capost.ndefrw.top Open in urlscan Pro
204.44.66.2 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://capost.ndefrw.top/
Effective URL:
https://capost.ndefrw.top/user/index.html
Submission: On February 17 via automatic, source certstream-suspicious (February 17th 2023, 11:30:06 pm UTC) — Scanned from DE

Summary HTTP 57 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 7 countries across 13 domains to perform 57 HTTP transactions. The main IP is 204.44.66.2, located in Los Angeles, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is capost.ndefrw.top.
TLS certificate: Issued by R3 on February 17th 2023. Valid for: 3 months.

This is the only time capost.ndefrw.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Canada Post (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 33	204.44.66.2 204.44.66.2	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1 3	34.254.165.240 34.254.165.240	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:f70... 2a02:26f0:f700:495::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
1	198.33.192.15 198.33.192.15	3848 (WORLDLINX-2) (WORLDLINX-2)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	34.240.144.110 34.240.144.110	16509 (AMAZON-02) (AMAZON-02)
2	13.37.25.97 13.37.25.97	16509 (AMAZON-02) (AMAZON-02)
1 1	54.229.62.148 54.229.62.148	16509 (AMAZON-02) (AMAZON-02)
1	34.249.148.170 34.249.148.170	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:808::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
57	14

33 204.44.66.2 (Los Angeles, United States) 1 redirects

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 204.44.66.2.static.quadranet.com

capost.ndefrw.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.254.165.240 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-165-240.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f700:495::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.33.192.15 (Canada)

ASN3848 (WORLDLINX-2, CA)

infopost.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.144.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-144-110.eu-west-1.compute.amazonaws.com

canadapost.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.37.25.97 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

sslstats.canadapost.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.62.148 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-62-148.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.148.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-148-170.eu-west-1.compute.amazonaws.com

canadapost.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:808::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	ndefrw.top 1 redirects capost.ndefrw.top	1 MB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	200 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 199 canadapost.demdex.net — Cisco Umbrella Rank: 191754	6 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6232	671 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	671 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	4 KB
2	canadapost.ca sslstats.canadapost.ca — Cisco Umbrella Rank: 155013	663 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	omtrdc.net canadapost.tt.omtrdc.net — Cisco Umbrella Rank: 177203	398 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1029	517 B
1	infopost.ca infopost.ca — Cisco Umbrella Rank: 543839	6 KB
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 475	28 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 699	29 KB
57	13

	Domain	Requested by
33	capost.ndefrw.top	1 redirects capost.ndefrw.top code.jquery.com
4	www.googletagmanager.com	capost.ndefrw.top www.googletagmanager.com
3	www.google.de	capost.ndefrw.top
3	www.google.com	capost.ndefrw.top
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	dpm.demdex.net	1 redirects capost.ndefrw.top
2	sslstats.canadapost.ca	capost.ndefrw.top
2	www.google-analytics.com	capost.ndefrw.top www.google-analytics.com
1	canadapost.tt.omtrdc.net	capost.ndefrw.top
1	cm.everesttech.net	1 redirects
1	canadapost.demdex.net	capost.ndefrw.top
1	infopost.ca	capost.ndefrw.top
1	assets.adobedtm.com	capost.ndefrw.top
1	code.jquery.com	capost.ndefrw.top
57	14

This site contains links to these domains. Also see Links.

Domain
www.canadapost.ca

Subject Issuer	Validity	Valid
capost.ndefrw.top R3	`2023-02-17` - `2023-05-18`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
infopost.ca Entrust Certification Authority - L1K	`2022-10-03` - `2023-11-03`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
sslstats.canadapost.ca DigiCert TLS RSA SHA256 2020 CA1	`2022-04-08` - `2023-05-09`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://capost.ndefrw.top/user/index.html
Frame ID: D67BBF57CE4A9F7BA19FB3AEE052A8BE
Requests: 56 HTTP requests in this frame

Frame: https://canadapost.demdex.net/dest5.html?d_nsid=0
Frame ID: 357736ACC6BC86BD1E2BCF5787AD4478
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Canada Post

Page URL History Show full URLs

https://capost.ndefrw.top/ HTTP 302
https://capost.ndefrw.top/user/index.html Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

95 %
HTTPS

50 %
IPv6

13
Domains

14
Subdomains

14
IPs

7
Countries

1481 kB
Transfer

3220 kB
Size

22
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.canadapost.ca/web/en/kb/details.page?article=legal_terms_of_use&cattype=kb&cat=generalinquiries&subcat=generalinformation
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.canadapost.ca/web/en/kb/details.page?article=privacy_statement_fo&cattype=kb&cat=generalinquiries&subcat=generalinformation
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://capost.ndefrw.top/ HTTP 302
https://capost.ndefrw.top/user/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1676676600785 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1676676600785

Request Chain 41

https://cm.everesttech.net/cm/dd?d_uuid=17920762004567694784583531751079359605 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-AN_QAAAJHQrgN-

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.html Show response
capost.ndefrw.top/user/
Redirect Chain

https://capost.ndefrw.top/
https://capost.ndefrw.top/user/index.html

41 KB
9 KB

154ms
154ms

Document
text/html

204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

5d7d5ab3d0b35dc33d36db391a731c81a42aa4e3bc9d41fa685771b7ff89e423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 17 Feb 2023 23:29:59 GMT
etag: W/"6341baf1-a325"
last-modified: Sat, 08 Oct 2022 18:01:21 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

cache-control: no-cache,must-revalidate
content-type: text/html; charset=utf-8
date: Fri, 17 Feb 2023 23:29:59 GMT
location: /user/index.html
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 565bffaf93e24eac9d702d9c18121109.css
capost.ndefrw.top/user/staticcaca/css/ 5 KB
848 B 149ms
147ms Stylesheet
text/css 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/staticcaca/css/565bffaf93e24eac9d702d9c18121109.css

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

1e235c9ddd1d4cd88c64d311ce1096e00b1c4e3be2e822b3b55bf3bb5ab21990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 08 Oct 2022 16:39:21 GMT
server: nginx
etag: W/"6341a7b9-1520"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 18 Feb 2023 11:30:00 GMT

GET
H2 200 4f3fd2fdbd4f4d51bba5b3045cde6eb0.js Show response
capost.ndefrw.top/user/staticcaca/js/ 65 KB
22 KB 446ms
443ms Script
application/javascript 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/staticcaca/js/4f3fd2fdbd4f4d51bba5b3045cde6eb0.js

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 08 Oct 2022 16:40:19 GMT
server: nginx
etag: W/"6341a7f3-105c7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 18 Feb 2023 11:30:00 GMT

GET
H2 200 satellitelib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js Show response
capost.ndefrw.top/user/staticcaca/js/ 604 KB
158 KB 446ms
443ms Script
application/javascript 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/staticcaca/js/satellitelib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

2cb3732bf42036f455bf5e75aa1e23415813b2ade6c4c62f88dbb0cd9edfdd76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 08 Oct 2022 16:40:24 GMT
server: nginx
etag: W/"6341a7f8-96fe3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 18 Feb 2023 11:30:00 GMT

GET
H2 200 style.min.css
capost.ndefrw.top/user/staticcaca/css/ 87 KB
14 KB 151ms
149ms Stylesheet
text/css 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/staticcaca/css/style.min.css

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 08 Oct 2022 16:39:27 GMT
server: nginx
etag: W/"6341a7bf-15b64"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 18 Feb 2023 11:30:00 GMT

GET
H2 200 bootstrap.min.css
capost.ndefrw.top/user/staticcaca/css/ 118 KB
24 KB 297ms
294ms Stylesheet
text/css 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/staticcaca/css/bootstrap.min.css

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

09ed619f5e113de91c2694e1b44febb9e73cdf9a8ca8b8215990e01f1c6fd290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 08 Oct 2022 16:39:24 GMT
server: nginx
etag: W/"6341a7bc-1d969"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 18 Feb 2023 11:30:00 GMT

GET
H2 200 site.css
capost.ndefrw.top/user/staticcaca/css/ 13 KB
4 KB 298ms
295ms Stylesheet
text/css 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/staticcaca/css/site.css

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

4bd881a4023e6281333283f46a479fedca97b02486a40abf90c0e8ed64ca7a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 08 Oct 2022 16:39:25 GMT
server: nginx
etag: W/"6341a7bd-34f7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 18 Feb 2023 11:30:00 GMT

GET
H2 200 html5shiv.min.js Show response
capost.ndefrw.top/user/staticcaca/js/ 3 KB
2 KB 446ms
443ms Script
application/javascript 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/staticcaca/js/html5shiv.min.js

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

e0eac80838c161f29e7c46d54fbc044d12cd164baae13255e562c6be3aa91809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 08 Oct 2022 16:40:20 GMT
server: nginx
etag: W/"6341a7f4-a4c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 18 Feb 2023 11:30:00 GMT

GET
H2 200 respond.min.js Show response
capost.ndefrw.top/user/staticcaca/js/ 4 KB
2 KB 446ms
444ms Script
application/javascript 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/staticcaca/js/respond.min.js

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

83a8807ef669fa70d0d9375347f5552897f76c6ae8e2e6f97ef592595462d8d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 08 Oct 2022 16:40:22 GMT
server: nginx
etag: W/"6341a7f6-1119"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 18 Feb 2023 11:30:00 GMT

GET
H2 404 layui.all.js
capost.ndefrw.top/user/static123/js/ 0
0 446ms
444ms Script
text/html 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://capost.ndefrw.top/user/static123/js/layui.all.js
Requested by: Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 204.44.66.2.static.quadranet.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 200 laydate.css
capost.ndefrw.top/user/static123/css/ 7 KB
2 KB 298ms
296ms Stylesheet
text/css 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/static123/css/laydate.css

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

26437b94d0f04ca9799425e7db20bb14e17cc9f777fa64b92ad05f87e2fddc21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 08 Oct 2022 16:40:53 GMT
server: nginx
etag: W/"6341a815-1d71"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 18 Feb 2023 11:30:00 GMT

GET
H2 200 layer.css
capost.ndefrw.top/user/static123/css/ 14 KB
3 KB 298ms
296ms Stylesheet
text/css 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/static123/css/layer.css

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

fdae5152c54f115a2a3340bf81a30d070e861ce744746372b4c1b02ae6ef8e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 08 Oct 2022 16:40:55 GMT
server: nginx
etag: W/"6341a817-39c3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 18 Feb 2023 11:30:00 GMT

GET
H2 200 code.css
capost.ndefrw.top/user/static123/css/ 1 KB
683 B 298ms
296ms Stylesheet
text/css 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/static123/css/code.css

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

cd4c4518e0684d548e90cf3ee37f04b9ab0b08d04569a8dfd8d97ff1e257d9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 08 Oct 2022 16:40:45 GMT
server: nginx
etag: W/"6341a80d-427"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 18 Feb 2023 11:30:00 GMT

GET
H2 404 layui.css
capost.ndefrw.top/user/static123/css/ 0
0 298ms
297ms Stylesheet
text/html 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://capost.ndefrw.top/user/static123/css/layui.css
Requested by: Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 204.44.66.2.static.quadranet.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 200 bundle.3c2de8e2291c5000dfa1bd18a61ea226.css
capost.ndefrw.top/user/static123/css/ 519 KB
94 KB 343ms
342ms Stylesheet
text/css 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/static123/css/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

863d1c7339dbd4835ad6c13a0bc58e43af3cbc471612a64f52db66d8fb0e6269

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 08 Oct 2022 16:40:41 GMT
server: nginx
etag: W/"6341a809-81c2d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 18 Feb 2023 11:30:00 GMT

GET
H2 200 bundle-utapi.3c2de8e2291c5000dfa1bd18a61ea226.css
capost.ndefrw.top/user/static123/css/ 11 KB
3 KB 443ms
442ms Stylesheet
text/css 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/static123/css/bundle-utapi.3c2de8e2291c5000dfa1bd18a61ea226.css

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

c82061fa08f15801e85a6a3760e7e04809942ca0157afd08df6c136ebc1bd804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 08 Oct 2022 16:40:38 GMT
server: nginx
etag: W/"6341a806-2a9b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 18 Feb 2023 11:30:00 GMT

GET
H2 200 translateelement.css
capost.ndefrw.top/user/static123/css/ 18 KB
4 KB 443ms
442ms Stylesheet
text/css 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/static123/css/translateelement.css

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

da3f9cd4452f9a77007a7b16a9a8bb4d80ec128caf2d90cc3fc6de81c3081d4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 08 Oct 2022 16:41:13 GMT
server: nginx
etag: W/"6341a829-48e5"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 18 Feb 2023 11:30:00 GMT

GET
H2 200 cpc-main-logo.jpg
capost.ndefrw.top/user/staticcaca/picture/ 8 KB
8 KB 148ms
146ms Image
image/jpeg 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://capost.ndefrw.top/user/staticcaca/picture/cpc-main-logo.jpg

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

718e7572f8c059ca4124d2f300889fa0374d0f7b5516e4c9f57a68b55cacbbec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 08 Oct 2022 16:40:31 GMT
server: nginx
etag: "6341a7ff-20c9"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8393
expires: Sun, 19 Mar 2023 23:30:00 GMT

GET
H2 200 jquery.min.js Show response
capost.ndefrw.top/user/static123/js/ 122 KB
42 KB 150ms
149ms Script
application/javascript 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/static123/js/jquery.min.js

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

239f398c5349778c9db13f61a605704e379ad7965686c3a0cd97839a79f5d25b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 08 Oct 2022 16:41:20 GMT
server: nginx
etag: W/"6341a830-1e850"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 18 Feb 2023 11:30:00 GMT

GET
H2 200 intrapost-e.png
capost.ndefrw.top/user/staticcaca/picture/ 4 KB
4 KB 148ms
147ms Image
image/png 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://capost.ndefrw.top/user/staticcaca/picture/intrapost-e.png

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

280a71f8893907fe3425c058f46067a2e9b994075eb66e718cb824abd42b3e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 08 Oct 2022 16:40:35 GMT
server: nginx
etag: "6341a803-e7d"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3709
expires: Sun, 19 Mar 2023 23:30:00 GMT

GET
H2 200 gov-canada-logo.png
capost.ndefrw.top/user/staticcaca/picture/ 3 KB
4 KB 148ms
147ms Image
image/png 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://capost.ndefrw.top/user/staticcaca/picture/gov-canada-logo.png

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

1c62d3abeb2e82d94fad1f8eb7b1b680f4829480966da4362ab818d0709c17e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 08 Oct 2022 16:40:34 GMT
server: nginx
etag: "6341a802-d9e"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3486
expires: Sun, 19 Mar 2023 23:30:00 GMT

GET
H2 200 new-tab.js Show response
capost.ndefrw.top/user/staticcaca/js/ 24 KB
10 KB 149ms
148ms Script
application/javascript 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/staticcaca/js/new-tab.js

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 08 Oct 2022 16:40:21 GMT
server: nginx
etag: W/"6341a7f5-609e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 18 Feb 2023 11:30:00 GMT

GET
H2 200 jquery-2.1.4.min.js Show response
code.jquery.com/ 82 KB
29 KB 56ms
14ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.1.4.min.js
Requested by: Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14979"
vary: Accept-Encoding
x-hw: 1676676600.dop154.fr8.t,1676676600.cds258.fr8.hn,1676676600.cds244.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29519

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1676676600785
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1676676600785

369 B
1 KB

33ms
33ms

XHR
application/json

34.254.165.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1676676600785

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

HTTP/1.1

Server

34.254.165.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-165-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

04360d41e481936c5dd1dfc3a11c9394f26f60cd74689e89ef91691166c42db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-03cf679dc.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: XmLN9fdjRsg=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://capost.ndefrw.top
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 310
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v046-0d6a26255.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: C5saeqEXRUo=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://capost.ndefrw.top
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1676676600785
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js Show response
assets.adobedtm.com/0ccf8b9a711f/6e634e5f652e/c334e429a23e/ 83 KB
28 KB 174ms
65ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/0ccf8b9a711f/6e634e5f652e/c334e429a23e/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
Requested by: Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/staticcaca/js/satellitelib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ccaaacacd581eef394f32388c083fdddd73aa85550e48c4e60fb580c66a1e68a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:01 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 15:27:11 GMT
server: AkamaiNetStorage
etag: "891ffeec900c365273c5863f92957439:1663082831.39803"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://capost.ndefrw.top
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 28610
expires: Sat, 18 Feb 2023 00:30:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
44 KB 119ms
46ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9852050

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/staticcaca/js/satellitelib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d769930b3b5e8ff3795c85b726c55e361995471f06a38225c3e807172089f75a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44397
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Feb 2023 23:30:00 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
infopost.ca/wp-includes/js/ 18 KB
6 KB 451ms
112ms Script
application/javascript 198.33.192.15
WORLDLINX-2

General

Check archive.org

Show headers Download Go to

Full URL

https://infopost.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.33.192.15 , Canada, ASN3848 (WORLDLINX-2, CA),

Reverse DNS

Software

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 23:27:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 24 Jan 2023 16:55:15 GMT
ETag: W/"48b9-5f305613802c0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Frame-Options: SAMEORIGIN
Cache-control: private
Connection: keep-alive
Keep-Alive: timeout=20
X-XSS-Protection: 1; mode=block

GET
H2 404 default-3e828e80f6e985c352eba4474518978d.woff
capost.ndefrw.top/user/static123/fonts/ 0
0 169ms
169ms Font
text/html 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://capost.ndefrw.top/user/static123/fonts/default-3e828e80f6e985c352eba4474518978d.woff
Requested by: Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/static123/css/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 204.44.66.2.static.quadranet.com
Software: nginx /
Resource Hash

Request headers

Referer: https://capost.ndefrw.top/user/static123/css/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css
Origin: https://capost.ndefrw.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 iconfont-2817b89766135c02472db274c79655de.woff
capost.ndefrw.top/user/static123/fonts/ 9 KB
9 KB 146ms
146ms Font
font/woff 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/static123/fonts/iconfont-2817b89766135c02472db274c79655de.woff

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/static123/css/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

e2429015bf4b995fe06db415efe71c1c345b8a536f605e5708342e8bba8c564f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://capost.ndefrw.top/user/static123/css/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css
Origin: https://capost.ndefrw.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 08 Oct 2022 16:41:15 GMT
server: nginx
etag: "6341a82b-24d0"
content-type: font/woff
accept-ranges: bytes
content-length: 9424

GET
H2 200 kfomcnqeu92fr1mu4mxk.woff2
capost.ndefrw.top/user/staticcaca/fonts/ 15 KB
16 KB 147ms
146ms Font
font/woff2 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/staticcaca/fonts/kfomcnqeu92fr1mu4mxk.woff2

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/staticcaca/css/565bffaf93e24eac9d702d9c18121109.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://capost.ndefrw.top/user/staticcaca/css/565bffaf93e24eac9d702d9c18121109.css
Origin: https://capost.ndefrw.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 08 Oct 2022 16:39:51 GMT
server: nginx
etag: "6341a7d7-3d80"
content-type: font/woff2
accept-ranges: bytes
content-length: 15744

GET
H2 404 default-5a6dd86f272b304a8b83f7df61f11c2f.woff
capost.ndefrw.top/user/static123/fonts/ 0
0 175ms
174ms Font
text/html 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://capost.ndefrw.top/user/static123/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff
Requested by: Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/static123/css/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 204.44.66.2.static.quadranet.com
Software: nginx /
Resource Hash

Request headers

Referer: https://capost.ndefrw.top/user/static123/css/bundle.3c2de8e2291c5000dfa1bd18a61ea226.css
Origin: https://capost.ndefrw.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 kfolcnqeu92fr1mmwulfbbc4.woff2
capost.ndefrw.top/user/staticcaca/fonts/ 15 KB
16 KB 152ms
151ms Font
font/woff2 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/user/staticcaca/fonts/kfolcnqeu92fr1mmwulfbbc4.woff2

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/staticcaca/css/565bffaf93e24eac9d702d9c18121109.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://capost.ndefrw.top/user/staticcaca/css/565bffaf93e24eac9d702d9c18121109.css
Origin: https://capost.ndefrw.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 08 Oct 2022 16:39:44 GMT
server: nginx
etag: "6341a7d0-3df4"
content-type: font/woff2
accept-ranges: bytes
content-length: 15860

GET
H2 404 translate_24dp.png
capost.ndefrw.top/user/static123/images/ 548 B
548 B 147ms
147ms Image
text/html 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capost.ndefrw.top/user/static123/images/translate_24dp.png
Requested by: Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/static123/css/translateelement.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 204.44.66.2.static.quadranet.com
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/static123/css/translateelement.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 200 new_intrapost_banner-e.jpg
capost.ndefrw.top/user/staticcaca/images/ 675 KB
676 KB 147ms
147ms Image
image/jpeg 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://capost.ndefrw.top/user/staticcaca/images/new_intrapost_banner-e.jpg

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/staticcaca/css/site.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

c5bbb9f0f25ec77d6d7726384153e85126caa518aad082b846fae2ec371185c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/staticcaca/css/site.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 08 Oct 2022 16:40:14 GMT
server: nginx
etag: "6341a7ee-a8b13"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 690963
expires: Sun, 19 Mar 2023 23:30:00 GMT

GET
H2 200 cibc-feature_ef.jpg
capost.ndefrw.top/user/staticcaca/images/ 57 KB
57 KB 261ms
261ms Image
image/jpeg 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://capost.ndefrw.top/user/staticcaca/images/cibc-feature_ef.jpg

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/staticcaca/css/site.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

1b8cc4f52fabf0d4d54ed3935e4e4561d8a7c5bd3f934d1105004ab942c606b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/user/staticcaca/css/site.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:00 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 08 Oct 2022 16:40:06 GMT
server: nginx
etag: "6341a7e6-e200"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 57856
expires: Sun, 19 Mar 2023 23:30:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Feb 2023 22:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4510
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 18 Feb 2023 00:14:50 GMT

GET jquery-2.1.4.min.js
code.jquery.com/ 0
0

GET
H2 200 ipRecord Show response
capost.ndefrw.top/index/index/ 36 B
141 B 1846ms
1846ms XHR
application/json 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://capost.ndefrw.top/index/index/ipRecord

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.1.4.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

204.44.66.2.static.quadranet.com

Software

nginx /

Resource Hash

5225bfe54b7f38cb9fe7e0cba5780a47a924b6fe8c6a4109e939f356ffa12a47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Referer: https://capost.ndefrw.top/user/index.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:01 GMT
strict-transport-security: max-age=31536000
server: nginx
content-type: application/json; charset=utf-8

GET
H2 404 userStatus Show response
capost.ndefrw.top/user/ 5 KB
2 KB 1842ms
1841ms XHR
text/html 204.44.66.2
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://capost.ndefrw.top/user/userStatus?uid=eb7cd1460cb1917853b9141bcc067997&status=10
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.1.4.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.44.66.2 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 204.44.66.2.static.quadranet.com
Software: nginx /
Resource Hash: 6adf62fdf4c0df1147567dce2bd4ee7a7ac2a2de2d88d43741015cbbcfa88d85

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://capost.ndefrw.top/user/index.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:01 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 15ms
14ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=922640391&t=pageview&_s=1&dl=https%3A%2F%2Fcapost.ndefrw.top%2Fuser%2Findex.html&ul=en-us&de=UTF-8&dt=Canada%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=381104690&gjid=1809488790&cid=109670280.1676676601&tid=UA-8236798-7&_gid=868476827.1676676601&_r=1&_slc=1&z=1274502262

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://capost.ndefrw.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 23:30:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capost.ndefrw.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
canadapost.demdex.net/ Frame 3577 7 KB
3 KB 296ms
32ms Document
text/html 34.240.144.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://canadapost.demdex.net/dest5.html?d_nsid=0

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/staticcaca/js/satellitelib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.240.144.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-240-144-110.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://capost.ndefrw.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcscanary-prod-irl1-1-v054-096b5de0a.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: IxBeC3F/SLg=
content-encoding: gzip
date: Fri, 17 Feb 2023 23:30:01 GMT
last-modified: Wed, 8 Feb 2023 10:41:03 GMT
vary: accept-encoding

GET
H2 200 id Show response
sslstats.canadapost.ca/ 48 B
461 B 102ms
18ms XHR
application/x-javascript 13.37.25.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sslstats.canadapost.ca/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&mid=17896751249256445054581135072927466858&ts=1676676600992

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/staticcaca/js/satellitelib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

6ec76aa111cba737748ec8bf295d50bef14ca27acf103419bdad977c885d224d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://capost.ndefrw.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Feb 2023 23:30:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://capost.ndefrw.top
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y-AN_QAAAJHQrgN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=17920762004567694784583531751079359605
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-AN_QAAAJHQrgN-

42 B
942 B

33ms
33ms

Image
image/gif

34.254.165.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-AN_QAAAJHQrgN-

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

HTTP/1.1

Server

34.254.165.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-165-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-095a32b2e.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: erkR/FMTQr8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-AN_QAAAJHQrgN-
Date: Fri, 17 Feb 2023 23:30:01 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 json Show response
canadapost.tt.omtrdc.net/m2/canadapost/mbox/ 96 B
398 B 135ms
47ms XHR
application/json 34.249.148.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://canadapost.tt.omtrdc.net/m2/canadapost/mbox/json?mbox=target-global-mbox&mboxSession=adcb4480de3e4d09a65089aa75e85007&mboxPC=&mboxPage=7c17be5c42d44fddb6de7f50677e3b3c&mboxRid=cb32eae8123d41e6b3d0e0c9f92641b7&mboxVersion=1.8.3&mboxCount=1&mboxTime=1676676600825&mboxHost=capost.ndefrw.top&mboxURL=https%3A%2F%2Fcapost.ndefrw.top%2Fuser%2Findex.html&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&user.status=anonymous&visitNumber=1&user.profileType=anonymous&mboxMCSDID=153A931B8DC3B73F-39B2830A11548AB4&vst.trk=sslstats.canadapost.ca&vst.trks=sslstats.canadapost.ca&mboxMCGVID=17896751249256445054581135072927466858&mboxAAMB=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&mboxMCGLH=6
Requested by: Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/staticcaca/js/satellitelib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.148.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-148-170.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4648b37b3c312f4c052eaf94b640d4adc79aa51d9b9de0762d96ebd21d767e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 23:30:01 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://capost.ndefrw.top
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 96
x-request-id: cb32eae8123d41e6b3d0e0c9f92641b7

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
50 KB 51ms
51ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1011747518&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9852050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c516494e2a66317f4b26ce6ddf906f4831effa18fe28ecf31e43d8e6f67abea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50787
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Feb 2023 23:30:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 49ms
48ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-12182971&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9852050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57df4120dca2699cb6a389c1eeb0e152e88ed05c776016aacb952faecccee6d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44412
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Feb 2023 23:30:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 68ms
68ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10937558046&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9852050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d0aa3db4df58d464a55a730403d5cadc741f676882c00fd28bbe4d92aec74cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 23:30:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64862
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Feb 2023 23:30:01 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/ 2 KB
1 KB 46ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1676676601112&cv=11&fst=1676676601112&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcapost.ndefrw.top%2Fuser%2Findex.html&tiba=Canada%20Post&auid=1640429640.1676676601&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1011747518&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f785b6843b6ddaf008b8910de3a9f0a5994bd7e9bcd3c82f850a44d6526fa02c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 23:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 879
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/ 2 KB
1 KB 43ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1676676601120&cv=11&fst=1676676601120&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcapost.ndefrw.top%2Fuser%2Findex.html&tiba=Canada%20Post&value=replace%20with%20value&auid=1640429640.1676676601&uamb=0&uaw=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1011747518&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d5413a69836b3ea586f43a2f214defb87fd79200b56059a555a4fbf366fe899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 23:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 959
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10937558046/ 2 KB
1 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10937558046/?random=1676676601134&cv=11&fst=1676676601134&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcapost.ndefrw.top%2Fuser%2Findex.html&tiba=Canada%20Post&auid=1640429640.1676676601&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10937558046&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9927604c8fb53232332268935b7e39dcc3dd3c3cb1e5623b58148f7aa12d606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 23:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 881
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s72600695828545
sslstats.canadapost.ca/b/ss/canadapostcapool/1/JS-2.5.0-LCUM/ 43 B
202 B 19ms
18ms Image
image/gif 13.37.25.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sslstats.canadapost.ca/b/ss/canadapostcapool/1/JS-2.5.0-LCUM/s72600695828545?AQB=1&ndh=1&pf=1&t=17%2F1%2F2023%2023%3A30%3A1%205%200&sdid=153A931B8DC3B73F-39B2830A11548AB4&mid=17896751249256445054581135072927466858&aamlh=6&ce=UTF-8&ns=canadapost&cdp=3&fpCookieDomainPeriods=3&g=https%3A%2F%2Fcapost.ndefrw.top%2Fuser%2Findex.html&c.&getVisitNum=4.2&endOfDatePeriod=1.2&.c&cc=CAD&server=capost.ndefrw.top&events=event96%3D11&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c3=D%3DpageName&v3=D%3DpageName&c8=capost.ndefrw.top&c9=D%3DpageName&v9=D%3DpageName&c10=D%3DpageName&v10=D%3DpageName&c11=D%3DpageName&v11=D%3DpageName&c13=D%3DpageName&v13=D%3DpageName&c16=standard&v16=standard&c17=anonymous&v17=anonymous&v30=D%3Dv122&c34=18%3A00&v34=18%3A00&c35=Friday&v35=Friday&c36=weekday&v36=weekday&v37=First%20Visit&c39=New&v39=New&v69=D%3DUser-Agent&c70=D%3Dv70&v70=https%3A%2F%2Fcapost.ndefrw.top%2Fuser%2Findex.html&c72=11&v94=17896751249256445054581135072927466858&v122=anonymous&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&AQE=1

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 23:30:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 23:30:01 GMT
server: jag
etag: 3600635584979337216-4619798408363461972
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 16 Feb 2023 23:30:01 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10937558046/ 42 B
108 B 114ms
47ms Image
image/gif 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10937558046/?random=1676676601134&cv=11&fst=1676674800000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fcapost.ndefrw.top%2Fuser%2Findex.html&tiba=Canada%20Post&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1438744786&rmt_tld=0&ipr=y

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 23:30:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10937558046/ 42 B
108 B 111ms
44ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10937558046/?random=1676676601134&cv=11&fst=1676674800000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fcapost.ndefrw.top%2Fuser%2Findex.html&tiba=Canada%20Post&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1438744786&rmt_tld=1&ipr=y

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 23:30:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
455 B 110ms
45ms Image
image/gif 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1676676601112&cv=11&fst=1676674800000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fcapost.ndefrw.top%2Fuser%2Findex.html&tiba=Canada%20Post&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=359239700&rmt_tld=0&ipr=y

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 23:30:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1011747518/ 42 B
455 B 108ms
44ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1676676601112&cv=11&fst=1676674800000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fcapost.ndefrw.top%2Fuser%2Findex.html&tiba=Canada%20Post&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=359239700&rmt_tld=1&ipr=y

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 23:30:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
108 B 111ms
48ms Image
image/gif 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1676676601120&cv=11&fst=1676674800000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fcapost.ndefrw.top%2Fuser%2Findex.html&tiba=Canada%20Post&value=replace%20with%20value&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&fmt=3&is_vtc=1&random=2936184727&rmt_tld=0&ipr=y

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 23:30:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1011747518/ 42 B
108 B 109ms
46ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1676676601120&cv=11&fst=1676674800000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fcapost.ndefrw.top%2Fuser%2Findex.html&tiba=Canada%20Post&value=replace%20with%20value&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&fmt=3&is_vtc=1&random=2936184727&rmt_tld=1&ipr=y

Requested by

Host: capost.ndefrw.top
URL: https://capost.ndefrw.top/user/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capost.ndefrw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 23:30:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: code.jquery.com
URL: http://code.jquery.com/jquery-2.1.4.min.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Canada Post (Transportation)

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ndefrw.top/	1969-12-31 23:59:59	Name: at_check Value: true
.ndefrw.top/	1970-01-20 09:54:43	Name: s_vnc7 Value: 1677281400822%26vn%3D1
.ndefrw.top/	1970-01-20 09:44:38	Name: s_ivc Value: true
.demdex.net/	1970-01-20 14:03:48	Name: demdex Value: 17920762004567694784583531751079359605
.ndefrw.top/	1970-01-20 19:20:36	Name: _ga Value: GA1.2.109670280.1676676601
.ndefrw.top/	1970-01-20 09:46:03	Name: _gid Value: GA1.2.868476827.1676676601
.ndefrw.top/	1970-01-20 09:44:36	Name: _gat Value: 1
.capost.ndefrw.top/	1969-12-31 23:59:59	Name: AMCVS_0C4E3704533345770A490D44%40AdobeOrg Value: 1
.ndefrw.top/	1970-01-20 11:54:12	Name: _gcl_au Value: 1.1.1640429640.1676676601
.ndefrw.top/	1970-01-20 09:44:38	Name: s_gpv_url Value: https%3A%2F%2Fcapost.ndefrw.top%2Fuser%2Findex.html
.ndefrw.top/	1970-01-20 19:20:36	Name: mbox Value: session#adcb4480de3e4d09a65089aa75e85007#1676678462\|PC#adcb4480de3e4d09a65089aa75e85007.37_0#1739921402
.everesttech.net/	1970-01-20 18:30:12	Name: everest_g_v2 Value: g_surferid~Y-AN_QAAAJHQrgN-
.ndefrw.top/	1970-01-20 09:44:38	Name: gpv_v4 Value: no%20value
.ndefrw.top/	1970-01-20 09:44:38	Name: s_lv_s Value: First%20Visit
.ndefrw.top/	1970-01-20 10:27:48	Name: s_nr Value: 1676676601156-New
.ndefrw.top/	1970-01-20 19:20:36	Name: s_lv Value: 1676676601156
.ndefrw.top/	1969-12-31 23:59:59	Name: s_cc Value: true
.doubleclick.net/	1970-01-20 09:44:37	Name: test_cookie Value: CheckForPermission
.dpm.demdex.net/	1970-01-20 14:03:48	Name: dpm Value: 17920762004567694784583531751079359605
.capost.ndefrw.top/	1970-01-20 19:20:36	Name: AMCV_0C4E3704533345770A490D44%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19406%7CMCMID%7C17896751249256445054581135072927466858%7CMCAAMLH-1677281400%7C6%7CMCAAMB-1677281400%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1676683801s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19413%7CvVersion%7C5.2.0
.ndefrw.top/	1969-12-31 23:59:59	Name: s_ppvl Value: https%253A%2F%2Fcapost.ndefrw.top%2Fuser%2Findex.html%2C57%2C57%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CL
.ndefrw.top/	1969-12-31 23:59:59	Name: s_ppv Value: https%253A%2F%2Fcapost.ndefrw.top%2Fuser%2Findex.html%2C57%2C57%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CL

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://capost.ndefrw.top/user/static123/css/layui.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://capost.ndefrw.top/user/static123/js/layui.all.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://capost.ndefrw.top/user/index.html Message: Mixed Content: The page at 'https://capost.ndefrw.top/user/index.html' was loaded over HTTPS, but requested an insecure script 'http://code.jquery.com/jquery-2.1.4.min.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://capost.ndefrw.top/user/static123/fonts/default-3e828e80f6e985c352eba4474518978d.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://capost.ndefrw.top/user/static123/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://capost.ndefrw.top/user/static123/images/translate_24dp.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://capost.ndefrw.top/user/userStatus?uid=eb7cd1460cb1917853b9141bcc067997&status=10 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
canadapost.demdex.net
canadapost.tt.omtrdc.net
capost.ndefrw.top
cm.everesttech.net
code.jquery.com
dpm.demdex.net
googleads.g.doubleclick.net
infopost.ca
sslstats.canadapost.ca
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
code.jquery.com
13.37.25.97
198.33.192.15
2001:4860:4802:32::178
2001:4de0:ac18::1:a:3a
204.44.66.2
2a00:1450:4001:827::2002
2a00:1450:400d:806::2008
2a00:1450:400d:808::2004
2a00:1450:400d:80a::2003
2a02:26f0:f700:495::1e80
34.240.144.110
34.249.148.170
34.254.165.240
54.229.62.148
04360d41e481936c5dd1dfc3a11c9394f26f60cd74689e89ef91691166c42db6
09ed619f5e113de91c2694e1b44febb9e73cdf9a8ca8b8215990e01f1c6fd290
1b8cc4f52fabf0d4d54ed3935e4e4561d8a7c5bd3f934d1105004ab942c606b2
1c516494e2a66317f4b26ce6ddf906f4831effa18fe28ecf31e43d8e6f67abea
1c62d3abeb2e82d94fad1f8eb7b1b680f4829480966da4362ab818d0709c17e5
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e235c9ddd1d4cd88c64d311ce1096e00b1c4e3be2e822b3b55bf3bb5ab21990
239f398c5349778c9db13f61a605704e379ad7965686c3a0cd97839a79f5d25b
26437b94d0f04ca9799425e7db20bb14e17cc9f777fa64b92ad05f87e2fddc21
280a71f8893907fe3425c058f46067a2e9b994075eb66e718cb824abd42b3e74
297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4
2cb3732bf42036f455bf5e75aa1e23415813b2ade6c4c62f88dbb0cd9edfdd76
4648b37b3c312f4c052eaf94b640d4adc79aa51d9b9de0762d96ebd21d767e08
4bd881a4023e6281333283f46a479fedca97b02486a40abf90c0e8ed64ca7a84
5225bfe54b7f38cb9fe7e0cba5780a47a924b6fe8c6a4109e939f356ffa12a47
57df4120dca2699cb6a389c1eeb0e152e88ed05c776016aacb952faecccee6d3
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5d0aa3db4df58d464a55a730403d5cadc741f676882c00fd28bbe4d92aec74cb
5d7d5ab3d0b35dc33d36db391a731c81a42aa4e3bc9d41fa685771b7ff89e423
6adf62fdf4c0df1147567dce2bd4ee7a7ac2a2de2d88d43741015cbbcfa88d85
6d5413a69836b3ea586f43a2f214defb87fd79200b56059a555a4fbf366fe899
6ec76aa111cba737748ec8bf295d50bef14ca27acf103419bdad977c885d224d
718e7572f8c059ca4124d2f300889fa0374d0f7b5516e4c9f57a68b55cacbbec
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
83a8807ef669fa70d0d9375347f5552897f76c6ae8e2e6f97ef592595462d8d1
863d1c7339dbd4835ad6c13a0bc58e43af3cbc471612a64f52db66d8fb0e6269
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b9927604c8fb53232332268935b7e39dcc3dd3c3cb1e5623b58148f7aa12d606
c5bbb9f0f25ec77d6d7726384153e85126caa518aad082b846fae2ec371185c6
c82061fa08f15801e85a6a3760e7e04809942ca0157afd08df6c136ebc1bd804
ccaaacacd581eef394f32388c083fdddd73aa85550e48c4e60fb580c66a1e68a
cd4c4518e0684d548e90cf3ee37f04b9ab0b08d04569a8dfd8d97ff1e257d9e8
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d769930b3b5e8ff3795c85b726c55e361995471f06a38225c3e807172089f75a
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
da3f9cd4452f9a77007a7b16a9a8bb4d80ec128caf2d90cc3fc6de81c3081d4e
e0eac80838c161f29e7c46d54fbc044d12cd164baae13255e562c6be3aa91809
e2429015bf4b995fe06db415efe71c1c345b8a536f605e5708342e8bba8c564f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f785b6843b6ddaf008b8910de3a9f0a5994bd7e9bcd3c82f850a44d6526fa02c
fdae5152c54f115a2a3340bf81a30d070e861ce744746372b4c1b02ae6ef8e74

capost.ndefrw.top Open in urlscan Pro 204.44.66.2 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

95 %HTTPS

50 %IPv6

13 Domains

14 Subdomains

14 IPs

7 Countries

1481 kBTransfer

3220 kBSize

22 Cookies

2 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

capost.ndefrw.top Open in urlscan Pro
204.44.66.2 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

95 %
HTTPS

50 %
IPv6

13
Domains

14
Subdomains

14
IPs

7
Countries

1481 kB
Transfer

3220 kB
Size

22
Cookies

57 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!