othdyt.cc Open in urlscan Pro
89.116.50.152 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://othdyt.cc/ca/
Submission: On December 12 via manual (December 12th 2024, 5:01:12 pm UTC) from CA — Scanned from CA

Summary HTTP 12 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 89.116.50.152, located in Phoenix, United States and belongs to AS-HOSTINGER Hostinger International Limited, CY. The main domain is othdyt.cc.
TLS certificate: Issued by E5 on December 12th 2024. Valid for: 3 months.

This is the only time othdyt.cc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Canada Post (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 11	89.116.50.152 89.116.50.152	47583 (AS-HOSTIN...) (AS-HOSTINGER Hostinger International Limited)
2	23.13.160.75 23.13.160.75	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2

11 89.116.50.152 (Phoenix, United States) 1 redirects

ASN47583 (AS-HOSTINGER Hostinger International Limited, CY)
PTR: srv663026.hstgr.cloud

othdyt.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.13.160.75 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-13-160-75.deploy.static.akamaitechnologies.com

www.canadapost-postescanada.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	othdyt.cc 1 redirects othdyt.cc	146 KB
2	canadapost-postescanada.ca www.canadapost-postescanada.ca — Cisco Umbrella Rank: 146454	8 KB
12	2

	Domain	Requested by
11	othdyt.cc	1 redirects othdyt.cc
2	www.canadapost-postescanada.ca	othdyt.cc
12	2

This site contains links to these domains. Also see Links.

Domain
www.canadapost-postescanada.ca
sso-osu.canadapost-postescanada.ca

Subject Issuer	Validity	Valid
othdyt.cc E5	`2024-12-12` - `2025-03-12`	3 months	crt.sh
www.canadapost.ca GeoTrust RSA CA 2018	`2024-03-19` - `2025-03-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://othdyt.cc/ca/
Frame ID: 3F387056BA81AFA9089B55EB7A3EF269
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mailing and shipping for Personal and Business | Canada Post

Page URL History Show full URLs

https://othdyt.cc/ca HTTP 301
https://othdyt.cc/ca/ Page URL

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

154 kB
Transfer

328 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.canadapost-postescanada.ca/cpc/en/support.page
Title: Support

Search URL Search Domain Scan URL

URL: https://sso-osu.canadapost-postescanada.ca/lfe-cap/en/login
Title: Sign in or Register

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://othdyt.cc/ca HTTP 301
https://othdyt.cc/ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
othdyt.cc/ca/
Redirect Chain

https://othdyt.cc/ca
https://othdyt.cc/ca/

478 B
589 B

92ms
91ms

Document
text/html

89.116.50.152
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL: https://othdyt.cc/ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.116.50.152 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS: srv663026.hstgr.cloud
Software: nginx/1.26.2 /
Resource Hash: 449fece87598a2cc03b589392e56676646c19dd5aaf7a49e3c0ae2794b87e859

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 12 Dec 2024 17:01:07 GMT
ETag: W/"675720e0-1de"
Last-Modified: Mon, 09 Dec 2024 16:54:56 GMT
Server: nginx/1.26.2
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 169
Content-Type: text/html
Date: Thu, 12 Dec 2024 17:01:07 GMT
Location: https://othdyt.cc/ca/
Server: nginx/1.26.2

GET
H/1.1 200
OK index-DzuPDzUL.js Show response
othdyt.cc/ca/assets/ 248 KB
93 KB 150ms
150ms Script
application/javascript 89.116.50.152
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL: https://othdyt.cc/ca/assets/index-DzuPDzUL.js
Requested by: Host: othdyt.cc
URL: https://othdyt.cc/ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.116.50.152 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS: srv663026.hstgr.cloud
Software: nginx/1.26.2 /
Resource Hash: ae24b7c9128ec74f6139d14d3ae6ae40196a727be7b03ac8f030487709850cab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://othdyt.cc
Referer: https://othdyt.cc/ca/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=2592000, public, max-age=2592000
Content-Encoding: gzip
ETag: W/"675720e0-3e0c2"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 17:01:07 GMT
Date: Thu, 12 Dec 2024 17:01:07 GMT
Content-Type: application/javascript
Last-Modified: Mon, 09 Dec 2024 16:54:56 GMT
Server: nginx/1.26.2
Vary: Accept-Encoding

GET
H/1.1 200
OK index-BkWfG4m9.css
othdyt.cc/ca/assets/ 34 KB
8 KB 312ms
94ms Stylesheet
text/css 89.116.50.152
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL: https://othdyt.cc/ca/assets/index-BkWfG4m9.css
Requested by: Host: othdyt.cc
URL: https://othdyt.cc/ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.116.50.152 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS: srv663026.hstgr.cloud
Software: nginx/1.26.2 /
Resource Hash: 86d01ad58a7df0c02db2fef3f5b1b82f538d89419d2c871aa7f56339b4aa4fa0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://othdyt.cc
Referer: https://othdyt.cc/ca/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=2592000, public, max-age=2592000
Content-Encoding: gzip
ETag: W/"675720e0-88dd"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 17:01:07 GMT
Date: Thu, 12 Dec 2024 17:01:07 GMT
Content-Type: text/css
Last-Modified: Mon, 09 Dec 2024 16:54:56 GMT
Server: nginx/1.26.2
Vary: Accept-Encoding

POST
H/1.1 200
OK createOrGetUserInfo Show response
othdyt.cc/open/visitors/info/ 259 B
597 B 487ms
486ms XHR
application/json 89.116.50.152
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL: https://othdyt.cc/open/visitors/info/createOrGetUserInfo
Requested by: Host: othdyt.cc
URL: https://othdyt.cc/ca/assets/index-DzuPDzUL.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.116.50.152 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS: srv663026.hstgr.cloud
Software: nginx/1.26.2 /
Resource Hash: bb8c9088d57d933568ce41c1a9eca9e6233947b969ca2b1d84905e10a9a2b065

Request headers

Referer: https://othdyt.cc/ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Origin: https://othdyt.cc
Date: Thu, 12 Dec 2024 17:01:08 GMT
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding, Origin
Server: nginx/1.26.2

GET
H/1.1 200
OK favicon.ico
othdyt.cc/ca/ 15 KB
15 KB 206ms
205ms Other
image/x-icon 89.116.50.152
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL: https://othdyt.cc/ca/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.116.50.152 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS: srv663026.hstgr.cloud
Software: nginx/1.26.2 /
Resource Hash: 79abb9bc30ff5a68612b4e0967806186ed604f2dea0113e41e6069d6673b8a2b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://othdyt.cc/ca/

Response headers

Cache-Control: max-age=2592000, public, max-age=2592000
ETag: "66e0250e-3aee"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 17:01:08 GMT
Accept-Ranges: bytes
Content-Length: 15086
Date: Thu, 12 Dec 2024 17:01:08 GMT
Content-Type: image/x-icon
Last-Modified: Tue, 10 Sep 2024 10:53:02 GMT
Server: nginx/1.26.2

GET
H/1.1 200
OK getState Show response
othdyt.cc/open/visitors/info/ 59 B
414 B 127ms
127ms XHR
application/json 89.116.50.152
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL: https://othdyt.cc/open/visitors/info/getState?uuid=a7be4999-8a9a-409a-b6fe-256d7a0b59da
Requested by: Host: othdyt.cc
URL: https://othdyt.cc/ca/assets/index-DzuPDzUL.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.116.50.152 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS: srv663026.hstgr.cloud
Software: nginx/1.26.2 /
Resource Hash: 59c6cb8863714dd12574b2e5ba7611f24fa9c993e116e3e02b7c1a39db9ff172

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://othdyt.cc/ca/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Date: Thu, 12 Dec 2024 17:01:09 GMT
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding, Origin
Server: nginx/1.26.2
Connection: keep-alive

GET
H/1.1 200
OK cpc-main-logo.svg
othdyt.cc/ca/ 12 KB
12 KB 105ms
104ms Image
image/svg+xml 89.116.50.152
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://othdyt.cc/ca/cpc-main-logo.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.116.50.152 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS: srv663026.hstgr.cloud
Software: nginx/1.26.2 /
Resource Hash: e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://othdyt.cc/ca/

Response headers

Cache-Control: max-age=2592000, public, max-age=2592000
ETag: "6756caf6-3037"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 17:01:09 GMT
Accept-Ranges: bytes
Content-Length: 12343
Date: Thu, 12 Dec 2024 17:01:09 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 09 Dec 2024 10:48:22 GMT
Server: nginx/1.26.2

GET
H/1.1 200
OK cpc-logo.svg
othdyt.cc/ca/ 938 B
1 KB 103ms
102ms Image
image/svg+xml 89.116.50.152
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://othdyt.cc/ca/cpc-logo.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.116.50.152 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS: srv663026.hstgr.cloud
Software: nginx/1.26.2 /
Resource Hash: 52044e8d2e2dc085d3cff4cb721560e811200cc7ed7ab45f5ee32467f895df0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://othdyt.cc/ca/

Response headers

Cache-Control: max-age=2592000, public, max-age=2592000
ETag: "6756cb44-3aa"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 17:01:09 GMT
Accept-Ranges: bytes
Content-Length: 938
Date: Thu, 12 Dec 2024 17:01:09 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 09 Dec 2024 10:49:40 GMT
Server: nginx/1.26.2

GET
H/1.1 200
OK search.svg
othdyt.cc/ca/ 444 B
798 B 195ms
90ms Image
image/svg+xml 89.116.50.152
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://othdyt.cc/ca/search.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.116.50.152 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS: srv663026.hstgr.cloud
Software: nginx/1.26.2 /
Resource Hash: 7b8e29118ba015ea57963be7a211198258bc55cf5f7d0b1ed645010240968aa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://othdyt.cc/ca/

Response headers

Cache-Control: max-age=2592000, public, max-age=2592000
ETag: "66903c2c-1bc"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 17:01:09 GMT
Accept-Ranges: bytes
Content-Length: 444
Date: Thu, 12 Dec 2024 17:01:09 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 11 Jul 2024 20:10:20 GMT
Server: nginx/1.26.2

GET
H/1.1 200
OK gov-canada-white-logo.svg
othdyt.cc/ca/ 14 KB
14 KB 226ms
120ms Image
image/svg+xml 89.116.50.152
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://othdyt.cc/ca/gov-canada-white-logo.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.116.50.152 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS: srv663026.hstgr.cloud
Software: nginx/1.26.2 /
Resource Hash: 6a50626ef34e5da6014662089f0775c6187d23e5c22379da71203848eac50ee3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://othdyt.cc/ca/

Response headers

Cache-Control: max-age=2592000, public, max-age=2592000
ETag: "6756ccec-37b3"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 17:01:09 GMT
Accept-Ranges: bytes
Content-Length: 14259
Date: Thu, 12 Dec 2024 17:01:09 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 09 Dec 2024 10:56:44 GMT
Server: nginx/1.26.2

GET
H/1.1 200
OK feedback.svg
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/ 724 B
4 KB 1446ms
132ms Image
image/svg+xml 23.13.160.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg

Requested by

Host: othdyt.cc
URL: https://othdyt.cc/ca/assets/index-BkWfG4m9.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.13.160.75 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-13-160-75.deploy.static.akamaitechnologies.com

Software

Resource Hash

acf56f4833ccd8789f66864deae46f9a6efb8625f15b9e5996a00e5634f094e1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://othdyt.cc/

Response headers

Content-Encoding: gzip
ETag: "5a78a638-2d4"
x-permitted-cross-domain-policies: master-only
x-content-type-options: nosniff
Expires: Mon, 03 Oct 2022 07:02:54 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
Date: Thu, 12 Dec 2024 17:01:10 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Feb 2018 18:45:12 GMT
Vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=86400, private
Connection: keep-alive
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
referrer-policy: no-referrer-when-downgrade
Accept-Ranges: bytes
Content-Length: 382
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK accessibility_icon.svg
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/ 2 KB
5 KB 1600ms
306ms Image
image/svg+xml 23.13.160.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/accessibility_icon.svg

Requested by

Host: othdyt.cc
URL: https://othdyt.cc/ca/assets/index-BkWfG4m9.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.13.160.75 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-13-160-75.deploy.static.akamaitechnologies.com

Software

Resource Hash

d3e646dfa4c0f2823df275de88bad394d6e3e30de340e1c035c1350dc6565ea0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://othdyt.cc/

Response headers

Content-Encoding: gzip
ETag: "6390da9b-9d4"
x-permitted-cross-domain-policies: master-only
x-content-type-options: nosniff
Expires: Thu, 08 Dec 2022 19:17:27 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
Date: Thu, 12 Dec 2024 17:01:10 GMT
Content-Type: image/svg+xml
Last-Modified: Wed, 07 Dec 2022 18:25:31 GMT
Vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=86400, private
Connection: keep-alive
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
referrer-policy: no-referrer-when-downgrade
Accept-Ranges: bytes
Content-Length: 1193
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Canada Post (Transportation)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE__

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			othdyt.cc/	1970-01-21 10:26:20	Name: locale Value: en-us

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

othdyt.cc
www.canadapost-postescanada.ca
23.13.160.75
89.116.50.152
449fece87598a2cc03b589392e56676646c19dd5aaf7a49e3c0ae2794b87e859
52044e8d2e2dc085d3cff4cb721560e811200cc7ed7ab45f5ee32467f895df0f
59c6cb8863714dd12574b2e5ba7611f24fa9c993e116e3e02b7c1a39db9ff172
6a50626ef34e5da6014662089f0775c6187d23e5c22379da71203848eac50ee3
79abb9bc30ff5a68612b4e0967806186ed604f2dea0113e41e6069d6673b8a2b
7b8e29118ba015ea57963be7a211198258bc55cf5f7d0b1ed645010240968aa7
86d01ad58a7df0c02db2fef3f5b1b82f538d89419d2c871aa7f56339b4aa4fa0
acf56f4833ccd8789f66864deae46f9a6efb8625f15b9e5996a00e5634f094e1
ae24b7c9128ec74f6139d14d3ae6ae40196a727be7b03ac8f030487709850cab
bb8c9088d57d933568ce41c1a9eca9e6233947b969ca2b1d84905e10a9a2b065
d3e646dfa4c0f2823df275de88bad394d6e3e30de340e1c035c1350dc6565ea0
e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87

othdyt.cc Open in urlscan Pro 89.116.50.152 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

154 kBTransfer

328 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

1 Cookies

Indicators

othdyt.cc Open in urlscan Pro
89.116.50.152 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

154 kB
Transfer

328 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!