urlscan.io logo urlscan.io
SecurityTrails logo

order.mypost.kz Open in urlscan Pro
188.72.91.134  Public Scan

Go To Rescan Add Verdict Report
URL: https://order.mypost.kz/
Submission: On August 12 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 6 domains to perform 18 HTTP transactions. The main IP is 188.72.91.134, located in Kazakhstan and belongs to SMARTCITIES-AS, KZ. The main domain is order.mypost.kz.
TLS certificate: Issued by R10 on August 12th 2024. Valid for: 3 months.
This is the only time order.mypost.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 188.72.91.134 208356 (SMARTCITI...)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a02:6b8::274 13238 (YANDEX)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:6b8:20::215 13238 (YANDEX)
18 6
9    188.72.91.134 (Kazakhstan)

ASN208356 (SMARTCITIES-AS, KZ)
order.mypost.kz
api.mypost.kz
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    2a02:6b8::274 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
api-maps.yandex.ru
2    2606:4700::6811:f8cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
yastatic.net
Apex Domain
Subdomains		 Transfer
9 mypost.kz
order.mypost.kz
api.mypost.kz
68 KB
5 yandex.ru
api-maps.yandex.ru — Cisco Umbrella Rank: 29605
15 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1314
9 KB
1 yastatic.net
yastatic.net — Cisco Umbrella Rank: 4613
677 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
31 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
6 KB
18 6
Domain Requested by
6 order.mypost.kz order.mypost.kz
5 api-maps.yandex.ru order.mypost.kz
3 api.mypost.kz ajax.googleapis.com
2 unpkg.com 1 redirects order.mypost.kz
1 yastatic.net api-maps.yandex.ru
1 ajax.googleapis.com order.mypost.kz
1 cdnjs.cloudflare.com order.mypost.kz
18 7

This site contains links to these domains. Also see Links.

Domain
www.mypost.kz
Subject Issuer Validity Valid
order.mypost.kz
R10		 2024-08-12 -
2024-11-10		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
api-maps.yandex.ru
GlobalSign RSA OV SSL CA 2018		 2024-05-07 -
2024-10-31		 6 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2024-07-09 -
2025-02-08		 7 months crt.sh
api.mypost.kz
R11		 2024-06-21 -
2024-09-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://order.mypost.kz/
Frame ID: 3EC8E96EAB3A52BA84E25A834F2BE256
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Регистрация заказа

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

94 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

6
IPs

5
Countries

805 kB
Transfer

3379 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://unpkg.com/react-yandex-maps/dist/production/react-yandex-maps.umd.js HTTP 302
  • https://unpkg.com/react-yandex-maps@4.6.0/dist/production/react-yandex-maps.umd.js

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
order.mypost.kz/ 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://order.mypost.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.72.91.134 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),
Reverse DNS
Software
nginx /
Resource Hash
80ec373fa7c45666eeae495b2e12a5d9c26d83483125cae6f19946a2171c46ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Allow-Headers,Access-Control-Max-Age,Vary,Content-Security-Policy,Content-Security-Policy-Report-Only,Report-To,X-XSS-Protection,Strict-Transport-Security,X-Content-Type-Options,Referrer-Policy,X-Frame-Options,Permissions-Policy,Expect-CT,sign
access-control-allow-methods
GET, POST, OPTIONS
access-control-expose-headers
Content-Length,Content-Range,sign
cache-control
no-store
content-disposition
inline; filename="index.html"
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 12 Aug 2024 20:06:05 GMT
etag
"815fc2907dc781ffc5870cfdcd0b19ea5e25d291"
expect-ct
max-age=86400, enforce
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://kassa24.report-uri.com/a/d/g"}],"include_subdomains":true}
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: order.mypost.kz
URL: https://order.mypost.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://order.mypost.kz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 20:06:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
359124
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vI9kI9NNGSHSUAJQrzfvbPT5zL8tA%2BF0LC4VjwSAcxmex6N6KaQEhBJ%2B1AGPAK5xof8JeL8Nt3JZl0zW4uHibiwJBd4Mt6%2F65p8%2BBbZZI9ExUQjXLLQVy0ujFBpSvsosv8r%2FMDz%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b23157cf9a71e4b-FRA
expires
Sat, 02 Aug 2025 20:06:05 GMT
main.abf62098.chunk.css
order.mypost.kz/static/css/ 		4 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://order.mypost.kz/static/css/main.abf62098.chunk.css
Requested by
Host: order.mypost.kz
URL: https://order.mypost.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.72.91.134 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),
Reverse DNS
Software
nginx /
Resource Hash
945cd324fc782467d99e4a847ae5c01678e531c27a06a3462c58dadc5344bcea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://order.mypost.kz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 20:06:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-disposition
inline; filename="main.abf62098.chunk.css"
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
"6e555645d00a71aba905078ffa9b7b357163a8ac"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css; charset=utf-8
x-frame-options
SAMEORIGIN
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://kassa24.report-uri.com/a/d/g"}],"include_subdomains":true}
access-control-expose-headers
Content-Length,Content-Range,sign
cache-control
no-store
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Allow-Headers,Access-Control-Max-Age,Vary,Content-Security-Policy,Content-Security-Policy-Report-Only,Report-To,X-XSS-Protection,Strict-Transport-Security,X-Content-Type-Options,Referrer-Policy,X-Frame-Options,Permissions-Policy,Expect-CT,sign
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: order.mypost.kz
URL: https://order.mypost.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://order.mypost.kz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 02:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
495410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 02:29:15 GMT
/
api-maps.yandex.ru/2.1/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-maps.yandex.ru/2.1/?lang=ru-RU&apikey=644ed413-e8e5-48dc-b4e7-1c7809d1add5
Requested by
Host: order.mypost.kz
URL: https://order.mypost.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::274 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
35dd5cfdd609fb97d64b78aafa4440a0a4f4e67f3c440d5dd289074f17125f54
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://order.mypost.kz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 20:06:05 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
content-disposition
attachment; filename=json.txt
x-req-id
1723493165730574-10607643840711324168-dhd2ixtxzdivotzm-BAL
timing-allow-origin
*
x-xss-protection
1; mode=block
x-start-time
1723493165730574
react-yandex-maps.umd.js
unpkg.com/react-yandex-maps@4.6.0/dist/production/
Redirect Chain
  • https://unpkg.com/react-yandex-maps/dist/production/react-yandex-maps.umd.js
  • https://unpkg.com/react-yandex-maps@4.6.0/dist/production/react-yandex-maps.umd.js
25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-yandex-maps@4.6.0/dist/production/react-yandex-maps.umd.js
Requested by
Host: order.mypost.kz
URL: https://order.mypost.kz/
Protocol
H2
Server
2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db4b46fda22b356d82e24e947d3f0cd815e2f670addc2723901d8301e8247b9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://order.mypost.kz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 20:06:05 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
329024
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J4T9C7K6N4R1B55JGY0M4BBK-fra
server
cloudflare
etag
"642a-W7b+mH3ZKrHBS9Z/jJYgsfskfOU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8b23157e6e296951-FRA

Redirect headers

date
Mon, 12 Aug 2024 20:06:05 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
EXPIRED
fly-request-id
01J5435AHT66MSA9H0302V51FV-fra
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/react-yandex-maps@4.6.0/dist/production/react-yandex-maps.umd.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
8b23157d0cb36951-FRA
runtime-main.873415f1.js
order.mypost.kz/static/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://order.mypost.kz/static/js/runtime-main.873415f1.js
Requested by
Host: order.mypost.kz
URL: https://order.mypost.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.72.91.134 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),
Reverse DNS
Software
nginx /
Resource Hash
0ebe2c3a20889cb0e8f955bc7ff14ed9e57f8da6af922114840c1dd32111ad93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://order.mypost.kz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 20:06:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-disposition
inline; filename="runtime-main.873415f1.js"
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
"2571fbc2145e36159cd4b64fd1a198e68d6d6f95"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://kassa24.report-uri.com/a/d/g"}],"include_subdomains":true}
access-control-expose-headers
Content-Length,Content-Range,sign
cache-control
no-store
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Allow-Headers,Access-Control-Max-Age,Vary,Content-Security-Policy,Content-Security-Policy-Report-Only,Report-To,X-XSS-Protection,Strict-Transport-Security,X-Content-Type-Options,Referrer-Policy,X-Frame-Options,Permissions-Policy,Expect-CT,sign
2.e8537143.chunk.js
order.mypost.kz/static/js/ 		128 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://order.mypost.kz/static/js/2.e8537143.chunk.js
Requested by
Host: order.mypost.kz
URL: https://order.mypost.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.72.91.134 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),
Reverse DNS
Software
nginx /
Resource Hash
5ca3f602ba5783753b29f6445719bce36012631b786bc0899478778730041730
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://order.mypost.kz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 20:06:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-disposition
inline; filename="2.e8537143.chunk.js"
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
"74be60105e710da3442ce0a30a0f8857e06d6372"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://kassa24.report-uri.com/a/d/g"}],"include_subdomains":true}
access-control-expose-headers
Content-Length,Content-Range,sign
cache-control
no-store
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Allow-Headers,Access-Control-Max-Age,Vary,Content-Security-Policy,Content-Security-Policy-Report-Only,Report-To,X-XSS-Protection,Strict-Transport-Security,X-Content-Type-Options,Referrer-Policy,X-Frame-Options,Permissions-Policy,Expect-CT,sign
main.72fa2a9a.chunk.js
order.mypost.kz/static/js/ 		634 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://order.mypost.kz/static/js/main.72fa2a9a.chunk.js
Requested by
Host: order.mypost.kz
URL: https://order.mypost.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.72.91.134 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),
Reverse DNS
Software
nginx /
Resource Hash
d8b021c6924978bd90a94ff7a1702f92d2448e1b479daa248afcd16be2e31237
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://order.mypost.kz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 20:06:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
inline; filename="main.72fa2a9a.chunk.js"
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
W/"d4450f704d8070218f4f9d81cbcbc784179b7da9"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://kassa24.report-uri.com/a/d/g"}],"include_subdomains":true}
access-control-expose-headers
Content-Length,Content-Range,sign
cache-control
no-store
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Allow-Headers,Access-Control-Max-Age,Vary,Content-Security-Policy,Content-Security-Policy-Report-Only,Report-To,X-XSS-Protection,Strict-Transport-Security,X-Content-Type-Options,Referrer-Policy,X-Frame-Options,Permissions-Policy,Expect-CT,sign
full-d4970f46344c5e9889e597ed64f3cc18926d2def.js
yastatic.net/s3/front-maps-static/maps-front-jsapi-v2-1/2.1.79-14537383/build/release/ 		3 MB
677 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/front-maps-static/maps-front-jsapi-v2-1/2.1.79-14537383/build/release/full-d4970f46344c5e9889e597ed64f3cc18926d2def.js
Requested by
Host: api-maps.yandex.ru
URL: https://api-maps.yandex.ru/2.1/?lang=ru-RU&apikey=644ed413-e8e5-48dc-b4e7-1c7809d1add5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
5be52b8ace2049852350873d5df155182a61ef057f28cdae37b94aac73bdabaf
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://order.mypost.kz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:13:51 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
last-modified
Wed, 31 Jul 2024 11:28:57 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag
W/"15d5e6e1f1eec1c19584eda5587fda1f"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
eb4b6b74834e330b
timing-allow-origin
*
expires
Wed, 13 Aug 2025 01:55:18 GMT
constants
api.mypost.kz/map_api/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mypost.kz/map_api/constants
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.72.91.134 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),
Reverse DNS
Software
nginx /
Resource Hash
d9760209efa94f0cfa6cfb8b32c4dc57b5df918f7129dddecc9d1323944bd7ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://order.mypost.kz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 20:06:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://order.mypost.kz
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://kassa24.report-uri.com/a/d/g"}],"include_subdomains":true}
access-control-expose-headers
Content-Length,Content-Range
x-frame-options
SAMEORIGIN
cache-control
no-store
access-control-allow-headers
*
map_api
api.mypost.kz/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mypost.kz/map_api
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.72.91.134 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),
Reverse DNS
Software
nginx /
Resource Hash
8267cf33d17b6268f3d135ace280e6160d2f96ee551482f9224dbf189bb31f2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://order.mypost.kz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 12 Aug 2024 20:06:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://order.mypost.kz
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://kassa24.report-uri.com/a/d/g"}],"include_subdomains":true}
access-control-expose-headers
Content-Length,Content-Range
x-frame-options
SAMEORIGIN
cache-control
no-store
access-control-allow-headers
*
constants
api.mypost.kz/map_api/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mypost.kz/map_api/constants
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.72.91.134 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),
Reverse DNS
Software
nginx /
Resource Hash
d9760209efa94f0cfa6cfb8b32c4dc57b5df918f7129dddecc9d1323944bd7ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://order.mypost.kz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 20:06:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://order.mypost.kz
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://kassa24.report-uri.com/a/d/g"}],"include_subdomains":true}
access-control-expose-headers
Content-Length,Content-Range
x-frame-options
SAMEORIGIN
cache-control
no-store
access-control-allow-headers
*
favicon.ico
order.mypost.kz/ 		34 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://order.mypost.kz/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.72.91.134 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),
Reverse DNS
Software
nginx /
Resource Hash
35e63a098e059999a73f2a97c881e91a13cc39f3d7c0c6889c82f6f161f85d04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://order.mypost.kz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 20:06:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-disposition
inline; filename="favicon.ico"
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
"4729c4db55fc8e21141815f9f0005bc4be88889a"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/x-icon
x-frame-options
SAMEORIGIN
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://kassa24.report-uri.com/a/d/g"}],"include_subdomains":true}
access-control-expose-headers
Content-Length,Content-Range,sign
cache-control
no-store
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Allow-Headers,Access-Control-Max-Age,Vary,Content-Security-Policy,Content-Security-Policy-Report-Only,Report-To,X-XSS-Protection,Strict-Transport-Security,X-Content-Type-Options,Referrer-Policy,X-Frame-Options,Permissions-Policy,Expect-CT,sign
grab.cur
api-maps.yandex.ru/2.1.79/build/release/images/cursor/ 		326 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/grab.cur
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::274 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1

Request headers

Referer
https://order.mypost.kz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-start-time
1723493167802999
date
Mon, 12 Aug 2024 20:06:07 GMT
last-modified
Wed, 31 Jul 2024 11:29:09 GMT
etag
"66aa2005-146"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-req-id
1723493167802999-6490726038921921496-dhd2ixtxzdivotzm-BAL
accept-ranges
bytes
content-length
326
expires
Thu, 31 Dec 2037 23:55:55 GMT
grabbing.cur
api-maps.yandex.ru/2.1.79/build/release/images/cursor/ 		326 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/grabbing.cur
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::274 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f

Request headers

Referer
https://order.mypost.kz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-start-time
1723493167803234
date
Mon, 12 Aug 2024 20:06:07 GMT
last-modified
Wed, 31 Jul 2024 11:29:09 GMT
etag
"66aa2005-146"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-req-id
1723493167803234-8506891178998462844-dhd2ixtxzdivotzm-BAL
accept-ranges
bytes
content-length
326
expires
Thu, 31 Dec 2037 23:55:55 GMT
help.cur
api-maps.yandex.ru/2.1.79/build/release/images/cursor/ 		326 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/help.cur
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::274 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f

Request headers

Referer
https://order.mypost.kz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-start-time
1723493167803403
date
Mon, 12 Aug 2024 20:06:07 GMT
last-modified
Wed, 31 Jul 2024 11:29:09 GMT
etag
"66aa2005-146"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-req-id
1723493167803403-3637273961291040027-dhd2ixtxzdivotzm-BAL
accept-ranges
bytes
content-length
326
expires
Thu, 31 Dec 2037 23:55:55 GMT
zoom_in.cur
api-maps.yandex.ru/2.1.79/build/release/images/cursor/ 		326 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/zoom_in.cur
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::274 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872

Request headers

Referer
https://order.mypost.kz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-start-time
1723493167803534
date
Mon, 12 Aug 2024 20:06:07 GMT
last-modified
Wed, 31 Jul 2024 11:29:09 GMT
etag
"66aa2005-146"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-req-id
1723493167803534-15692942665808260081-dhd2ixtxzdivotzm-BAL
accept-ranges
bytes
content-length
326
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| ymaps object| ReactYandexMaps object| postpoints object| constants object| request string| city_id object| city string| type_id function| selectTown function| selectType function| selectAllDay function| selectWorkTime function| updatePostpointsList function| updateMap function| getData function| setDivisionId function| choosePostpoint object| request2 function| init function| selectTown2 function| checkAddress function| get function| send_form object| webpackJsonpmypost-registration-landing

2 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: i
Value: 70eMXZS65IS420zrE0E+1uRmjOVnVRUq4n8nP/OLX/pyaRmucsPyvn8DbdRa0IkG8zJVty+QYZYIaYLIPBY7PEUmHNA=
.yandex.ru/ Name: yandexuid
Value: 583952941723493165

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block