost-hcm.com
URL: http://dhlpost-hcm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba7dcb34a3bcdee6f6c2117b5c56ccd5924d424474a92f0c85724db9e5daa5db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://dhlpost-hcm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Dec 2020 16:41:28 GMT
server
ESF
date
Tue, 15 Dec 2020 16:41:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Dec 2020 16:41:28 GMT
ladipage.min.js
w.ladicdn.com/v2/source/ 		161 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.min.js?v=1597625884710
Requested by
Host: dhlpost-hcm.com
URL: http://dhlpost-hcm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4767941352236765874172123cdb590f4aa39097a1b669f274abaab9ef3a36d

Request headers

Referer
http://dhlpost-hcm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 16:41:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3130803
cf-request-id
0708e04dee00002c22d8bf5000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
60219cc31a3a2c22-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Wed, 15 Dec 2021 16:41:28 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://dhlpost-hcm.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 22:46:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:15 GMT
server
sffe
age
64499
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13612
x-xss-protection
0
expires
Tue, 14 Dec 2021 22:46:29 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://dhlpost-hcm.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 13:46:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
269704
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Sun, 12 Dec 2021 13:46:24 GMT
JTURjIg1_i6t8kCHKm45_dJE3gfD_vx3rCubqg.woff2
fonts.gstatic.com/s/montserrat/v15/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gfD_vx3rCubqg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6ab3030d183b34f72eb6751332d6e6ecbd334b31bfe01703e8936115db8318a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://dhlpost-hcm.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 20:32:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:26 GMT
server
sffe
age
245331
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11576
x-xss-protection
0
expires
Sun, 12 Dec 2021 20:32:38 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://dhlpost-hcm.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 19:41:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
507592
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 09 Dec 2021 19:41:37 GMT
ladipage.min.css
w.ladicdn.com/v2/source/ 		65 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.min.css?v=1597625884710
Requested by
Host: dhlpost-hcm.com
URL: http://dhlpost-hcm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dd542f56448c468d96d554d8015420ef092debb0eae9ac5adca061cb129887e

Request headers

Referer
http://dhlpost-hcm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 16:41:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3322980
cf-request-id
0708e04ebb00002c228ead4000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
60219cc45dbc2c22-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Wed, 15 Dec 2021 16:41:29 GMT
code.php
uhchat.net/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uhchat.net/code.php?f=bea454
Requested by
Host: dhlpost-hcm.com
URL: http://dhlpost-hcm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6812:2b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edd0ec1e410d4f7c64f5baf26424bc4c53bf79931581576c797a53e2b5a9de45

Request headers

Referer
http://dhlpost-hcm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id
0708e04ee3000097fc2c238000000001
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
date
Tue, 15 Dec 2020 16:41:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=afa%2Br7AR88BZg8AJnrRPcjrLp48qsbJjMjTmYWTzrccOxPwZQbB%2F3LavZIrUN%2FKYbJRUpIn9rR4%2F%2BmaW4E0785eievMR58RlNmULqMzqOqNysdTtr5hN"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
60219cc499b497fc-FRA
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://dhlpost-hcm.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:20:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
602464
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 08 Dec 2021 17:20:25 GMT
mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v18/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://dhlpost-hcm.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 09:58:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
110576
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7292
x-xss-protection
0
expires
Tue, 14 Dec 2021 09:58:33 GMT
KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://dhlpost-hcm.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 18:56:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:46 GMT
server
sffe
age
251120
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8024
x-xss-protection
0
expires
Sun, 12 Dec 2021 18:56:09 GMT
mem5YaGs126MiZpBA-UN7rgOXOhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v18/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOXOhpKKSTj5PW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35327bcecf226f1e75d221cf9b537d5d8a127dd1e38298cc4596bcf638f6071a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://dhlpost-hcm.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 10:44:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:25 GMT
server
sffe
age
107811
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7208
x-xss-protection
0
expires
Tue, 14 Dec 2021 10:44:38 GMT
28698909_10155333814845334_6813261848107805201_o-20200417025307-1-20200816202256.jpg
w.ladicdn.com/s1440x838/5e953b2d00d83c726c8ae4ff/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s1440x838/5e953b2d00d83c726c8ae4ff/28698909_10155333814845334_6813261848107805201_o-20200417025307-1-20200816202256.jpg
Requested by
Host: dhlpost-hcm.com
URL: http://dhlpost-hcm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
520887574a50098d47d23f279cfeff32742636d78dc630d527775ac7cfce6cf2

Request headers

Referer
http://dhlpost-hcm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 16:41:29 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-max-age
2592000
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
60219cc4bed52c22-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-request-id
0708e04ef500002c22d3845000000001
expires
Wed, 15 Dec 2021 16:41:29 GMT
dhl-png-dhl-png-489-removebg-preview-20200817020938.png
w.ladicdn.com/s600x400/5e953b2d00d83c726c8ae4ff/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s600x400/5e953b2d00d83c726c8ae4ff/dhl-png-dhl-png-489-removebg-preview-20200817020938.png
Requested by
Host: dhlpost-hcm.com
URL: http://dhlpost-hcm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8707e6f8fb95ea9b70c913041dd49fbf73e12d6e378eebae8f42b69819ed675b

Request headers

Referer
http://dhlpost-hcm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 16:41:29 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
access-control-max-age
2592000
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
60219cc4bed92c22-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-request-id
0708e04ef500002c22c7354000000001
expires
Wed, 15 Dec 2021 16:41:29 GMT
hqdefault.jpg
img.youtube.com/vi/o82eFkglZIw/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/o82eFkglZIw/hqdefault.jpg
Requested by
Host: dhlpost-hcm.com
URL: http://dhlpost-hcm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbfe68ea9bae753e79c693b39704cbe2eb3835c7f971aa3ebf145f5530bf02d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://dhlpost-hcm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 16:41:29 GMT
x-content-type-options
nosniff
server
sffe
etag
"1501499061"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33062
x-xss-protection
0
expires
Tue, 15 Dec 2020 18:41:29 GMT
hotline-khaosatnhatrang-1-1557984656-20200224153907.gif
w.ladicdn.com/5c7dcff7faab435340e10e42/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/5c7dcff7faab435340e10e42/hotline-khaosatnhatrang-1-1557984656-20200224153907.gif
Requested by
Host: dhlpost-hcm.com
URL: http://dhlpost-hcm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebda42751080696229dfb1c026ffe545076144892aea7a1c756b97a0dfeecae3

Request headers

Referer
http://dhlpost-hcm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 16:41:29 GMT
vary
Accept
cf-cache-status
HIT
age
1678723
cf-polished
origFmt=gif, origSize=107055
content-disposition
inline; filename="hotline-khaosatnhatrang-1-1557984656-20200224153907.webp"
cf-request-id
0708e04ef600002c22b036c000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
60219cc4beda2c22-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Wed, 15 Dec 2021 16:41:29 GMT
JTURjIg1_i6t8kCHKm45_dJE3gbD_vx3rCubqg.woff2
fonts.gstatic.com/s/montserrat/v15/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gbD_vx3rCubqg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b73900d6286b2b4310ca64f2c462a38c8f645d42e6147cf89784da1329b9391e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://dhlpost-hcm.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 12:16:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:53 GMT
server
sffe
age
102301
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3736
x-xss-protection
0
expires
Tue, 14 Dec 2021 12:16:28 GMT
mem8YaGs126MiZpBA-UFWp0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v18/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFWp0bf8pkAp6a.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5bc4f2d9e78ed7161722678a992ec9875bd4faaefcb7b692e12b80015cbb1a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://dhlpost-hcm.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 09:16:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:24 GMT
server
sffe
age
285928
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3628
x-xss-protection
0
expires
Sun, 12 Dec 2021 09:16:01 GMT
KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6742ec1271dff587e859a90ce7e4bee26cfd60625f5bb95325650c6b04afda8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://dhlpost-hcm.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 18:09:28 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:45 GMT
server
sffe
age
513121
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3384
x-xss-protection
0
expires
Thu, 09 Dec 2021 18:09:28 GMT
mem5YaGs126MiZpBA-UN7rgOXehpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v18/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOXehpKKSTj5PW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c21c5b1826e4747f5acd01b837b53e61071a40e24ee7e6d5d00e2b76ef8e69ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://dhlpost-hcm.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular|Roboto:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Dec 2020 01:15:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:37 GMT
server
sffe
age
228338
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3768
x-xss-protection
0
expires
Mon, 13 Dec 2021 01:15:51 GMT
event
a.ladipage.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Protocol
H2
Server
52.74.211.60 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-211-60.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,ladi_camp_form_submit,ladi_camp_form_submit_daily,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_page_view_daily,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_form_submit_daily,ladi_page_view,ladi_page_view_daily
Origin
http://dhlpost-hcm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 15 Dec 2020 16:41:29 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
x-xss-protection
0
x-content-type-options
nosniff
x-download-options
noopen
access-control-allow-origin
*
access-control-allow-methods
POST, OPTIONS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-max-age
0
vary
Accept-Encoding
content-encoding
gzip
event
a.ladipage.com/ 		34 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.min.js?v=1597625884710
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.211.60 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-211-60.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
3d76fe1e75f481e292584b0f353d337af4f28673c9b28c4d0cffa8c5a8d98d9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

LADI_CLIENT_ID
LADI_PAGE_VIEW_DAILY
0
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT_DAILY
0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT
0
LADI_CAMP_TYPE
LADI_CAMP_FORM_SUBMIT_DAILY
0
LADI_CAMP_PAGE_VIEW_DAILY
0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
LADI_FORM_SUBMIT
0
LADI_CAMP_NAME
Content-Type
application/json
Referer
http://dhlpost-hcm.com/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW
0
LADI_PAGE_VIEW
0

Response headers

date
Tue, 15 Dec 2020 16:41:29 GMT
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-max-age
0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection
0
iframe_api
www.youtube.com/
Redirect Chain
  • http://www.youtube.com/iframe_api
  • https://www.youtube.com/iframe_api
810 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: dhlpost-hcm.com
URL: http://dhlpost-hcm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c8fb505da62f684bb72f6b9d5b9aecd163fce1dbffdbf7670c4846afadd0cbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://dhlpost-hcm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 16:41:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 15 Dec 2020 16:41:29 GMT

Redirect headers

Location
https://www.youtube.com/iframe_api
Non-Authoritative-Reason
HSTS
www-widgetapi.js
www.youtube.com/s/player/62f90c99/www-widgetapi.vflset/ 		101 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/62f90c99/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: http://www.youtube.com/iframe_api
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cb8c3c4d3322268dfaf6f5c319ee9df40bed545bbf145863555d34438304842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://dhlpost-hcm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 11:38:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 01:17:39 GMT
server
sffe
age
18170
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36949
x-xss-protection
0
expires
Wed, 15 Dec 2021 11:38:39 GMT
o82eFkglZIw
www.youtube.com/embed/ Frame EC05 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/o82eFkglZIw?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=http%3A%2F%2Fdhlpost-hcm.com&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/62f90c99/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/o82eFkglZIw?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=http%3A%2F%2Fdhlpost-hcm.com&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://dhlpost-hcm.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
YSC=pBpoYl8wOTU; VISITOR_INFO1_LIVE=6rQetsx0wN8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://dhlpost-hcm.com/

Response headers

content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
no-cache
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
expires
Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options
nosniff
content-length
20879
date
Tue, 15 Dec 2020 16:41:29 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
GPS=1; path=/; domain=.youtube.com; expires=Tue, 15-Dec-2020 17:11:29 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
uhchat.net/chat/ Frame D6DA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://uhchat.net/chat/?f=bea454&title=Chuy%E1%BB%83n%20ph%C3%A1t%20nhanh%20qu%E1%BB%91c%20t%E1%BA%BF%20DHL&parent=http%3A%2F%2Fdhlpost-hcm.com%2F&ref=
Requested by
Host: uhchat.net
URL: https://uhchat.net/code.php?f=bea454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6812:2b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
uhchat.net
:scheme
https
:path
/chat/?f=bea454&title=Chuy%E1%BB%83n%20ph%C3%A1t%20nhanh%20qu%E1%BB%91c%20t%E1%BA%BF%20DHL&parent=http%3A%2F%2Fdhlpost-hcm.com%2F&ref=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://dhlpost-hcm.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=7385544902a7ef69b52a267987f10b2b2e26aec0-1608050489-1800-AZloowr3OAO1OLiPou0Mh5g5g2un2FCnTy4SB6fbxp/AANC1oTTy7YllKECbG4ZxYxpwsRejJTg2+q8w/1CebLg=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://dhlpost-hcm.com/

Response headers

date
Tue, 15 Dec 2020 16:41:30 GMT
content-type
text/html
set-cookie
__cfduid=d54658580ded535698bb266b075ce41121608050489; expires=Thu, 14-Jan-21 16:41:29 GMT; path=/; domain=.uhchat.net; HttpOnly; SameSite=Lax thoigianvaobea454=1608050489; expires=Wed, 16-Dec-2020 16:41:29 GMT; path=/chat; SameSite=None; Secure chattudongbea454=1608050489; expires=Tue, 15-Dec-2020 17:41:29 GMT; path=/chat; SameSite=None; Secure
expires
Sat, 01 Jan 2005 00:00:00 GMT
last-modified
Tue, 15 Dec 2020 16:41:29GMT
cache-control
no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0708e050b0000097fcfea03000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fDQ4WHn7dBc93vR0EJgvX2CistMlzzVnp%2Beau0J%2BaXi4M5lSy5lH4gP3VStXtRZll1l5GS4Rj4hQu2nfiTpI%2FIFeGpyJ04AghnM3GRzO%2BWod1jGvnZVv"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
60219cc77ae797fc-FRA
content-encoding
br
chat-11.png
uhchat.net/themes/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uhchat.net/themes/chat-11.png
Requested by
Host: dhlpost-hcm.com
URL: http://dhlpost-hcm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6812:2b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2454d27adafe5b2e2d50f17466ea8ca384780db7b847eabf71c74bcceedb19a

Request headers

Referer
http://dhlpost-hcm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 16:41:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3670961
content-length
7784
cf-request-id
0708e050b0000097fc0d907000000001
last-modified
Mon, 18 Jul 2016 03:54:30 GMT
server
cloudflare
etag
"578c52f6-1e68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JgMAWCO7i56MlmvMeH1wrZBQ8ajY19OSujaeNS%2BvsiHFdKC2wZkyL8sGsGDIjpX4QXr4f66nUGzBGO%2F60ePQ6kRZRO2UFIaVzCLsLG6pkOne7nqKV8jm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
60219cc77ae897fc-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ladipage-loader.svg
w.ladicdn.com/source/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/source/ladipage-loader.svg
Requested by
Host: dhlpost-hcm.com
URL: http://dhlpost-hcm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb0f4f1048a7e5faefe33b00d44afd7ee3ff9bb1ebfea98295021a1be4439f4a

Request headers

Referer
http://dhlpost-hcm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 16:41:32 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3583986
cf-request-id
0708e05ddb00002c227b2e5000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
60219cdc9c002c22-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Wed, 15 Dec 2021 16:41:32 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| ladi_viewport boolean| ladi_is_desktop function| LadiPageScriptV2 object| Base64 object| LadiPageScript object| LadiFormApi function| parseFloatLadiPage function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| LadiPageLibraryV2 function| LadiPageAppV2 function| ladi object| LadiPageApp function| onYouTubeIframeAPIReady string| scriptUrl object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey function| getuhchatCookie function| setuhchatCookie number| vitridau function| uhchatClick boolean| uhchatduplicate

2 Cookies

Domain/Path Name / Value
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: WehX6QZjtU0
.youtube.com/ Name: YSC
Value: naCfArs-4UM

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
dhlpost-hcm.com
fonts.googleapis.com
fonts.gstatic.com
img.youtube.com
uhchat.net
w.ladicdn.com
www.youtube.com
2606:4700:3034::681f:4cce
2606:4700:3036::6812:2b05
2606:4700::6812:d44
2a00:1450:4001:801::200e
2a00:1450:4001:802::200a
2a00:1450:4001:808::200e
2a00:1450:4001:815::200e
2a00:1450:4001:81e::2003
2a00:1450:4001:825::2003
52.74.211.60
0dd542f56448c468d96d554d8015420ef092debb0eae9ac5adca061cb129887e
35327bcecf226f1e75d221cf9b537d5d8a127dd1e38298cc4596bcf638f6071a
3d76fe1e75f481e292584b0f353d337af4f28673c9b28c4d0cffa8c5a8d98d9d
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
520887574a50098d47d23f279cfeff32742636d78dc630d527775ac7cfce6cf2
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e7a793464defd0adb5a4c91369ddc2ab3980dc065227820cee394d5e53c1a0b
6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1
6742ec1271dff587e859a90ce7e4bee26cfd60625f5bb95325650c6b04afda8d
6c8fb505da62f684bb72f6b9d5b9aecd163fce1dbffdbf7670c4846afadd0cbd
7cb8c3c4d3322268dfaf6f5c319ee9df40bed545bbf145863555d34438304842
8707e6f8fb95ea9b70c913041dd49fbf73e12d6e378eebae8f42b69819ed675b
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
b4767941352236765874172123cdb590f4aa39097a1b669f274abaab9ef3a36d
b5bc4f2d9e78ed7161722678a992ec9875bd4faaefcb7b692e12b80015cbb1a5
b73900d6286b2b4310ca64f2c462a38c8f645d42e6147cf89784da1329b9391e
ba7dcb34a3bcdee6f6c2117b5c56ccd5924d424474a92f0c85724db9e5daa5db
bb0f4f1048a7e5faefe33b00d44afd7ee3ff9bb1ebfea98295021a1be4439f4a
bbfe68ea9bae753e79c693b39704cbe2eb3835c7f971aa3ebf145f5530bf02d4
c21c5b1826e4747f5acd01b837b53e61071a40e24ee7e6d5d00e2b76ef8e69ff
c2454d27adafe5b2e2d50f17466ea8ca384780db7b847eabf71c74bcceedb19a
c6ab3030d183b34f72eb6751332d6e6ecbd334b31bfe01703e8936115db8318a
ebda42751080696229dfb1c026ffe545076144892aea7a1c756b97a0dfeecae3
edd0ec1e410d4f7c64f5baf26424bc4c53bf79931581576c797a53e2b5a9de45
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4