candsa.top Open in urlscan Pro
43.249.9.216 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://candsa.top/
Effective URL:
https://candsa.top/
Submission: On April 19 via automatic, source openphish (April 19th 2024, 1:01:21 am UTC) — Scanned from DE

Summary HTTP 60 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 16 domains to perform 60 HTTP transactions. The main IP is 43.249.9.216, located in China and belongs to HFTCL-AS-AP High Family Technology Co., Limited, HK. The main domain is candsa.top.
TLS certificate: Issued by R3 on February 5th 2024. Valid for: 3 months.

This is the only time candsa.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Australia Post (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
22	43.249.9.216 43.249.9.216	142032 (HFTCL-AS-...) (HFTCL-AS-AP High Family Technology Co.)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
3	2a02:26f0:480... 2a02:26f0:480:58f::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	92.123.12.168 92.123.12.168	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	18.245.86.11 18.245.86.11	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:480... 2a02:26f0:480:99e::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.26.116 108.138.26.116	16509 (AMAZON-02) (AMAZON-02)
1	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1 3	52.49.110.165 52.49.110.165	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:46::67 2620:1ec:46::67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.53.179.33 20.53.179.33	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.214.218.223 52.214.218.223	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.17 63.140.62.17	16509 (AMAZON-02) (AMAZON-02)
1 1	99.81.63.100 99.81.63.100	16509 (AMAZON-02) (AMAZON-02)
1	18.197.37.77 18.197.37.77	16509 (AMAZON-02) (AMAZON-02)
1	3.161.82.60 3.161.82.60	16509 (AMAZON-02) (AMAZON-02)
60	19

22 43.249.9.216 (China)

ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK)

candsa.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:58f::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 92.123.12.168 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-12-168.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-11.fra60.r.cloudfront.net

dd.auspost.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:480:99e::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.26.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-116.fra56.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.49.110.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-110-165.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::67 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

media-aus.inq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.53.179.33 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

auspost.inq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.218.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-218-223.eu-west-1.compute.amazonaws.com

auspost.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-17.data.adobedc.net

ssl.o.auspost.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.63.100 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-63-100.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.37.77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-37-77.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.82.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-60.fra56.r.cloudfront.net

auspost.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	candsa.top candsa.top	71 KB
5	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 427	198 KB
4	inq.com media-aus.inq.com — Cisco Umbrella Rank: 294219 auspost.inq.com	323 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 233 auspost.demdex.net — Cisco Umbrella Rank: 450109	2 KB
4	auspost.com.au dd.auspost.com.au — Cisco Umbrella Rank: 462833 auspost.com.au — Cisco Umbrella Rank: 154793 Failed ssl.o.auspost.com.au — Cisco Umbrella Rank: 401856	43 KB
3	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 709	40 KB
3	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 940	42 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	150 KB
1	datadome.co api-js.datadome.co — Cisco Umbrella Rank: 4941	227 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1310	517 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 36	61 B
1	branch.io cdn.branch.io — Cisco Umbrella Rank: 947	23 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 123	18 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 594	12 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 242	688 B
0	googleapis.com Failed translate.googleapis.com Failed
60	16

	Domain	Requested by
22	candsa.top	candsa.top
5	assets.adobedtm.com	candsa.top assets.adobedtm.com
3	media-aus.inq.com	candsa.top
3	dpm.demdex.net	1 redirects candsa.top
3	analytics.tiktok.com	candsa.top
3	s.pinimg.com	candsa.top s.pinimg.com
2	ssl.o.auspost.com.au	assets.adobedtm.com candsa.top
2	www.googletagmanager.com	candsa.top assets.adobedtm.com
1	api-js.datadome.co	dd.auspost.com.au
1	cm.everesttech.net	1 redirects
1	auspost.demdex.net	assets.adobedtm.com
1	auspost.com.au	candsa.top
1	auspost.inq.com	candsa.top
1	googleads.g.doubleclick.net	candsa.top
1	cdn.branch.io	candsa.top
1	dd.auspost.com.au	candsa.top
1	www.googleadservices.com	candsa.top
1	js-agent.newrelic.com	candsa.top
1	bam.nr-data.net	candsa.top
0	translate.googleapis.com Failed	candsa.top
60	20

This site contains links to these domains. Also see Links.

Domain
auspost.com.au
eparcel.auspost.com.au
auspostbusiness.force.com
auspost.app.link
shop.auspost.com.au
www.digitalid.com
paypaperbills.postbillpay.com.au

Subject Issuer	Validity	Valid
www.candsa.top R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
dd.auspost.com.au R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
*.branch.io Amazon RSA 2048 M01	`2023-09-11` - `2024-10-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.inq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-10-11`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
ssl.o.auspost.com.au DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-27` - `2025-04-27`	a year	crt.sh
*.datadome.co Gandi RSA Domain Validation Secure Server CA 3	`2023-10-10` - `2024-11-09`	a year	crt.sh
auspost.com.au Entrust Certification Authority - L1M	`2023-08-17` - `2024-09-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://candsa.top/
Frame ID: 7602EC966440ECA645538F663EDB9272
Requests: 59 HTTP requests in this frame

Frame: https://auspost.demdex.net/dest5.html?d_nsid=0
Frame ID: 08E744C83741FD6DFDA0D330529DFF10
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Track your items - Australia Post

Page URL History Show full URLs

http://candsa.top/ HTTP 307
https://candsa.top/ Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

60
Requests

83 %
HTTPS

26 %
IPv6

16
Domains

20
Subdomains

19
IPs

5
Countries

922 kB
Transfer

2776 kB
Size

16
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://auspost.com.au/service-updates/domestic-service-updates.html
Title: We are still delivering but COVID-19 disruptions and extreme weather events may cause delays. Learn more

Search URL Search Domain Scan URL

URL: https://auspost.com.au/

Search URL Search Domain Scan URL

URL: https://auspost.com.au/business
Title: Business

Search URL Search Domain Scan URL

URL: https://auspost.com.au/enterprise-gov
Title: Enterprise & Gov

Search URL Search Domain Scan URL

URL: https://auspost.com.au/about-us
Title: About us

Search URL Search Domain Scan URL

URL: https://auspost.com.au/auth/login?caller=ACCOUNT_GLOBAL_HEADER&product=MYPOST_CONSUMER&channel=WEB
Title: Log in

Search URL Search Domain Scan URL

URL: https://auspost.com.au/auth/invite?caller=ACCOUNT_GLOBAL_HEADER&product=MYPOST_CONSUMER&channel=WEB
Title: Sign up

Search URL Search Domain Scan URL

URL: https://auspost.com.au/mypost-business/auth/
Title: MyPost Business

Search URL Search Domain Scan URL

URL: https://auspost.com.au/parcel-send
Title: Parcel Send

Search URL Search Domain Scan URL

URL: https://eparcel.auspost.com.au/eParcel/common/auth/login.do
Title: eParcel

Search URL Search Domain Scan URL

URL: https://auspostbusiness.force.com/bsp/bsplogin
Title: Business Support Portal

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving
Title: Receiving

Search URL Search Domain Scan URL

URL: https://auspost.app.link/2MG0EncJyjb
Title: Download our mobile app

Search URL Search Domain Scan URL

URL: https://auspost.com.au/track
Title: Track your item

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/collection-points
Title: Collection points

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-deliveries-in-transit
Title: Manage deliveries in transit

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/collecting-missed-deliveries
Title: Collecting missed deliveries

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/delayed-lost-or-damaged-items
Title: Delayed, lost or damaged items

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail
Title: Manage your mail

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/mail-and-parcel-delivery-street-roadside
Title: Mail and parcel delivery – street and roadside

Search URL Search Domain Scan URL

URL: https://shop.auspost.com.au/
Title: Buy online

Search URL Search Domain Scan URL

URL: https://shop.auspost.com.au/pack-and-post/express-post
Title: Express Post

Search URL Search Domain Scan URL

URL: https://auspost.com.au/shop/sending
Title: Sending

Search URL Search Domain Scan URL

URL: https://auspost.com.au/shop/home-office
Title: Home & office

Search URL Search Domain Scan URL

URL: https://auspost.com.au/sending
Title: Sending

Search URL Search Domain Scan URL

URL: https://auspost.com.au/sending/print-postage-labels
Title: Print postage labels

Search URL Search Domain Scan URL

URL: https://auspost.com.au/parcels-mail/calculate-postage-delivery-times/#/
Title: Calculate postage

Search URL Search Domain Scan URL

URL: https://auspost.com.au/service-updates
Title: Delivery times & service updates

Search URL Search Domain Scan URL

URL: https://auspost.com.au/sending/send-within-australia
Title: Send within Australia

Search URL Search Domain Scan URL

URL: https://auspost.com.au/sending/send-overseas
Title: Send overseas

Search URL Search Domain Scan URL

URL: https://auspost.com.au/sending/satchels-and-packaging
Title: Satchels & packaging

Search URL Search Domain Scan URL

URL: https://auspost.com.au/sending/check-sending-guidelines
Title: Check sending guidelines

Search URL Search Domain Scan URL

URL: https://auspost.com.au/sending/stamps
Title: Stamps

Search URL Search Domain Scan URL

URL: https://auspost.com.au/sending/returns
Title: Return a parcel

Search URL Search Domain Scan URL

URL: https://auspost.com.au/shop/sending/stamps
Title: Postage stamps

Search URL Search Domain Scan URL

URL: https://auspost.com.au/shop/pack-and-post/flat-rate-satchels
Title: Satchels

Search URL Search Domain Scan URL

URL: https://shop.auspost.com.au/pack-and-post/packaging
Title: Packaging

Search URL Search Domain Scan URL

URL: https://auspost.com.au/money-insurance
Title: Money & insurance

Search URL Search Domain Scan URL

URL: https://auspost.com.au/money-insurance/money-transfer
Title: Transfer money

Search URL Search Domain Scan URL

URL: https://auspost.com.au/money-insurance/get-insurance
Title: Get insurance

Search URL Search Domain Scan URL

URL: https://auspost.com.au/money-insurance/banking-and-payments
Title: Banking & payments

Search URL Search Domain Scan URL

URL: https://auspost.com.au/money-insurance/organise-travel-money
Title: Organise travel money

Search URL Search Domain Scan URL

URL: https://auspost.com.au/money-insurance/prepaid-cards
Title: Prepaid cards

Search URL Search Domain Scan URL

URL: https://auspost.com.au/money-insurance/buy-gift-cards
Title: Buy gift cards

Search URL Search Domain Scan URL

URL: https://auspost.com.au/money-insurance/self-managed-super-fund
Title: Self-Managed Super Funds (SMSF)

Search URL Search Domain Scan URL

URL: https://shop.auspost.com.au/gifts-and-travel/gift-cards
Title: Gift cards

Search URL Search Domain Scan URL

URL: https://shop.auspost.com.au/product/square-contactless-and-chip-card-reader-71869
Title: Square Card Reader

Search URL Search Domain Scan URL

URL: https://auspost.com.au/id-and-document-services
Title: ID & document services

Search URL Search Domain Scan URL

URL: https://auspost.com.au/id-and-document-services/passports
Title: Arrange passports & ID photos

Search URL Search Domain Scan URL

URL: https://auspost.com.au/id-and-document-services/apply-for-a-tax-file-number
Title: Apply for a tax file number

Search URL Search Domain Scan URL

URL: https://auspost.com.au/id-and-document-services/licence-renewals-and-applications
Title: Licence renewals & applications

Search URL Search Domain Scan URL

URL: https://auspost.com.au/police-checks
Title: Get a police check

Search URL Search Domain Scan URL

URL: https://auspost.com.au/police-checks/international
Title: Get an international police check

Search URL Search Domain Scan URL

URL: https://auspost.com.au/id-and-document-services/identity-checks-for-property-transfers
Title: ID checks for property transfers

Search URL Search Domain Scan URL

URL: https://www.digitalid.com/personal
Title: Get your Digital iD™

Search URL Search Domain Scan URL

URL: https://auspost.com.au/id-and-document-services/witnessing-documents
Title: Get documents certified & witnessed

Search URL Search Domain Scan URL

URL: https://auspost.com.au/id-and-document-services/apply-for-a-keypass-id
Title: Apply for a Keypass ID

Search URL Search Domain Scan URL

URL: https://auspost.com.au/id-and-document-services/apply-for-a-mypost-concession-card
Title: Apply for a MyPost Concession card

Search URL Search Domain Scan URL

URL: https://auspost.com.au/shop/
Title: Shop

Search URL Search Domain Scan URL

URL: https://auspost.com.au/shop/aussie-coin-hunt
Title: Aussie Coin Hunt

Search URL Search Domain Scan URL

URL: https://auspost.com.au/shop/collectables
Title: Collectables

Search URL Search Domain Scan URL

URL: https://auspost.com.au/shop/gifts
Title: Gifts

Search URL Search Domain Scan URL

URL: https://auspost.com.au/shop/electronics
Title: Electronics

Search URL Search Domain Scan URL

URL: https://auspost.com.au/shop/mobile-phones
Title: Mobile phones

Search URL Search Domain Scan URL

URL: https://auspost.com.au/shop/online-catalogue
Title: Catalogue

Search URL Search Domain Scan URL

URL: https://auspost.com.au/auspost-mobile
Title: Australia Post Mobile

Search URL Search Domain Scan URL

URL: https://auspost.com.au/shop/clearance
Title: Clearance

Search URL Search Domain Scan URL

URL: https://auspost.com.au/mypost/track/#/search
Title: Track your item

Search URL Search Domain Scan URL

URL: https://auspost.com.au/postcode
Title: Find a postcode

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail/redirect-hold-mail
Title: Redirect or hold mail

Search URL Search Domain Scan URL

URL: https://auspost.com.au/business/shipping/mypost-business/print-shipping-labels
Title: Print shipping labels

Search URL Search Domain Scan URL

URL: https://paypaperbills.postbillpay.com.au/postbillpay/default.aspx
Title: Pay a bill

Search URL Search Domain Scan URL

URL: https://auspost.com.au/currency-converter
Title: Convert currency

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/delayed-lost-or-damaged-items/find-a-missing-item
Title: Find missing mail

Search URL Search Domain Scan URL

URL: https://auspost.com.au/locate
Title: Find locations & hours

Search URL Search Domain Scan URL

URL: https://auspost.app.link/3cIoIdqlCab
Title: Download our app

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/collection-points/use-a-247-parcel-locker
Title: Use a 24/7 Parcel Locker

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/collection-points/choose-a-post-office-for-deliveries
Title: Collect your parcel from a Post Office

Search URL Search Domain Scan URL

URL: https://auspost.com.au/delivery-options
Title: MyPost

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-deliveries-in-transit/leave-in-a-safe-place
Title: Have your parcel left in a safe place

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-deliveries-in-transit/redirect-parcels-in-transit
Title: Redirect parcels in transit

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/delayed-lost-or-damaged-items/compensation
Title: Compensation for lost or damaged items

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/delayed-lost-or-damaged-items/our-returns-policy
Title: Returns policy

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail/redirect-hold-mail/redirect-mail
Title: Redirect mail

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail/redirect-hold-mail/redirect-mail/free-mail-redirection-and-po-boxes
Title: Free 12-month mail redirection for special circumstances

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail/redirect-hold-mail/hold-mail
Title: Hold mail

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail/redirect-hold-mail/extend-your-mail-redirection
Title: Extend your service

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail/redirect-hold-mail/proving-your-identity
Title: Proving your identity

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail/redirect-hold-mail/change-or-cancel-your-mail-hold-or-redirection
Title: Change or cancel your mail redirection or hold

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail/redirect-hold-mail/terms-and-conditions-mail-redirection-and-mail-hold
Title: Mail Redirection and Mail Hold Terms & Conditions

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail/redirect-hold-mail/privacy-information
Title: Privacy notice

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail/po-boxes-and-private-bags/post-office-box-rewards
Title: Post Office Box Rewards

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail/po-boxes-and-private-bags/post-office-box-rewards/terms-and-conditions
Title: Post Office Box Rewards Terms and Conditions

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail/po-boxes-and-private-bags/post-office-box-rewards/privacy-notice
Title: Post Office Box Rewards Privacy Notice

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail/po-boxes-and-private-bags
Title: PO Boxes & Private Bags

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail/po-boxes-and-private-bags/use-a-po-box-for-parcels
Title: Use a PO Box for parcel deliveries

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail/po-boxes-and-private-bags/mail2day-notifications
Title: Mail2Day notifications

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail/po-boxes-and-private-bags/free-po-boxes-for-homeless
Title: Free PO Boxes for Sydney's homeless

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail/po-boxes-and-private-bags/terms-and-conditions-po-boxes-locked-bags
Title: Post Office Boxes, Locked Bags, PO Box Plus and Common Boxes Terms & Conditions

Search URL Search Domain Scan URL

URL: https://auspost.com.au/receiving/manage-your-mail/letterbox-management
Title: Manage junk mail

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://candsa.top/ HTTP 307
https://candsa.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0A2D38B352782F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1713488475011 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0A2D38B352782F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1713488475011

Request Chain 35

https://cm.everesttech.net/cm/dd?d_uuid=67133878820313017301421010678859860146 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZiHCWwAAANMiCANe

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
candsa.top/
Redirect Chain

http://candsa.top/
https://candsa.top/

807 KB
71 KB

1546ms
251ms

Document
text/html

43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash: 042b279f9200c2aea94473d89f7cfebfac8871777fd94c80f560906ff1afba80

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 19 Apr 2024 01:01:14 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Location: https://candsa.top/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK e7c9377759 Show response
bam.nr-data.net/1/ 79 B
688 B 218ms
136ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/e7c9377759?a=10799886&sa=1&v=963.8b1290f&t=Unnamed%20Transaction&rst=21096&ref=https://auspost.com.au/mypost/track/&be=3811&fe=15709&dc=6240&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1652706617326,%22n%22:0,%22f%22:6,%22dn%22:40,%22dne%22:703,%22c%22:703,%22s%22:704,%22ce%22:1188,%22rq%22:1188,%22rp%22:2981,%22rpe%22:2987,%22dl%22:2994,%22di%22:9653,%22ds%22:9968,%22de%22:10051,%22dc%22:19519,%22l%22:19519,%22le%22:19525%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2205c30ab0d0a86cd0d715cf483bafd550c0ea9d4ddb24e2c182f1d7f024144

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 19 Apr 2024 01:01:14 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
access-control-expose-headers: Date
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 8768f657cca22c72-FRA
timing-allow-origin: *

GET
H2 200 nr-spa-963.min.js Show response
js-agent.newrelic.com/ 30 KB
12 KB 39ms
6ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-963.min.js

Requested by

Host: candsa.top
URL: https://candsa.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a647e2373d7835d9e17ad5cf52b3a736765c1a81b0269cec05c21a3aede60380

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: g.9WqA8MX3zDW7oxnUHd3nwstOjoQv23
content-encoding: br
via: 1.1 varnish
date: Fri, 19 Apr 2024 01:01:14 GMT
strict-transport-security: max-age=300
x-amz-request-id: 3ZCBJKC50R01ECJA
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12140
x-amz-id-2: 0Gkaw7wGqhOBz8T5KouXDuacoMQzz2LTz/U8AlfsL6AUZgNJ3V9EkpiTEkSTsYi/5KuW1GAm1B8=
x-served-by: cache-fra-etou8220056-FRA
last-modified: Wed, 18 Oct 2023 21:33:34 GMT
server: AmazonS3
etag: "1712d56ccbb7c774df1987d1b967534a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 69 KB
20 KB 266ms
11ms Script
application/javascript 2a02:26f0:480:58f::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:58f::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6982e83b9ea7682534a77808bc53b3e516bc5d26dc406de1a2ea81c2fdf63a33

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-cdn: akamai
etag: "0c0f2aed16e51276069e2c6e45c878c1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=43200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 19940

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 877 B
1 KB 104ms
103ms Script
application/javascript 92.123.12.168
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C97SC6BC77U9N0P97S30&hostname=auspost.com.au
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.12.168 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-12-168.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6b46e8134eeffca704802415ec3dca95d1dadf7bedb563c8ffd0b755650cf336

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: f999d88c.11b0b781
date: Fri, 19 Apr 2024 01:01:15 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240419010115DAE1BC45C4F5679AFFC0-24E5235E2F28F7BF-00
x-cache: TCP_MISS from a2-16-119-168.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time: 89,2.16.119.168
server-timing: cdn-cache; desc=MISS, edge; dur=81, origin; dur=8, inner; dur=4
content-length: 352
pragma: no-cache
server: nginx
x-tt-logid: 20240419010115DAE1BC45C4F5679AFFC0
x-cache-remote: TCP_MISS from a23-220-104-210.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.104.210
x-tt-trace-host: 0183065cffbd455dc2e304d247773271c863cb986ad3140dee2cce490bf1250c2a1dbdf4ca8141551d1e482ab191e7a4071d64110ddce91f807267162c5888965fcd2c59963c31c5fd4b7d20580785fab0a3587cf3a3f39efa4321026c1ae4903ca7de689071a51281d024d1d5ac499aad
expires: Fri, 19 Apr 2024 01:01:15 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 49 KB
18 KB 82ms
19ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: candsa.top
URL: https://candsa.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

19281f270f466e15bbaf85a2b145cb2dcbaff75284e9ef3fc604d35a6a633362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18272
x-xss-protection: 0
server: cafe
etag: 73099757262130852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Apr 2024 01:01:15 GMT

GET
H2 200 tags.js Show response
dd.auspost.com.au/ 149 KB
28 KB 121ms
8ms Script
text/javascript 18.245.86.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.auspost.com.au/tags.js

Requested by

Host: candsa.top
URL: https://candsa.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-11.fra60.r.cloudfront.net

Software

Apache /

Resource Hash

faebbb148388045da2972c6c84f013f0ece667dd3e7b00f01cd006880b1de73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 cba0902b20d884568adf673bab9438e6.cloudfront.net (CloudFront)
date: Fri, 19 Apr 2024 00:50:19 GMT
x-amz-cf-pop: FRA60-P6
age: 660
x-cache: Hit from cloudfront
content-length: 27699
last-modified: Tue, 16 Apr 2024 13:32:36 GMT
server: Apache
etag: "2552f-61636c568a23e-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: myTz5A2NgxhNuJgUOqbTfgAa6xabbdifg6FC2cN9bxkQD6DNd1pv8w==
expires: Fri, 19 Apr 2024 01:50:15 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 109ms
103ms Script
application/javascript 92.123.12.168
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C97SC6BC77U9N0P97S30&lib=ttq
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.12.168 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-12-168.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a032232db96125b16eb9cc49de13757026be2322e23da78d4a878b006cbb522a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: f999d815.11b0b787
date: Fri, 19 Apr 2024 01:01:15 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240419010115212E6AA8B37CC1E54572-008B3AFB2313B959-00
x-cache: TCP_MISS from a2-16-119-168.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time: 89,2.16.119.168
server-timing: cdn-cache; desc=MISS, edge; dur=83, origin; dur=6, inner; dur=3
content-length: 1466
pragma: no-cache
server: nginx
x-tt-logid: 20240419010115212E6AA8B37CC1E54572
x-cache-remote: TCP_MISS from a23-220-104-210.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.104.210
x-tt-trace-host: 0183065cffbd455dc2e304d247773271c863cb986ad3140dee2cce490bf1250c2a1dbdf4ca8141551d1e482ab191e7a4072a20aa2d165cf86cc7589e483131cd1a1c32f16f0381100bd24777ebc9f16d07371bb32973cb5212b6b7f94056ee76d4895c9afaa9234ca46115f287c80dd4d5
expires: Fri, 19 Apr 2024 01:01:15 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 71ms
8ms Script
application/javascript 2a02:26f0:480:58f::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:58f::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 62e7cb03e8f65ceb4f43a5a56a3b9c3950158fae3fea85699e3f4c68672f4c2f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-cdn: akamai
etag: "2a48a6694c41c203319b5f6018c2bbbc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1899

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
79 KB 93ms
30ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-964765464&l=dataLayer&cx=c

Requested by

Host: candsa.top
URL: https://candsa.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6978f91aef1a1a2101311ccfdc609ed840517b0127d4ce07e54b3f141781b28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80388
x-xss-protection: 0
last-modified: Fri, 19 Apr 2024 00:18:47 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Apr 2024 01:01:15 GMT

GET
H2 404 mypost-track-config.js
candsa.top/assets-ad90b6e38e9b2425489217154b485f683bd41b9c/ 0
0 203ms
200ms Script
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/assets-ad90b6e38e9b2425489217154b485f683bd41b9c/mypost-track-config.js
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:14 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 404 new-relic-tracking.js
candsa.top/assets-ad90b6e38e9b2425489217154b485f683bd41b9c/ 0
0 202ms
200ms Script
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/assets-ad90b6e38e9b2425489217154b485f683bd41b9c/new-relic-tracking.js
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:14 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 404 header.js
candsa.top/website-header/ 0
0 203ms
201ms Script
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/website-header/header.js
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:14 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 404 footer-es2015.js
candsa.top/ap-footer/ 0
0 203ms
201ms Script
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/ap-footer/footer-es2015.js
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Origin: https://candsa.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:14 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 200 satelliteLib-9c215febcba74f72ca4a2cc8370a7f4b70048c28.js Show response
assets.adobedtm.com/bfecad1ae7e5d7a2b8a9353b2d496d9b392db768/ 861 KB
165 KB 67ms
8ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/bfecad1ae7e5d7a2b8a9353b2d496d9b392db768/satelliteLib-9c215febcba74f72ca4a2cc8370a7f4b70048c28.js
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f082b496c0b7474ebb0395eb969bec8ed9c2b7bdf5b78d5f1459395ff25d9366

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:14 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 02:55:35 GMT
server: AkamaiNetStorage
etag: "b1702244e4944540e1aeb9c99d010f70:1712890535.241472"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://candsa.top
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 168839
expires: Fri, 19 Apr 2024 02:01:14 GMT

GET
H2 200 EX1f0da9d63d8945dd8a57a3766052c373-libraryCode_source.min.js Show response
assets.adobedtm.com/6f7fd03e16fd/b40fc6058fc5/2563a30763ad/ 42 KB
15 KB 15ms
9ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6f7fd03e16fd/b40fc6058fc5/2563a30763ad/EX1f0da9d63d8945dd8a57a3766052c373-libraryCode_source.min.js
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b4eb56f90de8ac48e46835b8809dd35aed0a46b569fd24b68f7a0cfda0fbf427

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:15 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:41:45 GMT
server: AkamaiNetStorage
etag: "11fb866b20614a7da2afd1dfa8088738:1652686905.773622"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://candsa.top
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 15227
expires: Fri, 19 Apr 2024 02:01:15 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 75 KB
23 KB 69ms
7ms Script
text/javascript 108.138.26.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: JdSJSDd4bnNFPjlwdZ2RC7ixUU_rrhPQ
content-encoding: gzip
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
date: Fri, 19 Apr 2024 01:00:01 GMT
last-modified: Wed, 10 Apr 2024 21:44:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 75
etag: "f4ec9657a3dc111d088e2eca7b9796a4"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
content-length: 23431
x-amz-cf-id: tG6wGaO0o3E3Sn45MtlLaJlRnWTrf79r2FTDqq7oKw1_fp4JjavXxQ==

GET
H2 404 styles.8a672496cc43bf1fc4fe.css
candsa.top/ 0
0 201ms
201ms Stylesheet
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/styles.8a672496cc43bf1fc4fe.css
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:14 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 200 RCda9ed4324e68498bb892e8456f83522d-source.min.js Show response
assets.adobedtm.com/6f7fd03e16fd/b40fc6058fc5/2563a30763ad/ 1 KB
790 B 14ms
10ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6f7fd03e16fd/b40fc6058fc5/2563a30763ad/RCda9ed4324e68498bb892e8456f83522d-source.min.js
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 74debbeb2387d267d3f284c60fc0253dbad14ee6483d3ed6d74d3358a2dfe779

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:15 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:41:45 GMT
server: AkamaiNetStorage
etag: "11fb866b20614a7da2afd1dfa8088738:1652686905.773622"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://candsa.top
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 538
expires: Fri, 19 Apr 2024 02:01:15 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/964765464/ 43 B
61 B 38ms
18ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964765464/?random=1652706633977&cv=9&fst=1652706633977&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=1&u_tz=540&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fauspost.com.au%2Fmypost%2Ftrack%2F&tiba=Track%20your%20items%20-%20Australia%20Post&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: candsa.top
URL: https://candsa.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 01:01:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 139 KB
37 KB 273ms
122ms Script
application/javascript 92.123.12.168
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.12.168 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-12-168.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3e7f9238a46b85be32b9d92930264052a7e3e1e5c1b1efd2b5f9d6e6a948517c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 11b0b70f
date: Fri, 19 Apr 2024 01:01:15 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240419010115F5846B08AF1EC55C6FA5-19B3FDAD60630A08-00
x-cache: TCP_MISS from a2-16-119-168.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=2, origin; dur=105
pragma: no-cache
server: nginx
x-tt-logid: 20240419010115F5846B08AF1EC55C6FA5
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 107,2.16.119.168
x-tt-trace-host: 0183065cffbd455dc2e304d247773271c85945beb2589cf3110778078988476646c09b26ebf88c9fa05231c2788058dc13e353d14cf5b82b88327ead7d734b745f05693d3b983e4a56bc38ae8ba54b687c500cde495d02ba2454ba0f8bc2521225
expires: Fri, 19 Apr 2024 01:01:15 GMT

GET translateelement.css
translate.googleapis.com/translate_static/css/ 0
0

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0A2D38B352782F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1713488475011
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0A2D38B352782F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1713488475011

366 B
906 B

32ms
31ms

XHR
application/json

52.49.110.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0A2D38B352782F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1713488475011

Requested by

Host: candsa.top
URL: https://candsa.top/

Protocol

Server

52.49.110.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-110-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0fa4d81d930d6368d20f099dc19db2f096f3ec106c570acd12c2fec2f62cadb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://candsa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v060-0c10c489f.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Fri, 19 Apr 2024 01:01:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: 64002nF/S/I=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://candsa.top
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 308
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v060-03dcad92b.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Fri, 19 Apr 2024 01:01:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: e+WbuhatR0E=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0A2D38B352782F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1713488475011
access-control-allow-origin: https://candsa.top
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EX771a893021694b81b688aed2e2d076bc-libraryCode_source.min.js Show response
assets.adobedtm.com/6f7fd03e16fd/b40fc6058fc5/0b735a180ded/ 44 KB
16 KB 11ms
7ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6f7fd03e16fd/b40fc6058fc5/0b735a180ded/EX771a893021694b81b688aed2e2d076bc-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bfecad1ae7e5d7a2b8a9353b2d496d9b392db768/satelliteLib-9c215febcba74f72ca4a2cc8370a7f4b70048c28.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2371e7c7bcac0fa23f127d0fcebb8419fe237eadb122998df2a23d3f38e6bcd8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:15 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 02:55:37 GMT
server: AkamaiNetStorage
etag: "2e2b4c124a7c9ca8c113e6e7527fc3d6:1712890537.413354"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://candsa.top
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 15956
expires: Fri, 19 Apr 2024 02:01:15 GMT

GET
H2 200 InqFramework.js
media-aus.inq.com/media/launch/ci/ 0
210 KB 168ms
15ms Other
application/javascript 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-aus.inq.com/media/launch/ci/InqFramework.js?codeVersion=1652368419187

Requested by

Host: candsa.top
URL: https://candsa.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:15 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-cache: TCP_HIT
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 23015776
x-xss-protection: 1; mode=block
last-modified: Sat, 16 Mar 2024 03:10:32 GMT
etag: W/"1202666-1710558632000"
vary: accept-encoding
x-azure-ref: 20240419T010115Z-17b6b6476d5dnvfp2dd767eb9g00000002xg00000000megh
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Fri, 19 Apr 2024 00:59:24 GMT

GET
H2 200 pre-acif.js
auspost.inq.com/tagserver/acif/ 0
734 B 888ms
250ms Other
application/javascript 20.53.179.33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auspost.inq.com/tagserver/acif/pre-acif.js

Requested by

Host: candsa.top
URL: https://candsa.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.53.179.33 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Nuance Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:15 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 04 Apr 2024 02:10:46 GMT
server: Nuance Server
etag: W/"195-1712196646000"
p3p: policyref="http://auspost.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND PHY DEM ONL STA NAV UNI LOC COM CNT"
content-type: application/javascript;charset=UTF-8
cache-control: max-age=3600
accept-ranges: bytes
content-length: 195
x-xss-protection: 1; mode=block

GET
H2 200 acif.js
media-aus.inq.com/media/launch/acif/ 0
112 KB 165ms
15ms Other
application/javascript 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-aus.inq.com/media/launch/acif/acif.js

Requested by

Host: candsa.top
URL: https://candsa.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:15 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-cache: TCP_HIT
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 23015776
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Apr 2024 02:51:50 GMT
etag: W/"383954-1712199110000"
vary: accept-encoding
x-azure-ref: 20240419T010115Z-17b6b6476d5dnvfp2dd767eb9g00000002xg00000000megf
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Thu, 18 Apr 2024 02:48:06 GMT

GET
H2 404 acif-configs.js
media-aus.inq.com/media/sites/10005961/assets/automatons/ 0
0 879ms
742ms Other
text/plain 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-aus.inq.com/media/sites/10005961/assets/automatons/acif-configs.js

Requested by

Host: candsa.top
URL: https://candsa.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:16 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-azure-ref: 20240419T010115Z-17b6b6476d5dnvfp2dd767eb9g00000002xg00000000megg
x-cache: TCP_MISS
access-control-allow-origin: *
x-fd-int-roxy-purgeid: 23015776
content-length: 0
x-xss-protection: 1; mode=block

GET APTypeProText-Medium.woff2
auspost.com.au/mypost/auspoststaticassets/assets/fonts/ 0
0

GET APTypeProText-Regular.woff2
auspost.com.au/mypost/auspoststaticassets/assets/fonts/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 38ms
21ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-4621208

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bfecad1ae7e5d7a2b8a9353b2d496d9b392db768/satelliteLib-9c215febcba74f72ca4a2cc8370a7f4b70048c28.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ffebc1502a58f968a7739556374a44a8731a8bc1c133347fe97fc3b93b67a6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72527
x-xss-protection: 0
last-modified: Fri, 19 Apr 2024 00:18:47 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Apr 2024 01:01:15 GMT

GET APTypeProDisplay-Medium.woff2
auspost.com.au/mypost/auspoststaticassets/assets/fonts/ 0
0

GET
H2 200 main.6192ffb7.js Show response
s.pinimg.com/ct/lib/ 69 KB
20 KB 10ms
8ms Script
application/javascript 2a02:26f0:480:58f::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.6192ffb7.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:58f::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6982e83b9ea7682534a77808bc53b3e516bc5d26dc406de1a2ea81c2fdf63a33

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-cdn: akamai
etag: "0c0f2aed16e51276069e2c6e45c878c1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 19940

GET
H2 200 RC0509a741873c468faa4c6c20f0dc2e00-source.min.js Show response
assets.adobedtm.com/6f7fd03e16fd/b40fc6058fc5/0b735a180ded/ 1 KB
686 B 8ms
7ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6f7fd03e16fd/b40fc6058fc5/0b735a180ded/RC0509a741873c468faa4c6c20f0dc2e00-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bfecad1ae7e5d7a2b8a9353b2d496d9b392db768/satelliteLib-9c215febcba74f72ca4a2cc8370a7f4b70048c28.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e2928f156a83dfb1aa01783399c49f2b6636c4ee6660ab9c240c998c01368e55

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:15 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 02:55:37 GMT
server: AkamaiNetStorage
etag: "2e2b4c124a7c9ca8c113e6e7527fc3d6:1712890537.413354"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://candsa.top
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 434
expires: Fri, 19 Apr 2024 02:01:15 GMT

GET
H2 200 dest5.html
auspost.demdex.net/ Frame 08E7 0
0 100ms
29ms Document
text/html 52.214.218.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auspost.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bfecad1ae7e5d7a2b8a9353b2d496d9b392db768/satelliteLib-9c215febcba74f72ca4a2cc8370a7f4b70048c28.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.214.218.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-218-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://candsa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 19 Apr 2024 01:01:15 GMT
dcs: dcs-prod-irl1-2-v060-03528424c.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Tue, 9 Apr 2024 12:56:07 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: ZtOx+0uYRPY=

GET
H2 200 id Show response
ssl.o.auspost.com.au/ 48 B
456 B 116ms
19ms XHR
application/x-javascript 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.o.auspost.com.au/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=0A2D38B352782F1E0A490D4C%40AdobeOrg&mid=67206938550738786581429466749116190290&ts=1713488475351

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bfecad1ae7e5d7a2b8a9353b2d496d9b392db768/satelliteLib-9c215febcba74f72ca4a2cc8370a7f4b70048c28.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

d46bfa0312bde6ad50eed9e84e7cc9d1deb5535a246d77dccdd72847f069d827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Apr 2024 01:01:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://candsa.top
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZiHCWwAAANMiCANe
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=67133878820313017301421010678859860146
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZiHCWwAAANMiCANe

42 B
715 B

32ms
32ms

Image
image/gif

52.49.110.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZiHCWwAAANMiCANe

Requested by

Host: candsa.top
URL: https://candsa.top/

Protocol

Server

52.49.110.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-110-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://candsa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v060-0cf0f301d.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 19 Apr 2024 01:01:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 911YNxIsRg4=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZiHCWwAAANMiCANe
Date: Fri, 19 Apr 2024 01:01:15 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
BLOB 200
OK 80bdc2e9-8f94-4964-ac10-e4d90f3f083a
https://candsa.top/ 597 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://candsa.top/80bdc2e9-8f94-4964-ac10-e4d90f3f083a
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 597
Content-Type: application/javascript

POST
H2 200 / Show response
api-js.datadome.co/js/ 50 B
227 B 65ms
8ms XHR
application/json 18.197.37.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: dd.auspost.com.au
URL: https://dd.auspost.com.au/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.197.37.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-37-77.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: 9e732c0535a0d8501df59c4a7b24861e543f978886ab70ec83ebdf591167cb96

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 01:01:15 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 50
expires: 0

GET
H2 200 s61087569255549
ssl.o.auspost.com.au/b/ss/auspost-dev/1/JS-2.22.4-LDQM/ 43 B
202 B 21ms
21ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.o.auspost.com.au/b/ss/auspost-dev/1/JS-2.22.4-LDQM/s61087569255549?AQB=1&ndh=1&pf=1&t=19%2F3%2F2024%203%3A1%3A15%205%20-120&mid=67206938550738786581429466749116190290&aamlh=6&ce=UTF-8&ns=australiapost&cdp=3&fpCookieDomainPeriods=3&pageName=auspost%3Ahome&g=https%3A%2F%2Fcandsa.top%2F&cc=AUD&ch=auspost%3Ahome&server=candsa.top&events=event115%3D7%2Cevent1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=auspost&v1=auspost&h1=auspost%7Chome&c2=auspost%3Ahome&v2=auspost%3Ahome&c3=auspost%3Ahome&v3=auspost%3Ahome&v4=auspost%3Ahome&c21=New&v21=New&c22=11%3A01%20AM%7CFriday&v22=11%3A01%20AM%7CFriday&c26=VisitorAPI%20Present&c34=https%3A%2F%2Fcandsa.top%2F&c36=7&v36=7&c55=false&v60=D%3Dc31&c64=auspost%3Ahome&v64=auspost%3Ahome&c74=67206938550738786581429466749116190290&v74=67206938550738786581429466749116190290&c75=am%3A2.22.4%20%7C%20vs%3A5.4.0%20%7C%20aam%3A%20%7C%20t%3A%20%7C%20code%3A20191206%20%7C%20launch&v75=am%3A2.22.4%20%7C%20vs%3A5.4.0%20%7C%20aam%3A%20%7C%20t%3A%20%7C%20code%3A20191206%20%7C%20launch&v170=auspost%3Ahome&v174=https%3A%2F%2Fcandsa.top%2F&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=0A2D38B352782F1E0A490D4C%40AdobeOrg&AQE=1

Requested by

Host: candsa.top
URL: https://candsa.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 01:01:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 20 Apr 2024 01:01:15 GMT
server: jag
etag: 3679688482872360960-4618494778721236531
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 18 Apr 2024 01:01:15 GMT

GET APTypeProText-Regular.woff
auspost.com.au/mypost/auspoststaticassets/assets/fonts/ 0
0

GET APTypeProDisplay-Medium.woff
auspost.com.au/mypost/auspoststaticassets/assets/fonts/ 0
0

GET APTypeProText-Medium.woff
auspost.com.au/mypost/auspoststaticassets/assets/fonts/ 0
0

GET
H2 404 APTypeProText-Regular.a67ad29d67ff62360d33.woff2
candsa.top/ 0
0 205ms
201ms Font
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/APTypeProText-Regular.a67ad29d67ff62360d33.woff2
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Origin: https://candsa.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:16 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 404 APTypeProText-Regular.woff2
candsa.top/ap-footer/ 0
0 203ms
200ms Font
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/ap-footer/APTypeProText-Regular.woff2
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Origin: https://candsa.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:16 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 404 APTypeProText-Regular.woff2
candsa.top/website-header/fonts/ 0
0 204ms
201ms Font
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/website-header/fonts/APTypeProText-Regular.woff2
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Origin: https://candsa.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:16 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 404 APTypeProText-Regular.woff
candsa.top/ap-footer/ 0
0 202ms
200ms Font
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/ap-footer/APTypeProText-Regular.woff
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Origin: https://candsa.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:16 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 404 APTypeProText-Regular.woff
candsa.top/website-header/fonts/ 0
0 202ms
201ms Font
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/website-header/fonts/APTypeProText-Regular.woff
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Origin: https://candsa.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:16 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 404 APTypeProText-Regular.0d06f05cee62a982b327.woff
candsa.top/ 0
0 202ms
201ms Font
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/APTypeProText-Regular.0d06f05cee62a982b327.woff
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Origin: https://candsa.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:16 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 404 APTypeProDisplay-Medium.3965cc1a217ef4946152.woff2
candsa.top/ 0
0 201ms
199ms Font
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/APTypeProDisplay-Medium.3965cc1a217ef4946152.woff2
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Origin: https://candsa.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:16 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 404 APTypeProDisplay-Medium.woff2
candsa.top/website-header/fonts/ 0
0 202ms
201ms Font
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/website-header/fonts/APTypeProDisplay-Medium.woff2
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Origin: https://candsa.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:16 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 404 APTypeProDisplay-Medium.woff2
candsa.top/ap-footer/ 0
0 202ms
201ms Font
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/ap-footer/APTypeProDisplay-Medium.woff2
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Origin: https://candsa.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:16 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 404 APTypeProDisplay-Medium.e7119b9cddcfe7afabe5.woff
candsa.top/ 0
0 201ms
200ms Font
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/APTypeProDisplay-Medium.e7119b9cddcfe7afabe5.woff
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Origin: https://candsa.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:17 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 404 APTypeProDisplay-Medium.woff
candsa.top/website-header/fonts/ 0
0 202ms
201ms Font
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/website-header/fonts/APTypeProDisplay-Medium.woff
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Origin: https://candsa.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:17 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 404 APTypeProDisplay-Medium.woff
candsa.top/ap-footer/ 0
0 202ms
201ms Font
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/ap-footer/APTypeProDisplay-Medium.woff
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Origin: https://candsa.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:17 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 404 APTypeProText-Medium.47db950bddc880ba36a0.woff2
candsa.top/ 0
0 201ms
200ms Font
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/APTypeProText-Medium.47db950bddc880ba36a0.woff2
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Origin: https://candsa.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:17 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 404 APTypeProText-Medium.woff2
candsa.top/website-header/fonts/ 0
0 201ms
200ms Font
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/website-header/fonts/APTypeProText-Medium.woff2
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Origin: https://candsa.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:17 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 404 APTypeProText-Medium.woff
candsa.top/website-header/fonts/ 0
0 418ms
417ms Font
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/website-header/fonts/APTypeProText-Medium.woff
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Origin: https://candsa.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:17 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 404 APTypeProText-Medium.413a53b9b97bf12b7b51.woff
candsa.top/ 0
0 418ms
418ms Font
text/html 43.249.9.216
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://candsa.top/APTypeProText-Medium.413a53b9b97bf12b7b51.woff
Requested by: Host: candsa.top
URL: https://candsa.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.249.9.216 , China, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Origin: https://candsa.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:17 GMT
server: Apache
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2 200 favicon.ico
auspost.com.au/mypost/auspoststaticassets/assets/favicons/ 15 KB
15 KB 1038ms
1023ms Other
image/vnd.microsoft.icon 3.161.82.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auspost.com.au/mypost/auspoststaticassets/assets/favicons/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.82.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-82-60.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

7bda64a5578d7cd0d654c0e0b0b91f31f9ae94b2212ff9c2cb3871c8032192cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://candsa.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 01:01:18 GMT
strict-transport-security: max-age=15552000
via: 1.1 9c8021538470ab47dffa34921d0b4aca.cloudfront.net (CloudFront)
x-amz-version-id: wPTSTedhLubj1WUIvqP8kKt_hw7qLLfo
last-modified: Fri, 12 Apr 2024 03:18:50 GMT
server: nginx
x-amz-cf-pop: FRA56-P10
etag: "75e6ceb9f330772124d0ed1115a4a1a6"
x-cache: Miss from cloudfront
content-type: image/vnd.microsoft.icon
cache-control: no-cache
content-length: 15086
x-amz-cf-id: FDkP8Qy6FkT2jT4JLGQnq8tRPwZ6VT2T-gIwVQ8uoFy9RWXAFD-ZEw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Domain: auspost.com.au
URL: https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProText-Medium.woff2

Domain: auspost.com.au
URL: https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProText-Regular.woff2

Domain: auspost.com.au
URL: https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProDisplay-Medium.woff2

Domain: auspost.com.au
URL: https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProText-Regular.woff

Domain: auspost.com.au
URL: https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProDisplay-Medium.woff

Domain: auspost.com.au
URL: https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProText-Medium.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australia Post (Transportation)

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 19:58:09	Name: test_cookie Value: CheckForPermission
candsa.top/	1969-12-31 23:59:59	Name: sat_track Value: true
.demdex.net/	1970-01-21 00:17:20	Name: demdex Value: 67133878820313017301421010678859860146
.tiktok.com/	1970-01-21 05:19:44	Name: _ttp Value: 2fIVFboON6GmPhWg93NI8mN9psX
.candsa.top/	1970-01-20 22:07:44	Name: _gcl_au Value: 1.1.374687878.1713488475
.candsa.top/	1969-12-31 23:59:59	Name: AMCVS_0A2D38B352782F1E0A490D4C%40AdobeOrg Value: 1
.candsa.top/	1970-01-20 19:58:10	Name: prevUrl Value: https%3A%2F%2Fcandsa.top%2F
.candsa.top/	1970-01-20 19:58:10	Name: s_ppn Value: auspost%3Ahome
.candsa.top/	1970-01-20 20:41:20	Name: s_nr Value: 1713488475483
.candsa.top/	1969-12-31 23:59:59	Name: s_auth Value: false
.candsa.top/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-21 04:43:44	Name: everest_g_v2 Value: g_surferid~ZiHCWwAAANMiCANe
.dpm.demdex.net/	1970-01-21 00:17:20	Name: dpm Value: 67133878820313017301421010678859860146
.candsa.top/	1970-01-21 05:34:08	Name: AMCV_0A2D38B352782F1E0A490D4C%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19833%7CMCMID%7C67206938550738786581429466749116190290%7CMCAAMLH-1714093275%7C6%7CMCAAMB-1714093275%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1713495675s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19840%7CvVersion%7C5.4.0
auspost.inq.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: 1a63f1968d43605e2bb51ff173d309ab
media-aus.inq.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: 517fee00e5acfc8cd06a917e9a55ad5b

50 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://candsa.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://candsa.top/assets-ad90b6e38e9b2425489217154b485f683bd41b9c/new-relic-tracking.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://candsa.top/assets-ad90b6e38e9b2425489217154b485f683bd41b9c/mypost-track-config.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://candsa.top/styles.8a672496cc43bf1fc4fe.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://candsa.top/website-header/header.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://candsa.top/ap-footer/footer-es2015.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://candsa.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://candsa.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://candsa.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://candsa.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://candsa.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://candsa.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://candsa.top/ Message: Access to font at 'https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProText-Regular.woff2' from origin 'https://candsa.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProText-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://candsa.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://candsa.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://candsa.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://candsa.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://candsa.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://candsa.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://candsa.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://candsa.top/ Message: Access to font at 'https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProDisplay-Medium.woff2' from origin 'https://candsa.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProDisplay-Medium.woff2 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://candsa.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://candsa.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://media-aus.inq.com/media/sites/10005961/assets/automatons/acif-configs.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://candsa.top/ Message: Access to font at 'https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProText-Medium.woff2' from origin 'https://candsa.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProText-Medium.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://candsa.top/ Message: Access to font at 'https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProText-Regular.woff' from origin 'https://candsa.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProText-Regular.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://candsa.top/ap-footer/APTypeProText-Regular.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://candsa.top/website-header/fonts/APTypeProText-Regular.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://candsa.top/APTypeProText-Regular.a67ad29d67ff62360d33.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://candsa.top/ Message: Access to font at 'https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProDisplay-Medium.woff' from origin 'https://candsa.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProDisplay-Medium.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://candsa.top/ap-footer/APTypeProText-Regular.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://candsa.top/website-header/fonts/APTypeProText-Regular.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://candsa.top/APTypeProText-Regular.0d06f05cee62a982b327.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://candsa.top/APTypeProDisplay-Medium.3965cc1a217ef4946152.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://candsa.top/website-header/fonts/APTypeProDisplay-Medium.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://candsa.top/ap-footer/APTypeProDisplay-Medium.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://candsa.top/APTypeProDisplay-Medium.e7119b9cddcfe7afabe5.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://candsa.top/website-header/fonts/APTypeProDisplay-Medium.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://candsa.top/ap-footer/APTypeProDisplay-Medium.woff Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://candsa.top/ Message: Access to font at 'https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProText-Medium.woff' from origin 'https://candsa.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://auspost.com.au/mypost/auspoststaticassets/assets/fonts/APTypeProText-Medium.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://candsa.top/website-header/fonts/APTypeProText-Medium.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://candsa.top/APTypeProText-Medium.47db950bddc880ba36a0.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://candsa.top/website-header/fonts/APTypeProText-Medium.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://candsa.top/APTypeProText-Medium.413a53b9b97bf12b7b51.woff Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api-js.datadome.co
assets.adobedtm.com
auspost.com.au
auspost.demdex.net
auspost.inq.com
bam.nr-data.net
candsa.top
cdn.branch.io
cm.everesttech.net
dd.auspost.com.au
dpm.demdex.net
googleads.g.doubleclick.net
js-agent.newrelic.com
media-aus.inq.com
s.pinimg.com
ssl.o.auspost.com.au
translate.googleapis.com
www.googleadservices.com
www.googletagmanager.com
auspost.com.au
translate.googleapis.com
108.138.26.116
142.250.186.66
162.247.241.14
18.197.37.77
18.245.86.11
20.53.179.33
216.58.206.34
2602:816:5001::39
2620:1ec:46::67
2a00:1450:4001:80b::2008
2a02:26f0:480:58f::1931
2a02:26f0:480:99e::1e80
3.161.82.60
43.249.9.216
52.214.218.223
52.49.110.165
63.140.62.17
92.123.12.168
99.81.63.100
042b279f9200c2aea94473d89f7cfebfac8871777fd94c80f560906ff1afba80
0fa4d81d930d6368d20f099dc19db2f096f3ec106c570acd12c2fec2f62cadb0
19281f270f466e15bbaf85a2b145cb2dcbaff75284e9ef3fc604d35a6a633362
2371e7c7bcac0fa23f127d0fcebb8419fe237eadb122998df2a23d3f38e6bcd8
3e7f9238a46b85be32b9d92930264052a7e3e1e5c1b1efd2b5f9d6e6a948517c
4ffebc1502a58f968a7739556374a44a8731a8bc1c133347fe97fc3b93b67a6b
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
62e7cb03e8f65ceb4f43a5a56a3b9c3950158fae3fea85699e3f4c68672f4c2f
6978f91aef1a1a2101311ccfdc609ed840517b0127d4ce07e54b3f141781b28f
6982e83b9ea7682534a77808bc53b3e516bc5d26dc406de1a2ea81c2fdf63a33
6b46e8134eeffca704802415ec3dca95d1dadf7bedb563c8ffd0b755650cf336
74debbeb2387d267d3f284c60fc0253dbad14ee6483d3ed6d74d3358a2dfe779
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7bda64a5578d7cd0d654c0e0b0b91f31f9ae94b2212ff9c2cb3871c8032192cd
9e732c0535a0d8501df59c4a7b24861e543f978886ab70ec83ebdf591167cb96
a032232db96125b16eb9cc49de13757026be2322e23da78d4a878b006cbb522a
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a647e2373d7835d9e17ad5cf52b3a736765c1a81b0269cec05c21a3aede60380
b4eb56f90de8ac48e46835b8809dd35aed0a46b569fd24b68f7a0cfda0fbf427
d46bfa0312bde6ad50eed9e84e7cc9d1deb5535a246d77dccdd72847f069d827
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a
e2928f156a83dfb1aa01783399c49f2b6636c4ee6660ab9c240c998c01368e55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f082b496c0b7474ebb0395eb969bec8ed9c2b7bdf5b78d5f1459395ff25d9366
f2205c30ab0d0a86cd0d715cf483bafd550c0ea9d4ddb24e2c182f1d7f024144
faebbb148388045da2972c6c84f013f0ece667dd3e7b00f01cd006880b1de73e

candsa.top Open in urlscan Pro 43.249.9.216 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

83 %HTTPS

26 %IPv6

16 Domains

20 Subdomains

19 IPs

5 Countries

922 kBTransfer

2776 kBSize

16 Cookies

100 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

candsa.top Open in urlscan Pro
43.249.9.216 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

83 %
HTTPS

26 %
IPv6

16
Domains

20
Subdomains

19
IPs

5
Countries

922 kB
Transfer

2776 kB
Size

16
Cookies

60 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!