www.il-post-incident.com Open in urlscan Pro
45.131.187.253 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.il-post-incident.com/
Effective URL:
https://www.il-post-incident.com/US/index0.php
Submission: On July 31 via automatic, source certstream-suspicious (July 31st 2022, 4:11:51 pm UTC) — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 45.131.187.253, located in Zug, Switzerland and belongs to UP-NETWORK UP-NETWORK SWITZERLAND, FR. The main domain is www.il-post-incident.com.
TLS certificate: Issued by R3 on July 31st 2022. Valid for: 3 months.

This is the only time www.il-post-incident.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 18	45.131.187.253 45.131.187.253	211851 (UP-NETWOR...) (UP-NETWORK UP-NETWORK SWITZERLAND)
5	2606:4700:303... 2606:4700:3032::6815:1e29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	107.154.76.162 107.154.76.162	19551 (INCAPSULA) (INCAPSULA)
21	3

18 45.131.187.253 (Zug, Switzerland) 3 redirects

ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR)
PTR: myrdp.gg

www.il-post-incident.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3032::6815:1e29 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.154.76.162 (District Heights, United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.76.162.ip.incapdns.net

www.seur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	il-post-incident.com 3 redirects www.il-post-incident.com	197 KB
5	fontawesome.com ka-f.fontawesome.com — Cisco Umbrella Rank: 4402	171 KB
1	seur.com www.seur.com — Cisco Umbrella Rank: 544512	970 B
21	3

	Domain	Requested by
18	www.il-post-incident.com	3 redirects www.il-post-incident.com
5	ka-f.fontawesome.com	www.il-post-incident.com
1	www.seur.com	www.il-post-incident.com
21	3

This site contains no links.

Subject Issuer	Validity	Valid
il-post-incident.com R3	`2022-07-31` - `2022-10-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-12` - `2022-09-11`	a year	crt.sh
*.seur.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-24` - `2023-05-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.il-post-incident.com/US/index0.php
Frame ID: 49255A9CCAA3EB4AABBB5ABA364554FB
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | דואר ישראל

Page URL History Show full URLs

https://www.il-post-incident.com/ HTTP 302
https://www.il-post-incident.com/US HTTP 301
https://www.il-post-incident.com/US/ HTTP 302
https://www.il-post-incident.com/US/index0.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

369 kB
Transfer

876 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.il-post-incident.com/ HTTP 302
https://www.il-post-incident.com/US HTTP 301
https://www.il-post-incident.com/US/ HTTP 302
https://www.il-post-incident.com/US/index0.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index0.php Show response www.il-post-incident.com/US/ Redirect Chain https://www.il-post-incident.com/ https://www.il-post-incident.com/US https://www.il-post-incident.com/US/ https://www.il-post-incident.com/US/index0.php	100 KB 21 KB	255ms 254ms	Document text/html	45.131.187.253 UP-NETWORK UP-NET...
General Check archive.org Show headers Download Go to Full URL https://www.il-post-incident.com/US/index0.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR), Reverse DNS myrdp.gg Software nginx / PHP/8.0.21 PleskLin Resource Hash `69574b536cf105f8c4d00f5b13ca9e85fb924473b1a88e6f2e7db55014ea2666` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 20841 content-type text/html; charset=UTF-8 date Sun, 31 Jul 2022 16:11:27 GMT server nginx vary Accept-Encoding x-powered-by PHP/8.0.21 PleskLin Redirect headers content-length 0 content-type text/html; charset=UTF-8 date Sun, 31 Jul 2022 16:11:27 GMT location index0.php server nginx x-powered-by PHP/8.0.21 PleskLin
GET H2	200	font-awesome.min.css www.il-post-incident.com/US/index0_files/	30 KB 7 KB	43ms 38ms	Stylesheet text/css	45.131.187.253 UP-NETWORK UP-NET...
General Check archive.org Show headers Download Go to Full URL https://www.il-post-incident.com/US/index0_files/font-awesome.min.css Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR), Reverse DNS myrdp.gg Software nginx / PleskLin Resource Hash `799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd` Request headers accept-language de-DE,de;q=0.9 Referer https://www.il-post-incident.com/US/index0.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:27 GMT content-encoding br etag W/"6190957a-7918" last-modified Sun, 14 Nov 2021 04:50:02 GMT server nginx x-powered-by PleskLin content-type text/css
GET H2	200	bootstrap.min.css www.il-post-incident.com/US/index0_files/	141 KB 18 KB	50ms 45ms	Stylesheet text/css	45.131.187.253 UP-NETWORK UP-NET...
General Check archive.org Show headers Download Go to Full URL https://www.il-post-incident.com/US/index0_files/bootstrap.min.css Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR), Reverse DNS myrdp.gg Software nginx / PleskLin Resource Hash `2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d` Request headers Referer https://www.il-post-incident.com/US/index0.php Origin https://www.il-post-incident.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:27 GMT content-encoding br etag W/"6190957a-235ed" last-modified Sun, 14 Nov 2021 04:50:02 GMT server nginx x-powered-by PleskLin content-type text/css
GET H2	200	style_001.css www.il-post-incident.com/US/index0_files/	3 KB 895 B	50ms 46ms	Stylesheet text/css	45.131.187.253 UP-NETWORK UP-NET...
General Check archive.org Show headers Download Go to Full URL https://www.il-post-incident.com/US/index0_files/style_001.css Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR), Reverse DNS myrdp.gg Software nginx / PleskLin Resource Hash `73c5b987dc4fdfe03adbfff9da83e0dc4882024c7160f8e513ef6a4d42323c80` Request headers accept-language de-DE,de;q=0.9 Referer https://www.il-post-incident.com/US/index0.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:27 GMT content-encoding br etag W/"6190957a-bbd" last-modified Sun, 14 Nov 2021 04:50:02 GMT server nginx x-powered-by PleskLin content-type text/css
GET H2	200	style_002.css www.il-post-incident.com/US/index0_files/	1011 B 603 B	50ms 46ms	Stylesheet text/css	45.131.187.253 UP-NETWORK UP-NET...
General Check archive.org Show headers Download Go to Full URL https://www.il-post-incident.com/US/index0_files/style_002.css Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR), Reverse DNS myrdp.gg Software nginx / PleskLin Resource Hash `28499a9d74006949b0bb06d6a63efd15efb392bb923f37393ed477e8d7b4dab0` Request headers accept-language de-DE,de;q=0.9 Referer https://www.il-post-incident.com/US/index0.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:27 GMT content-encoding gzip etag "3f3-5d0b86cd4d280-gzip" last-modified Sun, 14 Nov 2021 04:50:02 GMT server nginx x-powered-by PleskLin vary Accept-Encoding content-type text/css x-accel-version 0.01 accept-ranges bytes content-length 396
GET H2	200	style_003.css www.il-post-incident.com/US/index0_files/	3 KB 697 B	50ms 47ms	Stylesheet text/css	45.131.187.253 UP-NETWORK UP-NET...
General Check archive.org Show headers Download Go to Full URL https://www.il-post-incident.com/US/index0_files/style_003.css Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR), Reverse DNS myrdp.gg Software nginx / PleskLin Resource Hash `e398d4a1a9f653dc7e28d806d4bcaf26828b13fbd74760e30a6f2de99d1ad6e6` Request headers accept-language de-DE,de;q=0.9 Referer https://www.il-post-incident.com/US/index0.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:27 GMT content-encoding br etag W/"6190957a-ba2" last-modified Sun, 14 Nov 2021 04:50:02 GMT server nginx x-powered-by PleskLin content-type text/css
GET H2	200	jquery.min.js.download Show response www.il-post-incident.com/US/index0_files/	87 KB 30 KB	74ms 72ms	Script application/javascript	45.131.187.253 UP-NETWORK UP-NET...
General Check archive.org Show headers Download Go to Full URL https://www.il-post-incident.com/US/index0_files/jquery.min.js.download Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR), Reverse DNS myrdp.gg Software nginx / PleskLin Resource Hash `f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d` Request headers accept-language de-DE,de;q=0.9 Referer https://www.il-post-incident.com/US/index0.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:27 GMT content-encoding br etag W/"6190957a-15d84" last-modified Sun, 14 Nov 2021 04:50:02 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	00ce2dd051.js.download Show response www.il-post-incident.com/US/index0_files/	11 KB 4 KB	80ms 78ms	Script application/javascript	45.131.187.253 UP-NETWORK UP-NET...
General Check archive.org Show headers Download Go to Full URL https://www.il-post-incident.com/US/index0_files/00ce2dd051.js.download Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR), Reverse DNS myrdp.gg Software nginx / PleskLin Resource Hash `4367016f60a976393d945ce8ef5aec56a5a9efddeb87be53118383e4821f787b` Request headers Referer https://www.il-post-incident.com/US/index0.php Origin https://www.il-post-incident.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:27 GMT content-encoding br etag W/"6190957a-2a71" last-modified Sun, 14 Nov 2021 04:50:02 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	iconregistro.png www.il-post-incident.com/US/index0_files/	690 B 859 B	39ms 37ms	Image image/png	45.131.187.253 UP-NETWORK UP-NET...
General Check archive.org Show headers Download Go to Show image Full URL https://www.il-post-incident.com/US/index0_files/iconregistro.png Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR), Reverse DNS myrdp.gg Software nginx / PleskLin Resource Hash `74f8f3583825566b1d2235d4324f179fb8d9ef7001cfb7e3d147cd4867514559` Request headers accept-language de-DE,de;q=0.9 Referer https://www.il-post-incident.com/US/index0.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:27 GMT etag "2b2-5d0b86cd4d280" last-modified Sun, 14 Nov 2021 04:50:02 GMT server nginx x-powered-by PleskLin content-type image/png x-accel-version 0.01 accept-ranges bytes content-length 690
GET H2	200	separadortop.png www.il-post-incident.com/US/index0_files/	97 B 264 B	38ms 37ms	Image image/png	45.131.187.253 UP-NETWORK UP-NET...
General Check archive.org Show headers Download Go to Show image Full URL https://www.il-post-incident.com/US/index0_files/separadortop.png Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR), Reverse DNS myrdp.gg Software nginx / PleskLin Resource Hash `044b69c2166262f61d2dbd4bb073af205c8dd16511aef56eee98e7377c90a6f1` Request headers accept-language de-DE,de;q=0.9 Referer https://www.il-post-incident.com/US/index0.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:27 GMT etag "61-5d0b86cd4d280" last-modified Sun, 14 Nov 2021 04:50:02 GMT server nginx x-powered-by PleskLin content-type image/png x-accel-version 0.01 accept-ranges bytes content-length 97
GET H2	404	logo.png www.il-post-incident.com/US/index0_files/	271 B 271 B	39ms 38ms	Image text/html	45.131.187.253 UP-NETWORK UP-NET...
General Check archive.org Show headers Download Go to Show image Full URL https://www.il-post-incident.com/US/index0_files/logo.png Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR), Reverse DNS myrdp.gg Software nginx / Resource Hash `817495e5c1916337ed0360dad1b2dcbe86667e91ecc1e08b41741a7fe6928af5` Request headers accept-language de-DE,de;q=0.9 Referer https://www.il-post-incident.com/US/index0.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:27 GMT content-encoding br server nginx content-type text/html; charset=iso-8859-1
GET H2	200	jquery.min.js(1).download Show response www.il-post-incident.com/US/index0_files/	85 KB 85 KB	38ms 37ms	Script application/octet-stream	45.131.187.253 UP-NETWORK UP-NET...
General Check archive.org Show headers Download Go to Full URL https://www.il-post-incident.com/US/index0_files/jquery.min.js(1).download Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR), Reverse DNS myrdp.gg Software nginx / PleskLin Resource Hash `85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf` Request headers accept-language de-DE,de;q=0.9 Referer https://www.il-post-incident.com/US/index0.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:27 GMT last-modified Sun, 14 Nov 2021 04:50:04 GMT server nginx x-powered-by PleskLin etag "6190957c-152b5" content-type application/octet-stream accept-ranges bytes content-length 86709
GET H2	200	jquery.inputmask.bundle.js.download Show response www.il-post-incident.com/US/index0_files/	172 KB 29 KB	63ms 62ms	Script application/javascript	45.131.187.253 UP-NETWORK UP-NET...
General Check archive.org Show headers Download Go to Full URL https://www.il-post-incident.com/US/index0_files/jquery.inputmask.bundle.js.download Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR), Reverse DNS myrdp.gg Software nginx / PleskLin Resource Hash `f708ad894d421f32ed297a914632db6bc1577841d1c210b34f1a0821ea0aaa4b` Request headers accept-language de-DE,de;q=0.9 Referer https://www.il-post-incident.com/US/index0.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:27 GMT content-encoding br etag W/"6190957e-2b131" last-modified Sun, 14 Nov 2021 04:50:06 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	chronopost_cc.js.download Show response www.il-post-incident.com/US/index0_files/	2 KB 572 B	38ms 37ms	Script application/javascript	45.131.187.253 UP-NETWORK UP-NET...
General Check archive.org Show headers Download Go to Full URL https://www.il-post-incident.com/US/index0_files/chronopost_cc.js.download Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR), Reverse DNS myrdp.gg Software nginx / PleskLin Resource Hash `2eecba15da2f56e249260555a8f6b19c88379a22e928b4e16868f51f57164a53` Request headers accept-language de-DE,de;q=0.9 Referer https://www.il-post-incident.com/US/index0.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:27 GMT content-encoding br etag W/"6190957e-90c" last-modified Sun, 14 Nov 2021 04:50:06 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	free.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	59 KB 13 KB	62ms 43ms	Fetch text/css	2606:4700:3032::6815:1e29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=00ce2dd051 Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0_files/00ce2dd051.js.download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:1e29 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda` Request headers accept-language de-DE,de;q=0.9 Referer https://www.il-post-incident.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:47 GMT via 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop DUS51-P1 x-cache Hit from cloudfront access-control-allow-methods GET content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6BJE0bc8x8BQflNPbfvLOiqjcBpkPWiscDHZS2lvulv3OxORxnZ69k0X5FZyCPO9Buq7viKoZfL5SvC8r6adqeAumeIYZdcTi5Q13KjazxyEcr7RFhzpKsjLclvJVccg2ogIq3IJA4fQ2kF7RtJcRG9PQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 73379ca309cbbbbb-FRA access-control-allow-headers fa-kit-token x-amz-cf-id 6MLRySf93adGrwS31_mkBbITSmKl_FsZqq11neDWxLimnWDmNaejsA==
GET H2	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	26 KB 5 KB	55ms 37ms	Fetch text/css	2606:4700:3032::6815:1e29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=00ce2dd051 Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0_files/00ce2dd051.js.download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:1e29 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8` Request headers accept-language de-DE,de;q=0.9 Referer https://www.il-post-incident.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:47 GMT via 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA50-C1 x-cache Hit from cloudfront access-control-allow-methods GET content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"76f34b71fc9fb641507ff6a822cc07f5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GQRa7G96ee2TrPDQC0Af%2FLhJVQxnkGkPCp5C2ePhQE%2F2579%2FuCiRkpEVGHQ32nKCLaWfu1eUKV7nmLEwqYxeg8xB3wD3gWQbO93KCk3wjhmpYuSAyKLj5cCNwZfQqisH7Ny9zC7UfMHGD2dgE9N6%2BWJ4A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 73379ca309ccbbbb-FRA access-control-allow-headers fa-kit-token x-amz-cf-id 4RZl3Fb5_3wRDX7q1-5EHqeC4i9j8xuBjb22yA1uhg6BQ7p28fNjug==
GET H2	200	free-v4-font-face.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	3 KB 1 KB	62ms 44ms	Fetch text/css	2606:4700:3032::6815:1e29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=00ce2dd051 Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0_files/00ce2dd051.js.download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:1e29 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6` Request headers accept-language de-DE,de;q=0.9 Referer https://www.il-post-incident.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:47 GMT via 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop DUS51-P1 x-cache Hit from cloudfront access-control-allow-methods GET content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"f2e0b2680d9b0bcb6e0039c4424e5a59" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BppYnsTbPbi%2BP1noRPV4U0zvoMeN1pHU31IgvekaoRPxFvj1ikhPle5EZUD1Sh9E%2BmGi%2BERJXXgLaQ3aAePRCdqpaJXK2e%2BOFt1bPelGAPp7edHiPX4VX1Rl6n%2BDpaUEncdzaH%2BjLJc%2F9TEVAfEI9fI3eQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 73379ca309cdbbbb-FRA access-control-allow-headers fa-kit-token x-amz-cf-id 3uxD4VVYPFuxejr1OpVu1a1yxs99m1ndnBV-381_iO48bOQ9cXoZFA==
GET H2	200	fondoregistro4.png www.seur.com/images/	543 B 970 B	80ms 15ms	Image image/png	107.154.76.162 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.seur.com/images/fondoregistro4.png Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0_files/style_001.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.154.76.162 District Heights, United States, ASN19551 (INCAPSULA, US), Reverse DNS 107.154.76.162.ip.incapdns.net Software / Resource Hash `376528af8443c26375488dbfec269230db4de68c13ed8a50edd55b26b839406c` Request headers accept-language de-DE,de;q=0.9 Referer https://www.il-post-incident.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:46 GMT last-modified Fri, 29 Jul 2022 08:58:14 GMT x-cdn Imperva etag "a009a-54e-5e4edd9ae1580" content-type image/png x-iinfo 13-59117113-59113064 2CNN RT(1659283906869 9) q(0 0 0 1) r(0 0) cache-control max-age=6604, public content-length 543 expires Sun, 31 Jul 2022 18:01:50 GMT
GET H2	404	PlutoSansLight.otf www.il-post-incident.com/US/index0_files/	0 0	37ms 36ms	Font text/html	45.131.187.253 UP-NETWORK UP-NET...
General Check archive.org Show headers Download Go to Full URL https://www.il-post-incident.com/US/index0_files/PlutoSansLight.otf Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0_files/style_001.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR), Reverse DNS myrdp.gg Software nginx / Resource Hash Request headers Referer https://www.il-post-incident.com/US/index0_files/style_001.css Origin https://www.il-post-incident.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:27 GMT content-encoding br server nginx content-type text/html; charset=iso-8859-1
GET H2	200	free-fa-solid-900.woff2 ka-f.fontawesome.com/releases/v5.15.4/webfonts/	76 KB 77 KB	41ms 37ms	Font font/woff2	2606:4700:3032::6815:1e29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2 Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:1e29 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7` Request headers Referer https://www.il-post-incident.com/ Origin https://www.il-post-incident.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:47 GMT via 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA50-C1 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 78168 last-modified Wed, 04 Aug 2021 18:58:24 GMT server cloudflare etag "a9fd1225fb2cd32320e2b931dca01089" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnJuf%2BpAwM31HALKufVp4mCSGatddf43%2B3qUFu18RscLmDopP%2BAHh1AFZDYJ7%2B3jibsmR%2BG%2BHHrJjh%2BcFkxcJGlY3QXvkskYZ59GSdYniWVzR3lnWBrqFCHHgVjcnsCHTVchbehFiOGUp3KWaRPMcr%2By0g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 73379ca309c6bbbb-FRA access-control-allow-headers fa-kit-token x-amz-cf-id 4zcHK89Fkh2oyxIoKU1OavXAk9XNygRiynM8trGB1r6OHlaLTt42Hg==
GET H2	200	free-fa-brands-400.woff2 ka-f.fontawesome.com/releases/v5.15.4/webfonts/	75 KB 76 KB	34ms 30ms	Font font/woff2	2606:4700:3032::6815:1e29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2 Requested by Host: www.il-post-incident.com URL: https://www.il-post-incident.com/US/index0.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:1e29 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813` Request headers Referer https://www.il-post-incident.com/ Origin https://www.il-post-incident.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 31 Jul 2022 16:11:47 GMT via 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA50-C1 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 76736 last-modified Wed, 04 Aug 2021 18:58:24 GMT server cloudflare etag "4f5ec865a8274ab291b6a42b5f70639e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lcFxcUpYPQh%2BroiVagaqMefNbflGWSX92fxTq5HiH41LS%2Fiz63q3gQMo3v37jCG1v6CvVwkv4yuBRFCUeLA9A8VRhnYdOwL3403NRwel%2FmYKq3HI%2FYlUD6z88VJVXtuCSBeMc%2Fm5f17KZQh8pFFNYo4Zg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 73379ca309c9bbbb-FRA access-control-allow-headers fa-kit-token x-amz-cf-id GHHkIH4mWrXod2lkcGhyPNNVwlkRiww-klQSnrqUcDbEdEdSWM_9gg==

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.il-post-incident.com/US/index0_files/logo.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.il-post-incident.com/US/index0_files/PlutoSansLight.otf Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ka-f.fontawesome.com
www.il-post-incident.com
www.seur.com
107.154.76.162
2606:4700:3032::6815:1e29
45.131.187.253
044b69c2166262f61d2dbd4bb073af205c8dd16511aef56eee98e7377c90a6f1
28499a9d74006949b0bb06d6a63efd15efb392bb923f37393ed477e8d7b4dab0
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2eecba15da2f56e249260555a8f6b19c88379a22e928b4e16868f51f57164a53
376528af8443c26375488dbfec269230db4de68c13ed8a50edd55b26b839406c
4367016f60a976393d945ce8ef5aec56a5a9efddeb87be53118383e4821f787b
69574b536cf105f8c4d00f5b13ca9e85fb924473b1a88e6f2e7db55014ea2666
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
73c5b987dc4fdfe03adbfff9da83e0dc4882024c7160f8e513ef6a4d42323c80
74f8f3583825566b1d2235d4324f179fb8d9ef7001cfb7e3d147cd4867514559
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
817495e5c1916337ed0360dad1b2dcbe86667e91ecc1e08b41741a7fe6928af5
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
e398d4a1a9f653dc7e28d806d4bcaf26828b13fbd74760e30a6f2de99d1ad6e6
f708ad894d421f32ed297a914632db6bc1577841d1c210b34f1a0821ea0aaa4b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

www.il-post-incident.com Open in urlscan Pro 45.131.187.253 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

369 kBTransfer

876 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

www.il-post-incident.com Open in urlscan Pro
45.131.187.253 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

369 kB
Transfer

876 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions