sdgroup.co.za Open in urlscan Pro
156.38.211.202 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://54-234-225-103.cprapid.com/as/redirect
Effective URL:
https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Submission: On August 05 via manual (August 5th 2023, 8:39:09 pm UTC) from PH — Scanned from DE

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 30 HTTP transactions. The main IP is 156.38.211.202, located in Pretoria, South Africa and belongs to xneelo, ZA. The main domain is sdgroup.co.za.
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 15th 2023. Valid for: 3 months.

This is the only time sdgroup.co.za was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Canada Post (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
2 2	54.234.225.103 54.234.225.103	14618 (AMAZON-AES) (AMAZON-AES)
17	156.38.211.202 156.38.211.202	37153 (xneelo) (xneelo)
5	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
30	5

2 54.234.225.103 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-225-103.compute-1.amazonaws.com

54-234-225-103.cprapid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 156.38.211.202 (Pretoria, South Africa)

ASN37153 (xneelo, ZA)
PTR: srv.smartwebdns.net

sdgroup.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	sdgroup.co.za sdgroup.co.za	132 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 257	117 KB
4	gstatic.com fonts.gstatic.com	63 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 369	117 KB
2	cprapid.com 2 redirects 54-234-225-103.cprapid.com	525 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	1 KB
30	6

	Domain	Requested by
17	sdgroup.co.za	sdgroup.co.za
5	cdnjs.cloudflare.com	sdgroup.co.za
4	fonts.gstatic.com	fonts.googleapis.com
3	cdn.jsdelivr.net	sdgroup.co.za
2	54-234-225-103.cprapid.com	2 redirects
1	fonts.googleapis.com	sdgroup.co.za
30	6

This site contains no links.

Subject Issuer	Validity	Valid
sdgroup.co.za cPanel, Inc. Certification Authority	`2023-06-15` - `2023-09-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Frame ID: F758F6C7740E571CF8F806F8D17389C9
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Canada Post - Track a package by tracking numberFacebookTwitterInstagramLinkedinYouTube

Page URL History Show full URLs

https://54-234-225-103.cprapid.com/as/redirect HTTP 301
https://54-234-225-103.cprapid.com/as/redirect/ HTTP 302
https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

30
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

430 kB
Transfer

3624 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://54-234-225-103.cprapid.com/as/redirect HTTP 301
https://54-234-225-103.cprapid.com/as/redirect/ HTTP 302
https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Redirect Chain

https://54-234-225-103.cprapid.com/as/redirect
https://54-234-225-103.cprapid.com/as/redirect/
https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/

23 KB
6 KB

1344ms
272ms

Document
text/html

156.38.211.202
xneelo

General

Check archive.org

Show headers Download Go to

Full URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.211.202 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: srv.smartwebdns.net
Software: LiteSpeed / PHP/7.4.33
Resource Hash: bb80da5d7d00288c8fb50f6cf938a4db664312470d0eed609ecbf84217e92684

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 05 Aug 2023 20:39:03 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.4.33

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 20:39:02 GMT
Keep-Alive: timeout=5, max=99
Location: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Server: Apache

GET
H2 200 tailwind.min.css
cdnjs.cloudflare.com/ajax/libs/tailwindcss/2.0.3/ 3 MB
71 KB 51ms
17ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tailwindcss/2.0.3/tailwind.min.css

Requested by

Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c75a5a2f884a26ad2963ecda7b561659d41cb87291bd40080b70f45de345e1a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://sdgroup.co.za/
Origin: https://sdgroup.co.za
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5870500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 71961
last-modified: Sun, 07 Feb 2021 21:03:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "602055a9-2bcbe6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6iZviwtoZzWx3Ch19Cwdz5fbXhTOjoaiOpRf%2BRzMVVllWSPLPVM9914FKZKfA%2FRInc5M%2B6lFQsCRXMn1gscmqkMsTLcS7WSQGjjErX8kR12zMKMvtmr1offdlKtX28GxfF0JZXZS%2Fm6rQDEACte%2FLjkk"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f21d8eb1ae89be0-FRA
expires: Thu, 25 Jul 2024 20:39:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 132ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700&display=swap

Requested by

Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 05 Aug 2023 20:39:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 05 Aug 2023 20:39:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Aug 2023 20:39:04 GMT

GET
H2 200 style.css
sdgroup.co.za/wp-content/upgrade/.ca/canadapost/css/ 4 KB
1 KB 173ms
172ms Stylesheet
text/css 156.38.211.202
xneelo

General

Check archive.org

Show headers Download Go to

Full URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/css/style.css?v0.00076
Requested by: Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.211.202 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: srv.smartwebdns.net
Software: LiteSpeed /
Resource Hash: 11ec106576b36dc375448b0c63275a274c7e3c6ca709ec0fe7ea10b8f85ea79f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
content-encoding: br
last-modified: Tue, 25 Jan 2022 16:59:58 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1205
expires: Sat, 12 Aug 2023 20:39:04 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 52ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6995776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tZao6wPQ8AFEc27uDEaezACgjYcxv%2BWV%2Byzcn9VC7mVmWlmxWClBaEMICsfxQSOxo19X3ut1jfKJyAVfnmUDPjRJRylwkr3cM7Bz%2BXllJTpL47F17g13vxN8Jlqp9qj3zESUAc0RqqwEfNDBe94PN0C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f21d8eb1bb02bb8-FRA
expires: Thu, 25 Jul 2024 20:39:04 GMT

GET
H2 200 font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 37 KB
6 KB 50ms
16ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css

Requested by

Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://sdgroup.co.za/
Origin: https://sdgroup.co.za
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3770224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5884
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-9226"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3cu0lGmuG7O00QRzJ8HAs7RMSIELUnStRj5roYVg4t4u3J5%2BUG84GYPyMHOY703oYwfQQgpoSsrFVfAG7L078uKEGirxecT1yxYP8weYfM13zyyHhxT1KUFf2gFhoYfvLuz8T1GMgwmjtLvD2Pkg21o"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f21d8eb1aea9be0-FRA
expires: Thu, 25 Jul 2024 20:39:04 GMT

GET
H2 200 tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.3/ 2 KB
1 KB 47ms
14ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.3/tiny-slider.css

Requested by

Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1370741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
last-modified: Thu, 22 Jun 2023 11:20:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942e90-23d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amrPuRl4nJTXPRc%2BrjPyh453%2BCcktnnOAXqLxbnO%2FGb279kj1QwUmMtDEqF948lostow83vWq9gHwBsNI6TAd3qF8d52Aooq6Zx5IvMwquqDBMELsatVEq%2BOY1UJd6givK%2Bx%2Brx8uDf3ZpTn3saWSNms"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f21d8eb1bad2bb8-FRA
expires: Thu, 25 Jul 2024 20:39:04 GMT

GET
H2 200 jquery.fancybox.min.css
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/ 12 KB
4 KB 50ms
15ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css

Requested by

Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14213126
x-jsd-version: 3.5.7
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230072-FRA, cache-yyz4573-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yS%2BsqM5ykSaiRv%2FTBp3f8M57iRsXpXCfZUYeBgFdi%2B14syBrj%2FKlvg7zRnMVWalzev6%2BkAmb0JwbBWsrNns4UrW4ubdywSdRuVPAOxhB7m5MEHHHJJQU0lrBGEQkA6wqV1%2FhHut%2Bbxu%2BWNY3YSU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7f21d8eb1cfa90e0-FRA

GET
H2 200 cpc-logo.svg
sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/ 938 B
621 B 320ms
317ms Image
image/svg+xml 156.38.211.202
xneelo

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/cpc-logo.svg
Requested by: Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.211.202 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: srv.smartwebdns.net
Software: LiteSpeed /
Resource Hash: 52044e8d2e2dc085d3cff4cb721560e811200cc7ed7ab45f5ee32467f895df0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
content-encoding: br
last-modified: Mon, 24 Jan 2022 13:51:52 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 553
expires: Sat, 12 Aug 2023 20:39:04 GMT

GET
H2 200 search.svg
sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/ 320 B
250 B 321ms
319ms Image
image/svg+xml 156.38.211.202
xneelo

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/search.svg
Requested by: Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.211.202 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: srv.smartwebdns.net
Software: LiteSpeed /
Resource Hash: 3228f4cd6fd28ef733c3d98079f3478b1c4cb3338dcd7b95658ba731b817e113

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
content-encoding: br
last-modified: Mon, 24 Jan 2022 14:31:56 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 194
expires: Sat, 12 Aug 2023 20:39:04 GMT

GET
H2 200 logo.svg
sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/ 12 KB
4 KB 323ms
320ms Image
image/svg+xml 156.38.211.202
xneelo

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/logo.svg
Requested by: Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.211.202 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: srv.smartwebdns.net
Software: LiteSpeed /
Resource Hash: e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
content-encoding: br
last-modified: Mon, 24 Jan 2022 13:53:12 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3734
expires: Sat, 12 Aug 2023 20:39:04 GMT

GET
H2 200 track-icon-desktop.svg
sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/ 923 B
433 B 324ms
322ms Image
image/svg+xml 156.38.211.202
xneelo

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/track-icon-desktop.svg
Requested by: Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.211.202 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: srv.smartwebdns.net
Software: LiteSpeed /
Resource Hash: 6310c7aa2cf8aac6ae05907efdcea34a65517078fb9dcb7182e4061fd61f26ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
content-encoding: br
last-modified: Mon, 24 Jan 2022 13:54:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 377
expires: Sat, 12 Aug 2023 20:39:04 GMT

GET
H2 200 loading.svg
sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/ 2 KB
396 B 326ms
324ms Image
image/svg+xml 156.38.211.202
xneelo

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/loading.svg
Requested by: Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.211.202 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: srv.smartwebdns.net
Software: LiteSpeed /
Resource Hash: 3cd16e366647b218fd70e9061dd692b63c7ee62c2ef320ca1eaf4bc5d372169e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
content-encoding: br
last-modified: Sat, 06 Mar 2021 11:32:08 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 340
expires: Sat, 12 Aug 2023 20:39:04 GMT

GET
H2 200 alert.png
sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/ 12 KB
12 KB 327ms
325ms Image
image/png 156.38.211.202
xneelo

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/alert.png
Requested by: Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.211.202 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: srv.smartwebdns.net
Software: LiteSpeed /
Resource Hash: 0fb393d86f8575527de8c1265f03cfab30dc5b27129f7b907dfa3e6ce5ac1422

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
last-modified: Tue, 25 Jan 2022 15:27:22 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12560
expires: Sat, 12 Aug 2023 20:39:04 GMT

GET
H2 200 warning.svg
sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/ 1011 B
611 B 346ms
345ms Image
image/svg+xml 156.38.211.202
xneelo

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/warning.svg
Requested by: Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.211.202 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: srv.smartwebdns.net
Software: LiteSpeed /
Resource Hash: f6657968992fc529d581d2586ee857bbfa4d5917bd38404e4c48e0f983f57858

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
content-encoding: br
last-modified: Mon, 24 Jan 2022 17:36:30 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 555
expires: Sat, 12 Aug 2023 20:39:04 GMT

GET
H2 200 secured-lock.png
sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/ 4 KB
4 KB 487ms
486ms Image
image/png 156.38.211.202
xneelo

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/secured-lock.png
Requested by: Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.211.202 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: srv.smartwebdns.net
Software: LiteSpeed /
Resource Hash: 1a8847f7ee8c30c5142dfa3837d0ff21ca31431858cdd653400bd20da279f4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
last-modified: Tue, 25 Jan 2022 14:40:30 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4529
expires: Sat, 12 Aug 2023 20:39:04 GMT

GET
H2 200 credit-cards.png
sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/ 66 KB
66 KB 518ms
516ms Image
image/png 156.38.211.202
xneelo

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/credit-cards.png
Requested by: Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.211.202 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: srv.smartwebdns.net
Software: LiteSpeed /
Resource Hash: b30e3b1d8c1d673365bfd0da3eb56508a0e798a0bcd7b557986a16c258566caf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
last-modified: Tue, 25 Jan 2022 14:57:20 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 67300
expires: Sat, 12 Aug 2023 20:39:04 GMT

GET
H2 200 feedback.svg
sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/ 724 B
399 B 486ms
485ms Image
image/svg+xml 156.38.211.202
xneelo

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/feedback.svg
Requested by: Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.211.202 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: srv.smartwebdns.net
Software: LiteSpeed /
Resource Hash: acf56f4833ccd8789f66864deae46f9a6efb8625f15b9e5996a00e5634f094e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
content-encoding: br
last-modified: Mon, 24 Jan 2022 16:10:08 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 343
expires: Sat, 12 Aug 2023 20:39:04 GMT

GET
H2 200 gov-canada-logo.svg
sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/ 14 KB
5 KB 519ms
518ms Image
image/svg+xml 156.38.211.202
xneelo

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/gov-canada-logo.svg
Requested by: Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.211.202 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: srv.smartwebdns.net
Software: LiteSpeed /
Resource Hash: 6a50626ef34e5da6014662089f0775c6187d23e5c22379da71203848eac50ee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
content-encoding: br
last-modified: Mon, 24 Jan 2022 13:53:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4954
expires: Sat, 12 Aug 2023 20:39:04 GMT

GET
H2 200 tiny-slider.js Show response
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/ 31 KB
11 KB 13ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/tiny-slider.js

Requested by

Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

080a485f94dee0e757572d6258ffb9faa1bf8876bef1aa5f60e15a81d54c4709

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4932726
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11404
last-modified: Mon, 04 May 2020 16:17:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffd-7bfa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzExbqwCdfrZPPBC2n5vMeceMf%2BN%2BUs0Mt66iVvakGoE6jj5mjXzyVuF%2FhD0xU1mqeT%2F7Ei6jIjhmblTzRuyzHMI8KKjjEWwiZXUIccPklADxkIRuCsMYMbfgSpXuGCJxTfetA%2BWlYQbxxiGl0JTt3NP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f21d8ebbc922bb8-FRA
expires: Thu, 25 Jul 2024 20:39:04 GMT

GET
H2 200 jquery.fancybox.min.js Show response
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/ 67 KB
22 KB 19ms
18ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js

Requested by

Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11960916
x-jsd-version: 3.5.7
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230119-FRA, cache-jnb7024-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"10a9d-YYFBLnOWZpbQjh5bEkOlctDyK6Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIp2nuIpfXlnr2lQaA8ecnL29LvZjhF3WAjPMOxHwmimTrGcuXAKViJmjS4CAop3esK0UIkb069qzATUtFO8pzsgpSQj5iVJt1M0r0PVI2XnjIaLedCZdNb4oz0nH2jmu3oma4fgR59JbrzTPEc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7f21d8ebdde490e0-FRA

GET
H2 200 script.js Show response
sdgroup.co.za/wp-content/upgrade/.ca/canadapost/js/ 0
79 B 172ms
171ms Script
application/javascript 156.38.211.202
xneelo

General

Check archive.org

Show headers Download Go to

Full URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/js/script.js?v=0.76
Requested by: Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.211.202 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: srv.smartwebdns.net
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
last-modified: Tue, 25 Jan 2022 15:19:02 GMT
server: LiteSpeed
vary: User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 0
expires: Sat, 12 Aug 2023 20:39:04 GMT

GET
H3 200 vue.js Show response
cdn.jsdelivr.net/npm/vue@2.6.12/dist/ 334 KB
91 KB 27ms
26ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.6.12/dist/vue.js

Requested by

Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

159f0ac0c8f517aaa736003b6e13ebc959b5f7129db87e4e56bf2eec8d6d02d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14213122
x-jsd-version: 2.6.12
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230081-FRA, cache-yyz4572-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"53883-XDnfw3/EJADktFV9uVbz8hipDKc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sBuS8Uv212w1LQftRhdDwOrp6WPUp8zXyLNAYXJ8Ky%2Fejjz6l%2BiLH4qIthvdXAsjAW7QvzAF5K0igSGeJsMvmTd492DujIsqfEExZ%2FKtsCa8lgCYf6CQ%2BZm%2BTEpkinuEBait8Fot6b%2Fttto7Ik%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7f21d8ec1a493722-FRA

GET
H2 200 v-mask.min.js Show response
sdgroup.co.za/wp-content/upgrade/.ca/canadapost/js/ 6 KB
2 KB 316ms
313ms Script
application/javascript 156.38.211.202
xneelo

General

Check archive.org

Show headers Download Go to

Full URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/js/v-mask.min.js
Requested by: Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.211.202 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: srv.smartwebdns.net
Software: LiteSpeed /
Resource Hash: 204089b5b0e49d8a5c00f7eb647001100e74fa00e5ebf120502fd863965aa42b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
content-encoding: br
last-modified: Tue, 09 Mar 2021 14:02:44 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2447
expires: Sat, 12 Aug 2023 20:39:04 GMT

GET
H2 200 app.js Show response
sdgroup.co.za/wp-content/upgrade/.ca/canadapost/js/ 6 KB
2 KB 318ms
315ms Script
application/javascript 156.38.211.202
xneelo

General

Check archive.org

Show headers Download Go to

Full URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/js/app.js?v=0.0009627
Requested by: Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.211.202 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: srv.smartwebdns.net
Software: LiteSpeed /
Resource Hash: 8ffd9402bdbe87a8e7d890c3c0f364e118fdff326af7d278cf22c67ec07cd7ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
content-encoding: br
last-modified: Tue, 25 Jan 2022 16:44:00 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1494
expires: Sat, 12 Aug 2023 20:39:04 GMT

GET
H2 200 top_bg_desktop.png
sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/ 27 KB
28 KB 323ms
323ms Image
image/png 156.38.211.202
xneelo

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/img/top_bg_desktop.png
Requested by: Host: sdgroup.co.za
URL: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/css/style.css?v0.00076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.211.202 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: srv.smartwebdns.net
Software: LiteSpeed /
Resource Hash: a0c5324b8dfe4ffd5a2f021409120c1555b1c26b948e7a95edd9f303af22b5bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdgroup.co.za/wp-content/upgrade/.ca/canadapost/css/style.css?v0.00076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:39:04 GMT
last-modified: Mon, 24 Jan 2022 17:11:56 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28100
expires: Sat, 12 Aug 2023 20:39:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 115ms
36ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sdgroup.co.za
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 145932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 04:06:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 124ms
45ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sdgroup.co.za
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 65035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 02:35:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 155ms
75ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sdgroup.co.za
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 105369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 15:22:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sdgroup.co.za
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 25305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 13:37:19 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Canada Post (Transportation)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

54-234-225-103.cprapid.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
sdgroup.co.za
156.38.211.202
2606:4700::6810:5514
2606:4700::6811:180e
2a00:1450:4001:806::2003
2a00:1450:4001:828::200a
54.234.225.103
080a485f94dee0e757572d6258ffb9faa1bf8876bef1aa5f60e15a81d54c4709
0fb393d86f8575527de8c1265f03cfab30dc5b27129f7b907dfa3e6ce5ac1422
11ec106576b36dc375448b0c63275a274c7e3c6ca709ec0fe7ea10b8f85ea79f
159f0ac0c8f517aaa736003b6e13ebc959b5f7129db87e4e56bf2eec8d6d02d7
1a8847f7ee8c30c5142dfa3837d0ff21ca31431858cdd653400bd20da279f4e1
204089b5b0e49d8a5c00f7eb647001100e74fa00e5ebf120502fd863965aa42b
3228f4cd6fd28ef733c3d98079f3478b1c4cb3338dcd7b95658ba731b817e113
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3cd16e366647b218fd70e9061dd692b63c7ee62c2ef320ca1eaf4bc5d372169e
52044e8d2e2dc085d3cff4cb721560e811200cc7ed7ab45f5ee32467f895df0f
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
6310c7aa2cf8aac6ae05907efdcea34a65517078fb9dcb7182e4061fd61f26ed
6a50626ef34e5da6014662089f0775c6187d23e5c22379da71203848eac50ee3
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
8ffd9402bdbe87a8e7d890c3c0f364e118fdff326af7d278cf22c67ec07cd7ca
a0c5324b8dfe4ffd5a2f021409120c1555b1c26b948e7a95edd9f303af22b5bc
acf56f4833ccd8789f66864deae46f9a6efb8625f15b9e5996a00e5634f094e1
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b30e3b1d8c1d673365bfd0da3eb56508a0e798a0bcd7b557986a16c258566caf
bb80da5d7d00288c8fb50f6cf938a4db664312470d0eed609ecbf84217e92684
c75a5a2f884a26ad2963ecda7b561659d41cb87291bd40080b70f45de345e1a8
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6657968992fc529d581d2586ee857bbfa4d5917bd38404e4c48e0f983f57858
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

sdgroup.co.za Open in urlscan Pro 156.38.211.202 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

430 kBTransfer

3624 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sdgroup.co.za Open in urlscan Pro
156.38.211.202 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

430 kB
Transfer

3624 kB
Size

0
Cookies

30 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!