tekeronline.com Open in urlscan Pro
2606:4700:3035::6815:2efd  Malicious Activity! Public Scan

Submitted URL: https://iboxhome.com.br/canada-post-full-secure-delivery-support-info-canada-post-online-service-canada-post-delivery.php
Effective URL: https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLf...
Submission: On February 12 via manual from US — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3035::6815:2efd, located in United States and belongs to CLOUDFLARENET, US. The main domain is tekeronline.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 14th 2021. Valid for: a year.
This is the only time tekeronline.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Canada Post (Transportation)

Domain & IP information

IP Address AS Autonomous System
1 1 144.202.43.69 20473 (AS-CHOOPA)
21 2606:4700:303... 13335 (CLOUDFLAR...)
21 1
Apex Domain
Subdomains
Transfer
21 tekeronline.com
tekeronline.com
180 KB
1 iboxhome.com.br
iboxhome.com.br
125 B
21 2
Domain Requested by
21 tekeronline.com tekeronline.com
1 iboxhome.com.br 1 redirects
21 2

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-11-14 -
2022-11-13
a year crt.sh

This page contains 1 frames:

Primary Page: https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
Frame ID: 520EE507B862863B1729FEB2F2D130A3
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

Delivery Status | Canada Post - CanadaFacebookTwitterInstagramLinkedinYouTubeFacebookTwitterInstagramLinkedinYouTubeFacebookTwitterInstagramLinkedinYouTube

Page URL History Show full URLs

  1. https://iboxhome.com.br/canada-post-full-secure-delivery-support-info-canada-post-online-service-can... HTTP 302
    https://tekeronline.com/canadapost/ Page URL
  2. https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJs... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Page Statistics

21
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

180 kB
Transfer

763 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://iboxhome.com.br/canada-post-full-secure-delivery-support-info-canada-post-online-service-canada-post-delivery.php HTTP 302
    https://tekeronline.com/canadapost/ Page URL
  2. https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://iboxhome.com.br/canada-post-full-secure-delivery-support-info-canada-post-online-service-canada-post-delivery.php HTTP 302
  • https://tekeronline.com/canadapost/

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
tekeronline.com/canadapost/
Redirect Chain
  • https://iboxhome.com.br/canada-post-full-secure-delivery-support-info-canada-post-online-service-canada-post-delivery.php
  • https://tekeronline.com/canadapost/
227 B
860 B
Document
General
Full URL
https://tekeronline.com/canadapost/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a062a752f30325705c458934f43b75fc9f125439e1245b55cf82256cf71bd472

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 12 Feb 2022 20:36:00 GMT
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
expires
Thu, 19 Nov 1981 08:52:00 GMT
vary
Accept-Encoding
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLagc5nscbBcfe2OfP6uX4QVpEwtaN8XVxUXjhlXgYbp5MxIXNspk73ejdOvC%2F9ZxDoDf%2FDj2w1t4dwmae54LFDf5ogU%2BSNEuSBak%2BbSOBVbhro2NWKxdnfytApIgxv9tLw2x9A0kQKenjL8u4Y%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6dc89b42f98c5a13-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server
nginx
date
Sat, 12 Feb 2022 20:35:58 GMT
content-type
text/html; charset=UTF-8
location
https://tekeronline.com/canadapost/
strict-transport-security
max-age=15768000;
Primary Request delivery-status.page.php
tekeronline.com/canadapost/
27 KB
5 KB
Document
General
Full URL
https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a3e212afe384ca0748abd4f2d21b0bd729ac51bb8daf898600a5628fba7c53ea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tekeronline.com/canadapost/

Response headers

date
Sat, 12 Feb 2022 20:36:00 GMT
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
expires
Thu, 19 Nov 1981 08:52:00 GMT
vary
Accept-Encoding
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qi2%2BL0SlaMvlSPATadlzUQvI2ZocoRjfoTCD1kKh%2FCsLzl2wTrhsguFEeOy9LtrF4HQcGlObWOtsmIjtUZcW6QF2Jp3Ge5M5hGPMv6QORLJikmHj5HWcfkll9DYyOB%2BsQGN0M9WumzX8Xj8LI%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6dc89b4ffdf25a13-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
general.css
tekeronline.com/canadapost/content/
7 KB
3 KB
Stylesheet
General
Full URL
https://tekeronline.com/canadapost/content/general.css
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b94438d2f6494a5b1ed3b1de0fe5ce8242fd1bf93358812e5812afd51ba84f72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 20:36:00 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk
PleskWin
last-modified
Fri, 11 Feb 2022 21:02:23 GMT
server
cloudflare
etag
W/"fbbc8eaa8a1fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Yi4qVJ9LBOO%2BdxvZ3%2BihxiDlxRB0wRUnjeBdvzDY8PKtUpJP8WCTEJpe3zA4vFSIYbyAAu5XavqgtQm6Pj4aOVA8QoZHUUqjfXr236VXfK1Aj%2F3yFmtfMhcErCEQiKWGegDMWNWdVMaLsC5BpM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6dc89b50db0006c9-LHR
basic.css
tekeronline.com/canadapost/content/
152 KB
22 KB
Stylesheet
General
Full URL
https://tekeronline.com/canadapost/content/basic.css
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c80b851c22c115a694216ffcc58d914d6f47666717dcfc4a0032564d82d1f5a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 20:36:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk
PleskWin
last-modified
Fri, 11 Feb 2022 21:02:23 GMT
server
cloudflare
etag
W/"643f66aa8a1fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2BS3NX2Pu%2BMEJtfdsBUNipvfQkRU3HYeQyA%2B7brn4jjrq2Or7zxJ09nes7PvcvkeZru4D7O%2BAV0pPKF2%2BC67tbOZyoOmW%2BYqxQVO92zJAe2xtFcvDA%2FvMpYwacNBZ%2FkIYo6la4IBCbbIRdgl5Rs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6dc89b50db0206c9-LHR
org.css
tekeronline.com/canadapost/content/
399 KB
53 KB
Stylesheet
General
Full URL
https://tekeronline.com/canadapost/content/org.css
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9ab89aff3f5665980aca51362bced84d5c7cfe4131075836c313be28308f3479

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 20:36:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk
PleskWin
last-modified
Fri, 11 Feb 2022 21:02:23 GMT
server
cloudflare
etag
W/"23c7d8aa8a1fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtZ7ad98VP%2BK9Fpq1lVOq%2B1YaGF8PrWE7PfjUTNkdbEMt2t%2B7qgYBAGSM20tYdrl3l48LQVCzSloHhchd1tqxwysZ74ETeHGihFCT6J65wbNKxmI1LtVkfRXOXCL7AdTiHHSPgH6f1GrtBryo9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6dc89b50db0406c9-LHR
bound.css
tekeronline.com/canadapost/content/
63 KB
11 KB
Stylesheet
General
Full URL
https://tekeronline.com/canadapost/content/bound.css
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
426f0628d73d36a64fb4a26378bc799697e85b56f13e79407695b490bdc3212b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 20:36:00 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk
PleskWin
last-modified
Fri, 11 Feb 2022 21:02:23 GMT
server
cloudflare
etag
W/"98be6faa8a1fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWgmgfkQpNLPwJxDe179TY%2FINr%2Fp12VrNQccxems5nhW%2BwjPHCHEEUbJg9ZFY5vTC4wx7IVjdRd5UQ%2F6DIgmYGN37oJLTaxbsbCUvWljObbHwaSTe9KzTHdS400D23q2z%2F4kUUm9d7enCmhvIIc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6dc89b50db0706c9-LHR
cpc-main-logo.svg
tekeronline.com/canadapost/content/
12 KB
4 KB
Image
General
Full URL
https://tekeronline.com/canadapost/content/cpc-main-logo.svg
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 20:36:00 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk
PleskWin
last-modified
Fri, 11 Feb 2022 21:02:23 GMT
server
cloudflare
etag
W/"536f80aa8a1fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l89bTJ1IGpngTCdGegR%2B%2F3Ylrc%2F27a5VLrU%2FM5bHqlcD7KYihuK62cB3mhvqMGck%2FzzNO8pDO7t%2BYIB96LiMqV2mRBJpodPnQfE7Cn%2F65q80fei0KIBk%2BiiYI3TA%2BvrS2ZsfqfisziEX35FmHTc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
6dc89b50db0806c9-LHR
cpc-logo.svg
tekeronline.com/canadapost/content/
938 B
1 KB
Image
General
Full URL
https://tekeronline.com/canadapost/content/cpc-logo.svg
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d1f9fbf33db045a86af8a16f01659de9e5fbcce3199edb10a3ac4dc76155c4f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 20:36:00 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk
PleskWin
last-modified
Fri, 11 Feb 2022 21:02:23 GMT
server
cloudflare
etag
W/"536f80aa8a1fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8g9QJmHFKKFYZR04pBAsWf%2F5X0UmhgkA2J7PdRiX9OWZvkFTUqdMwn8NS9z06JbbW%2BlM7DzYU3en8QsP6XLrCwzfEB9YJHhIPhdvhZUwSLPn2tY805tN1UnZLhz3%2BcamYW4Yvz%2Bm4USpWrsEUI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
6dc89b50db0906c9-LHR
info-glyph.svg
tekeronline.com/canadapost/content/
2 KB
1 KB
Image
General
Full URL
https://tekeronline.com/canadapost/content/info-glyph.svg
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2c3ef75ec5c7389ab19835091856419a5e6c220a8446ed5145561705912ac971

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 20:36:00 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk
PleskWin
last-modified
Fri, 11 Feb 2022 21:02:23 GMT
server
cloudflare
etag
W/"4db9daa8a1fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p15pL1AI3xjripjCcfIpai5%2BuPuO%2BBKn5oDe4slktEG0aJKhK%2B2P3Gf9jbmVkNRmmPDBST0ZXmlt1XgD1RaskdbOyhR3X9%2F1AdMXAfFNE0C0KCRqMMOIds0OWzuiFPnFcBuNjPAxINOn0f6SQk8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
6dc89b50db0c06c9-LHR
Alert.svg
tekeronline.com/canadapost/content/
1007 B
1 KB
Image
General
Full URL
https://tekeronline.com/canadapost/content/Alert.svg
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e62e54914dbabecaaaa6b6ba4b605ec384be240d485555452e7e094a3c5d9b7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 20:36:00 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk
PleskWin
last-modified
Fri, 11 Feb 2022 21:02:23 GMT
server
cloudflare
etag
W/"b68455aa8a1fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYb%2F3hpExAWeSazPrZBh1m4EMNoIrFQLw1AeMbiHe3HMRZIqzBDFoqK%2BElJRkoU1W24o4VZOgnYTPs9KXPl2Ms42y3ixrPxqZOQ4VQDkmJK1lG7x%2FZFtO%2BFWyH2qM4gLJwDZPk6gp8Z6K%2Bq5AD0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
6dc89b50db0d06c9-LHR
gov-canada-logo.svg
tekeronline.com/canadapost/content/
14 KB
6 KB
Image
General
Full URL
https://tekeronline.com/canadapost/content/gov-canada-logo.svg
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6a50626ef34e5da6014662089f0775c6187d23e5c22379da71203848eac50ee3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekeronline.com/canadapost/delivery-status.page.php?/DeliveryCancelled/&pageID=pcRQhZfnlmrJsfYAtqTocmSepIwfDEdLfjfjsRibJNzQLJmRrISbkAaIKyQbE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 20:36:00 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk
PleskWin
last-modified
Fri, 11 Feb 2022 21:02:23 GMT
server
cloudflare
etag
W/"fbbc8eaa8a1fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmkbpgc9LedN4Sk9vIKXbpmH7u9oey6x%2FoTeL4PflkYIKKxhjbxGJ0j9O%2Fjv%2BxEK%2BsA0cybzj0bGq4VNfngCtWVMr%2BzehZvhL0cAtZ62Bx510qS8UPYyXejL2f%2FCfK3sX%2BfWSLKLNRvLpFNFBPY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
6dc89b514bb806c9-LHR
fonts.css
tekeronline.com/canadapost/content/
17 KB
2 KB
Stylesheet
General
Full URL
https://tekeronline.com/canadapost/content/fonts.css
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/content/basic.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b3642f838f607a3ac9a59c3729d95265ab7dc471f4ad7d1bb5bd8a22149da23f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekeronline.com/canadapost/content/basic.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 20:36:01 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk
PleskWin
last-modified
Fri, 11 Feb 2022 21:02:23 GMT
server
cloudflare
etag
W/"815a8caa8a1fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bp%2FEbVTRaa%2FuG2XiMTgEUKQWPDltSXzSX6BBz7l%2FHi7ZySOP%2BMCMBee1yJ56gP36AjqAGTPyLuEKKhFHCZqkxL%2FOKjOWyQUcUxhnGm%2FlzXdkKm8Ju15he3L2ocnZQo9BG6eoyXI%2FFy4rhCSqLfI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=20942
cf-ray
6dc89b535f0206c9-LHR
cf-bgj
minify
track-banner-chevron-desktop.svg
tekeronline.com/canadapost/content/
3 KB
2 KB
Image
General
Full URL
https://tekeronline.com/canadapost/content/track-banner-chevron-desktop.svg
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/content/bound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c4ca3281582b1dcf6c63684d8e6f31a9c3875b18d46992d11bbf506e6d6c5eef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekeronline.com/canadapost/content/bound.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 20:36:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk
PleskWin
last-modified
Fri, 11 Feb 2022 21:02:24 GMT
server
cloudflare
etag
W/"9cb13ab8a1fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMXDufBdL5ZTOU2C3Cd3TuZL4Gfo5yu6FoX2IFoHQyO51FTT6iOg%2BZWOX1Sokwrer3qExCyaTaN4vOrdqJNOxYkhso33JXtc3cMQKYE3cOt%2Bb9iT%2BADWMSU3p5W%2FauZJuoVS%2BHHV9EIQEH%2Fltl8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
6dc89b54a92806c9-LHR
white.svg
tekeronline.com/canadapost/content/
1 KB
1 KB
Image
General
Full URL
https://tekeronline.com/canadapost/content/white.svg
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/content/bound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
903917713c4aba31c782ac622b0e86576ae22f38bda1c3b16b3adceeaf10e3e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekeronline.com/canadapost/content/bound.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sat, 12 Feb 2022 20:36:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54NS62dnGQKnD4FFcpW%2BcXnBt%2FSKr3uLwmWZ2zpsTnzKbZzZ68Ji5mMdN0pO5fGY7GvebP8RkrTUehRvsZtwgEURqcL98W%2F83VrY1%2BqX9%2B%2BpvkNiMeDwKJ2treW%2FtIHFlRHpUI79LusP4K6Cwmo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
6dc89b54a92a06c9-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
track-banner-bg-desktop.svg
tekeronline.com/canadapost/content/
641 B
956 B
Image
General
Full URL
https://tekeronline.com/canadapost/content/track-banner-bg-desktop.svg
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/content/bound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5c4664dec23fc339079382bfe35804c9fbfd0fbb653f65103c84e7096d6ee051

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekeronline.com/canadapost/content/bound.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 20:36:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk
PleskWin
last-modified
Fri, 11 Feb 2022 21:02:24 GMT
server
cloudflare
etag
W/"814f1ab8a1fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nR58ZHecSzoP6USStm8IVkY3Vm2JHrO0whtSuJtWcFPioqWirf5PkWesZM7HUBy2RDAQWRTMBR7Gc8MIyuC1Sf9NBOGKm04ieORfK1Xc37zuEpgO061m9QQzE%2FKggB6ppsyPcApKBBWCpNjIcWk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
6dc89b54a92b06c9-LHR
track-icon-desktop.svg
tekeronline.com/canadapost/content/
2 KB
1 KB
Image
General
Full URL
https://tekeronline.com/canadapost/content/track-icon-desktop.svg
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/content/bound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bfbac6ac6e53ca7e02f40d58191e829212013927ab352c7da568c3d37ba55499

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekeronline.com/canadapost/content/bound.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 20:36:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk
PleskWin
last-modified
Fri, 11 Feb 2022 21:02:24 GMT
server
cloudflare
etag
W/"2a146ab8a1fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7MsRvQg4ExXpdnGgYbHp2cosNSx9yts%2BXln4ZJ9vPg9677MejYQMYMzT5XYy6pgdJqXoUKEaKCNZd58C2sr1mMd6%2BbAwwwu0bipdBQ9tlqqHcqHHyWBTxEZ3hAkn7xBrfcneQ5Tg6MWv49RtM4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
6dc89b54a92d06c9-LHR
feedback.svg
tekeronline.com/canadapost/content/
724 B
973 B
Image
General
Full URL
https://tekeronline.com/canadapost/content/feedback.svg
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/content/org.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
acf56f4833ccd8789f66864deae46f9a6efb8625f15b9e5996a00e5634f094e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekeronline.com/canadapost/content/org.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 20:36:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk
PleskWin
last-modified
Fri, 11 Feb 2022 21:02:23 GMT
server
cloudflare
etag
W/"fc9587aa8a1fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ilb%2FLvCCwBdiL8bpWKjpJfrLkRKNVQdPV%2FT8zbZvaCdD7P2YGSWNOIyRIVLWlqmxDPTMKEW755iuSqck%2BSqsR5Su8tON1mvVGNKuIp7cvNyQPnVZe0MZf4JeerOfU2sBpgEds0S4GAb6DAM15w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
6dc89b54a92f06c9-LHR
KFOmCnqEu92Fr1Mu4mxK.woff2
tekeronline.com/canadapost/content/
15 KB
16 KB
Font
General
Full URL
https://tekeronline.com/canadapost/content/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/content/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Request headers

Referer
https://tekeronline.com/canadapost/content/fonts.css
Origin
https://tekeronline.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 20:36:01 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15736
x-powered-by-plesk
PleskWin
last-modified
Fri, 11 Feb 2022 21:02:23 GMT
server
cloudflare
etag
"29c1c7aa8a1fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUHyvXMyplWW8Gb2b7Jf%2FedWvhEpakbFwcBsvfhcpLhXLwR%2BSJ9%2BykA%2B6K2jMYL69WmZkrTcluz%2Btq56oUd%2FaVK4YHyNTmkSjXlRqoxQp63y5UO%2FKQkdyen%2Fb0iNpi7t69xXHcy7fPlTT5Jd2hA%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6dc89b54a93206c9-LHR
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
tekeronline.com/canadapost/content/
15 KB
16 KB
Font
General
Full URL
https://tekeronline.com/canadapost/content/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/content/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

Request headers

Referer
https://tekeronline.com/canadapost/content/fonts.css
Origin
https://tekeronline.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 20:36:01 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15784
x-powered-by-plesk
PleskWin
last-modified
Fri, 11 Feb 2022 21:02:23 GMT
server
cloudflare
etag
"f4e2bbaa8a1fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdTDQ0IV1QndA2uU8e7gZorrlk3nBD20lhN1prlvxMr9KCdjCnKc8%2FC1KHaZRGKtlDGNJeDUs1RgX7q4S%2FXE2ATzkhiFDm4XbCNTUGWaQN%2FzVdOii0dcuJaSNYAt1hVBilqJ1XE11coJ1hIf4p0%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6dc89b54a93406c9-LHR
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
tekeronline.com/canadapost/content/
16 KB
16 KB
Font
General
Full URL
https://tekeronline.com/canadapost/content/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/content/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Request headers

Referer
https://tekeronline.com/canadapost/content/fonts.css
Origin
https://tekeronline.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 20:36:01 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15872
x-powered-by-plesk
PleskWin
last-modified
Fri, 11 Feb 2022 21:02:23 GMT
server
cloudflare
etag
"b872b9aa8a1fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8P0jpQZXRq6v46mTy5Th%2BMmLkua%2F9bIMu%2BbOUTPmzTYasFR4iqlMAWHG0VLBoQpQ4uF7F4DfNxE5ZHlfabT9VUw5yt9KL%2BYc6zzjeaDBSBEKb7CrN60MDqe4SmkgzntWjQuf7FOP%2FHC3qPViMU%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6dc89b54a93506c9-LHR
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
tekeronline.com/canadapost/content/
15 KB
16 KB
Font
General
Full URL
https://tekeronline.com/canadapost/content/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: tekeronline.com
URL: https://tekeronline.com/canadapost/content/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2efd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Request headers

Referer
https://tekeronline.com/canadapost/content/fonts.css
Origin
https://tekeronline.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 20:36:01 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15816
x-powered-by-plesk
PleskWin
last-modified
Fri, 11 Feb 2022 21:02:23 GMT
server
cloudflare
etag
"179ac0aa8a1fd81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qp4HgIjViwhkeE8cJXro49VxEMbwRqTlJNvOS3HikjLhmp%2F2P2T3tvsdGRc0A%2BmImrY%2BXAqODoqIpblPYome4XDoMirq1yO4mamZ1NU%2B7mrji1ZpKP5vlamVhyYS4U7EH8XSUgTlIMg6Zgliqto%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6dc89b54b94d06c9-LHR

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Canada Post (Transportation)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| stFuSS function| xfxzvOzrppY function| sxfkftSQHz2 function| WcoHozeBQB3 function| ZQzzluxHP4

1 Cookies

Domain/Path Name / Value
tekeronline.com/ Name: PHPSESSID
Value: 25o9ac2n179lcdp29dcbe0u3vm

1 Console Messages

Source Level URL
Text
network error URL: https://tekeronline.com/canadapost/content/white.svg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

iboxhome.com.br
tekeronline.com
144.202.43.69
2606:4700:3035::6815:2efd
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2c3ef75ec5c7389ab19835091856419a5e6c220a8446ed5145561705912ac971
426f0628d73d36a64fb4a26378bc799697e85b56f13e79407695b490bdc3212b
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
5c4664dec23fc339079382bfe35804c9fbfd0fbb653f65103c84e7096d6ee051
6a50626ef34e5da6014662089f0775c6187d23e5c22379da71203848eac50ee3
903917713c4aba31c782ac622b0e86576ae22f38bda1c3b16b3adceeaf10e3e8
9ab89aff3f5665980aca51362bced84d5c7cfe4131075836c313be28308f3479
a062a752f30325705c458934f43b75fc9f125439e1245b55cf82256cf71bd472
a3e212afe384ca0748abd4f2d21b0bd729ac51bb8daf898600a5628fba7c53ea
acf56f4833ccd8789f66864deae46f9a6efb8625f15b9e5996a00e5634f094e1
b3642f838f607a3ac9a59c3729d95265ab7dc471f4ad7d1bb5bd8a22149da23f
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b94438d2f6494a5b1ed3b1de0fe5ce8242fd1bf93358812e5812afd51ba84f72
bfbac6ac6e53ca7e02f40d58191e829212013927ab352c7da568c3d37ba55499
c4ca3281582b1dcf6c63684d8e6f31a9c3875b18d46992d11bbf506e6d6c5eef
c80b851c22c115a694216ffcc58d914d6f47666717dcfc4a0032564d82d1f5a7
d1f9fbf33db045a86af8a16f01659de9e5fbcce3199edb10a3ac4dc76155c4f9
e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87
e62e54914dbabecaaaa6b6ba4b605ec384be240d485555452e7e094a3c5d9b7c