urlscan.io logo urlscan.io
SecurityTrails logo

nonprod-santa.canadapost.ca Open in urlscan Pro
198.34.168.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nonprod-santa.canadapost.ca/
Effective URL: https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
Submission: On September 04 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 16 HTTP transactions. The main IP is 198.34.168.34, located in Canada and belongs to WORLDLINX-2, CA. The main domain is nonprod-santa.canadapost.ca.
TLS certificate: Issued by Entrust Certification Authority - L1K on October 15th 2023. Valid for: a year.
This is the only time nonprod-santa.canadapost.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 198.34.168.34 3848 (WORLDLINX-2)
1 2607:f8b0:400... 15169 (GOOGLE)
1 104.18.10.207 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 2600:141b:1c0... 20940 (AKAMAI-ASN1)
4 2607:f8b0:400... 15169 (GOOGLE)
16 6
9    198.34.168.34 (Canada)

ASN3848 (WORLDLINX-2, CA)
nonprod-santa.canadapost.ca
1    2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2600:141b:1c00:2481::1dc5 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
www.canadapost.ca
www.canadapost-postescanada.ca
4    2607:f8b0:4006:821::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 canadapost.ca
nonprod-santa.canadapost.ca
www.canadapost.ca — Cisco Umbrella Rank: 569641
131 KB
4 gstatic.com
fonts.gstatic.com
73 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
ajax.googleapis.com — Cisco Umbrella Rank: 641
32 KB
1 canadapost-postescanada.ca
www.canadapost-postescanada.ca — Cisco Umbrella Rank: 209872
4 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832
8 KB
16 5
Domain Requested by
9 nonprod-santa.canadapost.ca 1 redirects nonprod-santa.canadapost.ca
4 fonts.gstatic.com fonts.googleapis.com
1 www.canadapost-postescanada.ca nonprod-santa.canadapost.ca
1 www.canadapost.ca 1 redirects
1 ajax.googleapis.com nonprod-santa.canadapost.ca
1 maxcdn.bootstrapcdn.com nonprod-santa.canadapost.ca
1 fonts.googleapis.com nonprod-santa.canadapost.ca
16 7

This site contains links to these domains. Also see Links.

Domain
www.canadapost.ca
Subject Issuer Validity Valid
nonprod-santa.canadapost.ca
Entrust Certification Authority - L1K		 2023-10-15 -
2024-11-03		 a year crt.sh
upload.video.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
Frame ID: BDFAD6FAE88815E0340E2A296465A4E9
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log In

Page URL History Show full URLs

  1. https://nonprod-santa.canadapost.ca/ HTTP 302
    https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

94 %
HTTPS

67 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

248 kB
Transfer

616 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nonprod-santa.canadapost.ca/ HTTP 302
    https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://www.canadapost.ca/cpc/assets/cpc/img/logos/cpc-main-logo.svg HTTP 301
  • https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/cpc-main-logo.svg

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.aspx
nonprod-santa.canadapost.ca/account/
Redirect Chain
  • https://nonprod-santa.canadapost.ca/
  • https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.34.168.34 , Canada, ASN3848 (WORLDLINX-2, CA),
Reverse DNS
Software
/
Resource Hash
e99c54cbebd1e2acaff4cc48b3b7b3188e8ac951b89b3cb0d9e3e1ab2ffb8d3d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
private,no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
content-encoding
gzip
content-security-policy
frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 19:37:17 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
private,no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
content-length
161
content-security-policy
frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 19:37:17 GMT
expires
0
location
/account/login.aspx?returnurl=~/Default.aspx
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
intrapost.css
nonprod-santa.canadapost.ca/Styles/ 		93 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nonprod-santa.canadapost.ca/Styles/intrapost.css
Requested by
Host: nonprod-santa.canadapost.ca
URL: https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.34.168.34 , Canada, ASN3848 (WORLDLINX-2, CA),
Reverse DNS
Software
/
Resource Hash
27bcbb924072fa8ca8bc3341ce76679ff5d08b804ff1726bf428d03ad0af4594
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 19:37:17 GMT
content-security-policy
frame-ancestors 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 15 Sep 2020 13:33:34 GMT
content-encoding
gzip
etag
W/"0cb1cf648bd61:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
x-xss-protection
1; mode=block
expires
0
css
fonts.googleapis.com/ 		26 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300italic,300,100italic,100,900italic,900,700,700italic,500italic,500,400italic
Requested by
Host: nonprod-santa.canadapost.ca
URL: https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c871afd25732c28f26d4b7655d0b3e1f82fe78132daa10c7f08dae165463e49c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nonprod-santa.canadapost.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 04 Sep 2024 19:37:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 04 Sep 2024 19:37:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Sep 2024 19:37:17 GMT
intrapost3.css
nonprod-santa.canadapost.ca/Styles/ 		171 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nonprod-santa.canadapost.ca/Styles/intrapost3.css
Requested by
Host: nonprod-santa.canadapost.ca
URL: https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.34.168.34 , Canada, ASN3848 (WORLDLINX-2, CA),
Reverse DNS
Software
/
Resource Hash
362d7847eb4ada2e52a5e4490c6d030440b9f4a3594c8d2c00e51589c5b7759a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 19:37:17 GMT
content-security-policy
frame-ancestors 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 15 Sep 2020 13:33:34 GMT
content-encoding
gzip
etag
W/"0cb1cf648bd61:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
x-xss-protection
1; mode=block
expires
0
intrapost_site.css
nonprod-santa.canadapost.ca/Styles/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nonprod-santa.canadapost.ca/Styles/intrapost_site.css
Requested by
Host: nonprod-santa.canadapost.ca
URL: https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.34.168.34 , Canada, ASN3848 (WORLDLINX-2, CA),
Reverse DNS
Software
/
Resource Hash
5a237239391d18efc2d4731c9a045163ee44bad3a6bdaea21d889d2d6f87618d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 19:37:17 GMT
content-security-policy
frame-ancestors 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 15 Sep 2020 13:33:34 GMT
content-encoding
gzip
etag
W/"0cb1cf648bd61:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
x-xss-protection
1; mode=block
expires
0
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: nonprod-santa.canadapost.ca
URL: https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nonprod-santa.canadapost.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 19:37:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
16322597
cdn-cachedat
10/31/2023 18:48:06
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
9e61a4e37a75208649ae6b63a0cb4f72
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8be06eeed8985413-YYZ
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Requested by
Host: nonprod-santa.canadapost.ca
URL: https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nonprod-santa.canadapost.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 08:30:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
471983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30211
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Aug 2025 08:30:54 GMT
WebResource.axd
nonprod-santa.canadapost.ca/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nonprod-santa.canadapost.ca/WebResource.axd?d=NOTHqpukxN1addMcUuDcTqpSgo1iVhgaAhCEfLSRh8sE5tkMbobiV8mUZc4vpYoKloHo1nu9xIE9cykMt_sscS7IJ8hVq2-jvuCMoTi2bG81&t=637814473746327080
Requested by
Host: nonprod-santa.canadapost.ca
URL: https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.34.168.34 , Canada, ASN3848 (WORLDLINX-2, CA),
Reverse DNS
Software
/
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 19:37:17 GMT
content-security-policy
frame-ancestors 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 26 Feb 2022 09:42:54 GMT
content-encoding
gzip
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public,no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
x-xss-protection
1; mode=block
expires
Thu, 04 Sep 2025 19:37:17 GMT,0
WebResource.axd
nonprod-santa.canadapost.ca/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nonprod-santa.canadapost.ca/WebResource.axd?d=51Sg0JW3RmzXqPfP3HJxaYpsCunJejp52uxLzxlxwmMtlLCmFcS5YFs_cn3f9iD6YwBlLflp5CvfXgldvcivWY0-qxBTWPbwvPAszt7FG0Y1&t=637814473746327080
Requested by
Host: nonprod-santa.canadapost.ca
URL: https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.34.168.34 , Canada, ASN3848 (WORLDLINX-2, CA),
Reverse DNS
Software
/
Resource Hash
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 19:37:17 GMT
content-security-policy
frame-ancestors 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 26 Feb 2022 09:42:54 GMT
content-encoding
gzip
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public,no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
x-xss-protection
1; mode=block
expires
Thu, 04 Sep 2025 19:37:17 GMT,0
cpc-main-logo.svg
www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/
Redirect Chain
  • https://www.canadapost.ca/cpc/assets/cpc/img/logos/cpc-main-logo.svg
  • https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/cpc-main-logo.svg
12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/cpc-main-logo.svg
Requested by
Host: nonprod-santa.canadapost.ca
URL: https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
Protocol
HTTP/1.1
Server
2600:141b:1c00:2481::1dc5 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Referer
https://nonprod-santa.canadapost.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 19:37:18 GMT
Content-Encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
Last-Modified
Mon, 15 May 2017 20:24:36 GMT
ETag
"591a0e84-3037"
Vary
Accept-Encoding
p3p
CP="NON CUR OTPi OUR NOR UNI"
Content-Type
image/svg+xml
Cache-Control
max-age=86400, private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3967
Expires
Mon, 03 Jun 2024 02:16:23 GMT

Redirect headers

Location
https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/cpc-main-logo.svg
Date
Wed, 04 Sep 2024 19:37:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
17760-Santa.gif
nonprod-santa.canadapost.ca/images/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nonprod-santa.canadapost.ca/images/17760-Santa.gif
Requested by
Host: nonprod-santa.canadapost.ca
URL: https://nonprod-santa.canadapost.ca/Styles/intrapost3.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.34.168.34 , Canada, ASN3848 (WORLDLINX-2, CA),
Reverse DNS
Software
/
Resource Hash
1677e45a09c2d24ed86af2d2c033c87a9ab164133dfdf6db98b333e87cfc7172
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nonprod-santa.canadapost.ca/Styles/intrapost3.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 19:37:18 GMT
content-security-policy
frame-ancestors 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 15 Sep 2020 13:33:34 GMT
etag
"0cb1cf648bd61:0"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
accept-ranges
bytes
content-length
48487
x-xss-protection
1; mode=block
expires
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300italic,300,100italic,100,900italic,900,700,700italic,500italic,500,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nonprod-santa.canadapost.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 07:36:14 GMT
x-content-type-options
nosniff
age
475264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18588
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Aug 2025 07:36:14 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300italic,300,100italic,100,900italic,900,700,700italic,500italic,500,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nonprod-santa.canadapost.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 20:57:21 GMT
x-content-type-options
nosniff
age
513597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18492
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 20:57:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300italic,300,100italic,100,900italic,900,700,700italic,500italic,500,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nonprod-santa.canadapost.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 20:52:51 GMT
x-content-type-options
nosniff
age
513867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 20:52:51 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300italic,300,100italic,100,900italic,900,700,700italic,500italic,500,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nonprod-santa.canadapost.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 20:52:51 GMT
x-content-type-options
nosniff
age
513867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 20:52:51 GMT
favicon.ico
nonprod-santa.canadapost.ca/ 		103 B
420 B 		Other
General
Check archive.org
Download Go to
Full URL
https://nonprod-santa.canadapost.ca/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.34.168.34 , Canada, ASN3848 (WORLDLINX-2, CA),
Reverse DNS
Software
/
Resource Hash
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 19:37:18 GMT
content-security-policy
frame-ancestors 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
content-length
103
x-xss-protection
1; mode=block
expires
0

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY string| Page_ValidationVer boolean| Page_IsValid object| Page_TextTypes function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| WebForm_OnSubmit object| Page_ValidationSummaries object| Page_Validators object| DataExplorer_LoginUser_LoginUserValidationSummary object| DataExplorer_LoginUser_UserNameRequired object| DataExplorer_LoginUser_PasswordRequired boolean| Page_ValidationActive function| ValidatorOnSubmit

1 Cookies

Domain/Path Name / Value
nonprod-santa.canadapost.ca/ Name: ASP.NET_SessionId
Value: 31zm0jwk4cwtfq1iyhiaq4mq

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://nonprod-santa.canadapost.ca/account/login.aspx?returnurl=~/Default.aspx
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://nonprod-santa.canadapost.ca/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
nonprod-santa.canadapost.ca
www.canadapost-postescanada.ca
www.canadapost.ca
104.18.10.207
198.34.168.34
2600:141b:1c00:2481::1dc5
2607:f8b0:4006:80f::200a
2607:f8b0:4006:81c::200a
2607:f8b0:4006:821::2003
1677e45a09c2d24ed86af2d2c033c87a9ab164133dfdf6db98b333e87cfc7172
27bcbb924072fa8ca8bc3341ce76679ff5d08b804ff1726bf428d03ad0af4594
362d7847eb4ada2e52a5e4490c6d030440b9f4a3594c8d2c00e51589c5b7759a
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
5a237239391d18efc2d4731c9a045163ee44bad3a6bdaea21d889d2d6f87618d
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
c871afd25732c28f26d4b7655d0b3e1f82fe78132daa10c7f08dae165463e49c
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87
e99c54cbebd1e2acaff4cc48b3b7b3188e8ac951b89b3cb0d9e3e1ab2ffb8d3d
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192