www.post-investigation.com Open in urlscan Pro
2a06:98c1:3120::9  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.post-investigation.com/	2 KB 2 KB	136ms 63ms	Document text/html	2a06:98c1:3120::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.post-investigation.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.25 PleskLin Resource Hash 2194b185c0200d32b6d37c4c4bae8f86318cd44d0da0c3e3eadb3368136c5ba4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 764e8ef72d03b77c-AMS content-encoding br content-type text/html; charset=UTF-8 date Fri, 04 Nov 2022 15:59:43 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKXEyxpHDYdOaCP%2BSGgsUS6NEm9fydgmCZKxhVzYGMCZN%2BWsTVzk0yH4jPyft43Y4oJjytdF6dVA26rBG4NWAaE5bUXv%2Foz79gVyv4jOuM8UWkrI84H7vL1LgE2q8WbocBGhT%2FxFgMgTh%2BLl6ogvwriFoKyNJhg%2BNQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/8.0.25 PleskLin
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/	158 KB 25 KB	102ms 49ms	Stylesheet text/css	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css Requested by Host: www.post-investigation.com URL: https://www.post-investigation.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.post-investigation.com/ Origin https://www.post-investigation.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 04 Nov 2022 15:59:43 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 4034329 x-jsd-version 4.6.0 content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19126-FRA, cache-yyz4561-YYZ x-jsd-version-type version server cloudflare etag W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybAt2N%2BsvGoXlSEkwPjk5SQZmYx0c5oSmXiJyN60l9kmu9xPc1DFd3No2gxGcSYhUYMuGNmhZyqKmJajtu8%2Bxoe9Pyz7F1RDNvySyrU4YNDwYMxGqD8rklvXp2I6160aIkgZnZIf5Tjpox1gtqE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 764e8ef7ea364260-AMS
GET H2	200	jquery-3.5.1.slim.min.js Show response code.jquery.com/	71 KB 24 KB	112ms 27ms	Script application/javascript	2001:4de0:ac18::1:a:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.slim.min.js Requested by Host: www.post-investigation.com URL: https://www.post-investigation.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db Request headers Referer https://www.post-investigation.com/ Origin https://www.post-investigation.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 04 Nov 2022 15:59:43 GMT content-encoding gzip last-modified Wed, 16 Feb 2022 10:50:39 GMT server nginx etag W/"620cd6ff-11abc" vary Accept-Encoding x-hw 1667577583.dop235.am5.t,1667577583.cds281.am5.hn,1667577583.cds266.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 24606
GET H2	200	popper.min.js Show response cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/	21 KB 8 KB	100ms 47ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js Requested by Host: www.post-investigation.com URL: https://www.post-investigation.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.post-investigation.com/ Origin https://www.post-investigation.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 04 Nov 2022 15:59:43 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} fastly-original-body-size 7503 age 12879767 x-jsd-version 1.16.1 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19122-FRA, cache-cdg20732-CDG x-jsd-version-type version server cloudflare etag W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oj6DwUUjHHIgzDWXGo8uX%2BCaNnoAgm49pEaQXV2SvJPC%2BjK%2BidHASVtFa45FKs26nMu%2FCA2vOj1nar%2Bila8C2zFZCmQJV6KP%2FPwWnNfdvH1Sa8JWBPVoUXJegmbfO7S9jE6CkveEYTIbqBViLBg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 764e8ef7ea384260-AMS
GET H2	200	bootstrap.min.js Show response cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/	62 KB 16 KB	107ms 54ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js Requested by Host: www.post-investigation.com URL: https://www.post-investigation.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.post-investigation.com/ Origin https://www.post-investigation.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 04 Nov 2022 15:59:43 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 11755850 x-jsd-version 4.6.0 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19151-FRA, cache-iad-kiad7000087-IAD x-jsd-version-type version server cloudflare etag W/"f7eb-O+7WjtfXU8a/T2HCY4bd15KboDA" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doPgBsgX3F4FnBzbAcyJMFR0WyQcgyyuwax5R%2Fj6Accs3IBguL%2B9vKBsYXZPqQKqyF7oPsGuZ2LIhA12MlKD9DRQuh50QyNbeljnz8hIs1s1CsCuLbvrNtmaWgWm%2FolCqMKwAme3Pz11ehcHyvk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 764e8ef7ea394260-AMS
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 970 B	114ms 42ms	Script text/javascript	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: www.post-investigation.com URL: https://www.post-investigation.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ee9fac5c42a85227a2e725c8a27d38653c9b378c2edf6bcc8682e403727530af Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.post-investigation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 04 Nov 2022 15:59:43 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 557 x-xss-protection 1; mode=block expires Fri, 04 Nov 2022 15:59:43 GMT
GET H/1.1	200 OK	Swiss-Post-new.jpg www.upu.int/getmedia/f6b34039-1181-4a81-a7ac-86d33d4db788/	623 KB 623 KB	215ms 50ms	Image image/jpeg	193.247.49.33
General Check archive.org Show headers Download Go to Show image Full URL https://www.upu.int/getmedia/f6b34039-1181-4a81-a7ac-86d33d4db788/Swiss-Post-new.jpg Requested by Host: www.post-investigation.com URL: https://www.post-investigation.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.247.49.33 Bern, Switzerland, ASN206225 (), Reverse DNS upu.int Software / Resource Hash 20b89197d059fe89e7d8535dd0324757d438eec53480ecf0445c1a29314d6ec6 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.post-investigation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Fri, 04 Nov 2022 15:59:43 GMT Last-Modified Tue, 27 Jul 2021 08:23:58 GMT ETag "7/27/2021 8:23:58 AM" Content-Type image/jpeg Cache-Control public, must-revalidate Content-Disposition inline; filename="Swiss-Post-new.jpg" Accept-Ranges bytes Content-Length 637625 Expires Fri, 04 Nov 2022 15:59:43 GMT
GET H2	200	recaptcha__nl.js Show response www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/	399 KB 160 KB	104ms 33ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__nl.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 681a577ee06bc028646ddcaef870c9c0677251da5fd690d89565fa1a9f74ce64 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.post-investigation.com/ Origin https://www.post-investigation.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 03 Nov 2022 12:45:24 GMT content-encoding gzip x-content-type-options nosniff age 98059 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 162810 x-xss-protection 0 last-modified Mon, 31 Oct 2022 04:02:45 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 03 Nov 2023 12:45:24 GMT
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 8B90	7 KB 1 KB	47ms 46ms	Document text/html	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNd8QiAAAAABDQD2faf1ASXva73iBZaX08maUI&co=aHR0cHM6Ly93d3cucG9zdC1pbnZlc3RpZ2F0aW9uLmNvbTo0NDM.&hl=nl&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=normal&cb=qntlq62z9hni Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__nl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 812797b19537b9823aba1f8212a14888ad66ddf65f89113447089155f1201cb6 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-whB6B3HVFotwA15T1sVt_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.post-investigation.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=0 content-encoding gzip content-length 1051 content-security-policy script-src 'report-sample' 'nonce-whB6B3HVFotwA15T1sVt_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 04 Nov 2022 15:59:43 GMT expires Fri, 04 Nov 2022 15:59:43 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/ Frame 8B90	52 KB 24 KB	150ms 31ms	Stylesheet text/css	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNd8QiAAAAABDQD2faf1ASXva73iBZaX08maUI&co=aHR0cHM6Ly93d3cucG9zdC1pbnZlc3RpZ2F0aW9uLmNvbTo0NDM.&hl=nl&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=normal&cb=qntlq62z9hni Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 04 Nov 2022 09:34:26 GMT content-encoding gzip x-content-type-options nosniff age 23117 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24262 x-xss-protection 0 last-modified Mon, 31 Oct 2022 04:02:45 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Nov 2023 09:34:26 GMT
GET H3	200	recaptcha__nl.js Show response www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/ Frame 8B90	399 KB 159 KB	177ms 59ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__nl.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNd8QiAAAAABDQD2faf1ASXva73iBZaX08maUI&co=aHR0cHM6Ly93d3cucG9zdC1pbnZlc3RpZ2F0aW9uLmNvbTo0NDM.&hl=nl&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=normal&cb=qntlq62z9hni Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 681a577ee06bc028646ddcaef870c9c0677251da5fd690d89565fa1a9f74ce64 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 03 Nov 2022 12:45:24 GMT content-encoding gzip x-content-type-options nosniff age 98059 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 162810 x-xss-protection 0 last-modified Mon, 31 Oct 2022 04:02:45 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 03 Nov 2023 12:45:24 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 8B90	2 KB 2 KB	32ms 31ms	Image image/png	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 01 Nov 2022 18:59:48 GMT x-content-type-options nosniff age 248396 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Tue, 08 Nov 2022 18:59:48 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 8B90	15 KB 16 KB	104ms 31ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNd8QiAAAAABDQD2faf1ASXva73iBZaX08maUI&co=aHR0cHM6Ly93d3cucG9zdC1pbnZlc3RpZ2F0aW9uLmNvbTo0NDM.&hl=nl&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=normal&cb=qntlq62z9hni Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 01 Nov 2022 11:18:05 GMT x-content-type-options nosniff age 276099 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 01 Nov 2023 11:18:05 GMT

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| Popper object| bootstrap object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_283344

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.post-investigation.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: l6dkvr6un1v0tll3d1bmdc4utn

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jquery.com
fonts.gstatic.com
www.google.com
www.gstatic.com
www.post-investigation.com
www.upu.int
193.247.49.33
2001:4de0:ac18::1:a:2a
2606:4700::6810:5914
2a00:1450:4001:800::2003
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2004
2a06:98c1:3120::9
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20b89197d059fe89e7d8535dd0324757d438eec53480ecf0445c1a29314d6ec6
2194b185c0200d32b6d37c4c4bae8f86318cd44d0da0c3e3eadb3368136c5ba4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
681a577ee06bc028646ddcaef870c9c0677251da5fd690d89565fa1a9f74ce64
812797b19537b9823aba1f8212a14888ad66ddf65f89113447089155f1201cb6
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
ee9fac5c42a85227a2e725c8a27d38653c9b378c2edf6bcc8682e403727530af
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f