urlscan.io logo urlscan.io
SecurityTrails logo

inbox.postbutler.net Open in urlscan Pro
37.120.188.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://inbox.postbutler.net/
Effective URL: https://inbox.postbutler.net/customers/auth/login
Submission: On April 22 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 15 domains to perform 32 HTTP transactions. The main IP is 37.120.188.21, located in Raederloh, Germany and belongs to NETCUP-AS netcup GmbH, DE. The main domain is inbox.postbutler.net.
TLS certificate: Issued by R3 on April 22nd 2022. Valid for: 3 months.
This is the only time inbox.postbutler.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 7 37.120.188.21 197540 (NETCUP-AS...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 18.66.245.48 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 142.250.181.226 15169 (GOOGLE)
1 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.43.14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:27::... 8075 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 20.75.32.255 8075 (MICROSOFT...)
32 18
7    37.120.188.21 (Raederloh, Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: lb.eu.clevvermail.com
inbox.postbutler.net
3    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    18.66.245.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-245-48.dus51.r.cloudfront.net
cdn.auth0.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
1    2a02:26f0:f7::5c7b:e053 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2620:1ec:27::cafe:1377 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
b.clarity.ms
Apex Domain
Subdomains		 Transfer
7 postbutler.net
inbox.postbutler.net
154 KB
4 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1219
c.clarity.ms — Cisco Umbrella Rank: 637
b.clarity.ms — Cisco Umbrella Rank: 3315
24 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 482
www.linkedin.com — Cisco Umbrella Rank: 603
px4.ads.linkedin.com — Cisco Umbrella Rank: 4702
3 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 378
c.bing.com — Cisco Umbrella Rank: 234
13 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 682
103 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5383
655 B
2 google.com
www.google.com — Cisco Umbrella Rank: 4
655 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
388 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
113 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 10001
30 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 913
3 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 104
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
76 KB
32 15
Domain Requested by
7 inbox.postbutler.net 2 redirects inbox.postbutler.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
3 maxcdn.bootstrapcdn.com inbox.postbutler.net
maxcdn.bootstrapcdn.com
2 c.clarity.ms 1 redirects
2 www.google.de
2 www.google.com
2 www.facebook.com
2 px.ads.linkedin.com 2 redirects
2 connect.facebook.net inbox.postbutler.net
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.auth0.com inbox.postbutler.net
1 b.clarity.ms www.clarity.ms
1 c.bing.com 1 redirects
1 www.clarity.ms bat.bing.com
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 snap.licdn.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com inbox.postbutler.net
32 21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
accounts.google.com
Subject Issuer Validity Valid
inbox.postbutler.net
R3		 2022-04-22 -
2022-07-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.auth0.com
Amazon		 2022-03-26 -
2023-04-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-29 -
2022-04-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://inbox.postbutler.net/customers/auth/login
Frame ID: 9B8C333FE8FC09C2A0AE373920A509D1
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Post Butler

Page URL History Show full URLs

  1. https://inbox.postbutler.net/ HTTP 302
    https://inbox.postbutler.net/customers/login HTTP 302
    https://inbox.postbutler.net/customers/auth/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /auth0(?:-js)?/([\d.]+)/auth0(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

94 %
HTTPS

68 %
IPv6

15
Domains

21
Subdomains

18
IPs

4
Countries

552 kB
Transfer

1457 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://inbox.postbutler.net/ HTTP 302
    https://inbox.postbutler.net/customers/login HTTP 302
    https://inbox.postbutler.net/customers/auth/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1811569&time=1650622252663&url=https%3A%2F%2Finbox.postbutler.net%2Fcustomers%2Fauth%2Flogin HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1811569%26time%3D1650622252663%26url%3Dhttps%253A%252F%252Finbox.postbutler.net%252Fcustomers%252Fauth%252Flogin%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1811569&time=1650622252663&url=https%3A%2F%2Finbox.postbutler.net%2Fcustomers%2Fauth%2Flogin&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1811569&time=1650622252663&url=https%3A%2F%2Finbox.postbutler.net%2Fcustomers%2Fauth%2Flogin&liSync=true&e_ipv6=AQJwfyJIwLBSdAAAAYBQwMgYbQwXHOInr6idInDkNHYY4O6evdjqaWV0DeUjzeewfitze-e4UaFNMw
Request Chain 28
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=A1BCDD7BDB7C47F4A73FD0136A0A007E&RedC=c.clarity.ms&MXFR=1D7AD348E867601700CBC2C6EC676EE0 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=A1BCDD7BDB7C47F4A73FD0136A0A007E&MUID=344CE72271996C791362F6AC70F26DA0

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
inbox.postbutler.net/customers/auth/
Redirect Chain
  • https://inbox.postbutler.net/
  • https://inbox.postbutler.net/customers/login
  • https://inbox.postbutler.net/customers/auth/login
23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://inbox.postbutler.net/customers/auth/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.120.188.21 Raederloh, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
lb.eu.clevvermail.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b80a1e04e7cc44c34e18556355e7b7daba0aeb72992e0a46e4461ef81cf3c357

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
Content-Type, Content-Length, Accept-Encoding, App_Code, App_Key, App-key, App-code
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
post-check=0, pre-check=0, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
6760
Content-Type
text/html; charset=UTF-8
Date
Fri, 22 Apr 2022 10:10:52 GMT
Expires
Sat, 01 Jan 2000 00:00:01 GMT
Last-Modified
Fri, 22 Apr 2022 10:10:52 GMT
Pragma
no-cache
Referrer-Policy
strict-origin
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Headers
Content-Type, Content-Length, Accept-Encoding, App_Code, App_Key, App-key, App-code
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Fri, 22 Apr 2022 10:10:51 GMT
Location
https://inbox.postbutler.net/customers/auth/login
Referrer-Policy
strict-origin
Server
nginx/1.14.0 (Ubuntu)
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: inbox.postbutler.net
URL: https://inbox.postbutler.net/customers/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 10:10:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617, 617
age
7524944
cdn-cachedat
2021-06-08 14:35:16
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a25b3b26237dd55b5f417f26a9965dbb
cf-ray
6ffd9275ae819018-FRA
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: inbox.postbutler.net
URL: https://inbox.postbutler.net/customers/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 10:10:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617
age
7524948
cdn-cachedat
2021-06-08 14:35:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
55fb4fa8e5dd0a7f71d503394bffb28b
cdn-requestcountrycode
US
cf-ray
6ffd9275ae839018-FRA
cdn-cache
HIT
cdn-requestpullsuccess
True
auth0.min.js
cdn.auth0.com/js/auth0/8.7/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/auth0/8.7/auth0.min.js
Requested by
Host: inbox.postbutler.net
URL: https://inbox.postbutler.net/customers/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.245.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-245-48.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a753c8255b77e1b2de100c1e511b95691eb606f2fb1de5b5173240a145593bf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
ZUkeC1bdpHv6zUrIcKcKoPaIIuhghTUr
content-encoding
gzip
last-modified
Wed, 24 May 2017 19:32:17 GMT
server
AmazonS3
age
8456
etag
W/"11b98db7014f58c4daaf22037c26349f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control
max-age=10800,public
date
Fri, 22 Apr 2022 07:52:54 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
xN6Q-soONs20x4oFxe8xwqdw-mXpIBQBu4TnEOSSG-mXRiio1R9fdA==
object-assign.min.js
cdn.auth0.com/js/polyfills/1.0/ 		278 B
696 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/polyfills/1.0/object-assign.min.js
Requested by
Host: inbox.postbutler.net
URL: https://inbox.postbutler.net/customers/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.245.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-245-48.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e3281ce824bc83f86243254926e320d7a51fd34e310d76f38ddf5ca4430bcd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
QnBigF9q9VrtNR8TU_yhfoN9BlecmQ2x
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
last-modified
Thu, 08 Jun 2017 20:30:02 GMT
server
AmazonS3
age
862
etag
"4dfaafaab07b1c6c2314bfe79a1baa81"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=10800,public
date
Fri, 22 Apr 2022 09:56:31 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
278
x-amz-cf-id
du9mxs_WmCViZpv9vhd72k1-accpEx0k4lxSljdOr4jK5v8h6pqh8w==
jquery-1.7.2.min.js
inbox.postbutler.net/system/virtualpost/themes/assets/js/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inbox.postbutler.net/system/virtualpost/themes/assets/js/jquery-1.7.2.min.js
Requested by
Host: inbox.postbutler.net
URL: https://inbox.postbutler.net/customers/auth/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.120.188.21 Raederloh, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
lb.eu.clevvermail.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:10:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Apr 2022 04:07:39 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"17278-5dd365e09e84f-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33622
jquery.blockUI.js
inbox.postbutler.net/system/virtualpost/themes/assets/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inbox.postbutler.net/system/virtualpost/themes/assets/js/jquery.blockUI.js
Requested by
Host: inbox.postbutler.net
URL: https://inbox.postbutler.net/customers/auth/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.120.188.21 Raederloh, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
lb.eu.clevvermail.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ebaf4e9149b0303804e0359e988557790ba3f58b3712f60a354532f047a10e03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:10:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Apr 2022 04:07:39 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"3eed-5dd365e09e84f-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5643
jquery.common.js
inbox.postbutler.net/system/virtualpost/themes/assets/js/ 		80 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inbox.postbutler.net/system/virtualpost/themes/assets/js/jquery.common.js
Requested by
Host: inbox.postbutler.net
URL: https://inbox.postbutler.net/customers/auth/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.120.188.21 Raederloh, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
lb.eu.clevvermail.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
aa4b4457d7a8627362431b13abff0e1c7788f01c394e63a2e32b1d4fa58f45a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:10:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Apr 2022 04:07:39 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"140b4-5dd365e09e84f-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14624
1650461220.png
inbox.postbutler.net/uploads/enterprise/C00089949/settings/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inbox.postbutler.net/uploads/enterprise/C00089949/settings/1650461220.png
Requested by
Host: inbox.postbutler.net
URL: https://inbox.postbutler.net/customers/auth/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.120.188.21 Raederloh, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
lb.eu.clevvermail.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
95934e2f3ebcc6bdeb81ea359bfed277495f3feb07619936ebd61e5e59f656c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:10:52 GMT
Last-Modified
Wed, 20 Apr 2022 13:27:00 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"16930-5dd15f2c6c6b4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
92464
gtm.js
www.googletagmanager.com/ 		241 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDW2CS3
Requested by
Host: inbox.postbutler.net
URL: https://inbox.postbutler.net/customers/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4a557855464656e4c2c0d4097fb9e9ae451ce3a2376044b86da92c557fab52b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 10:10:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77098
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Apr 2022 10:10:52 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://inbox.postbutler.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 10:10:52 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
601
access-control-allow-origin
*
cdn-proxyver
1.02
cdn-cachedat
04/09/2022 08:19:45
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
etag
"af7ae505a9eed503f8b8e6982036873e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
9b7d2bc129feb42355b26044010a4c1a
accept-ranges
bytes
cf-ray
6ffd92763d5b91e4-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDW2CS3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2162
date
Fri, 22 Apr 2022 09:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 22 Apr 2022 11:34:50 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDW2CS3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FBE48EF1507843BDB5914F3D7C0227C8 Ref B: FRAEDGE1513 Ref C: 2022-04-22T10:10:52Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Fri, 22 Apr 2022 10:10:52 GMT
accept-ranges
bytes
content-length
11333
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDW2CS3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 10:10:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14892
x-xss-protection
0
server
cafe
etag
4605403730725282575
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Apr 2022 10:10:52 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDW2CS3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e053 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
662
Date
Fri, 22 Apr 2022 10:10:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
X-EdgeConnect-MidMile-RTT
0
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=57468
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: inbox.postbutler.net
URL: https://inbox.postbutler.net/customers/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
AbsmHrUCNNx0DJmEbRdRhF4qFM405/oz0DOa7WLRue3eGnDW0ppDVsRbwkHbzmHNk5ZyPG9UbM7UAAHNB/KwHg==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Fri, 22 Apr 2022 10:10:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
1084077541736338
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1084077541736338?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d05b1b28a386882b605157ba3c69e66d9a8d868d79daf80531fc124679f36255
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88839
x-xss-protection
0
pragma
public
x-fb-debug
/IgVTry233YkTKfUUlMr7G2vz9WHxeP2fUautaOxM9tLbBRWykNxPyhRo3YHHq/MBMFkKHTjVgSGupQttmuB8Q==
x-frame-options
DENY
date
Fri, 22 Apr 2022 10:10:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1811569&time=1650622252663&url=https%3A%2F%2Finbox.postbutler.net%2Fcustomers%2Fauth%2Flogin
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1811569%26time%3D1650622252663%26url%3Dhttps%253A%252F%252Finbox.postbutler.net%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1811569&time=1650622252663&url=https%3A%2F%2Finbox.postbutler.net%2Fcustomers%2Fauth%2Flogin&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1811569&time=1650622252663&url=https%3A%2F%2Finbox.postbutler.net%2Fcustomers%2Fauth%2Flogin&liSync=true&e_ipv6=AQJwfyJIwLBSdAAAAYBQwMgYbQwXHOInr...
0
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1811569&time=1650622252663&url=https%3A%2F%2Finbox.postbutler.net%2Fcustomers%2Fauth%2Flogin&liSync=true&e_ipv6=AQJwfyJIwLBSdAAAAYBQwMgYbQwXHOInr6idInDkNHYY4O6evdjqaWV0DeUjzeewfitze-e4UaFNMw
Protocol
H2
Server
13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 10:10:52 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 8FE3159C00EE438D9B12864008A035C1 Ref B: VIEEDGE3007 Ref C: 2022-04-22T10:10:53Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXdO3EQohV8aftlY+iyig==
x-li-fabric
prod-ltx1

Redirect headers

date
Fri, 22 Apr 2022 10:10:52 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E0F0689747584E22A2949A0A38ABFC78 Ref B: FRAEDGE1318 Ref C: 2022-04-22T10:10:52Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1811569&time=1650622252663&url=https%3A%2F%2Finbox.postbutler.net%2Fcustomers%2Fauth%2Flogin&liSync=true&e_ipv6=AQJwfyJIwLBSdAAAAYBQwMgYbQwXHOInr6idInDkNHYY4O6evdjqaWV0DeUjzeewfitze-e4UaFNMw
x-li-proto
http/2
content-length
0
x-li-uuid
AAXdO3ENbs1UTQN95fDUkg==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=2004515324&t=pageview&_s=1&dl=https%3A%2F%2Finbox.postbutler.net%2Fcustomers%2Fauth%2Flogin&ul=en-us&de=UTF-8&dt=Post%20Butler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=597066360&gjid=192241599&cid=1864570142.1650622253&tid=UA-45579462-1&_gid=1725773965.1650622253&_r=1&gtm=2wg4k0TDW2CS3&z=1254774468
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inbox.postbutler.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 10:10:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://inbox.postbutler.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
5751770.js
bat.bing.com/p/action/ 		895 B
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5751770.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e90c891b107e2548b464a7c244f474df632a3072ab79c9ae2b36640b72b03fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9485831B331741B0858541ADE19C2BF6 Ref B: FRAEDGE1513 Ref C: 2022-04-22T10:10:52Z
date
Fri, 22 Apr 2022 10:10:52 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
680
0
bat.bing.com/action/ 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5751770&tm=gtm002&Ver=2&mid=096cedd8-afa4-4548-88f7-c6690bd1f64c&sid=7dd08f00c22411ecb1a939d3c2087cd6&vid=7dd0b0a0c22411ecaf9903c0158c29b9&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Post%20Butler&p=https%3A%2F%2Finbox.postbutler.net%2Fcustomers%2Fauth%2Flogin&r=&lt=1480&evt=pageLoad&msclkid=N&sv=1&rn=811718
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 43F1DD11A31C424B9D92038257793360 Ref B: FRAEDGE1513 Ref C: 2022-04-22T10:10:52Z
date
Fri, 22 Apr 2022 10:10:52 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/851203497/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/851203497/?random=1650622252710&cv=9&fst=1650622252710&num=1&userId=false&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&ig=1&data=dynx_totalvalue%3D0&frm=0&url=https%3A%2F%2Finbox.postbutler.net%2Fcustomers%2Fauth%2Flogin&tiba=Post%20Butler&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc2a961e6c89afaa35eec93d160df2c29f95821860d980e84a00634d5a2e00e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 10:10:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1053
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1084077541736338&ev=PageView&dl=https%3A%2F%2Finbox.postbutler.net%2Fcustomers%2Fauth%2Flogin&rl=&if=false&ts=1650622252722&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650622252721.1856418016&it=1650622252659&coo=false&exp=p1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 10:10:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 22 Apr 2022 10:10:52 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-45579462-1&cid=1864570142.1650622253&jid=597066360&gjid=192241599&_gid=1725773965.1650622253&_u=YEBAAEAAAAAAAC~&z=439464293
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://inbox.postbutler.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 22 Apr 2022 10:10:52 GMT
content-type
text/plain
access-control-allow-origin
https://inbox.postbutler.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/851203497/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/851203497/?random=1650622252710&cv=9&fst=1650621600000&num=1&userId=false&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&data=dynx_totalvalue%3D0&frm=0&url=https%3A%2F%2Finbox.postbutler.net%2Fcustomers%2Fauth%2Flogin&tiba=Post%20Butler&async=1&fmt=3&is_vtc=1&random=2433780586&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 10:10:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/851203497/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/851203497/?random=1650622252710&cv=9&fst=1650621600000&num=1&userId=false&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&data=dynx_totalvalue%3D0&frm=0&url=https%3A%2F%2Finbox.postbutler.net%2Fcustomers%2Fauth%2Flogin&tiba=Post%20Butler&async=1&fmt=3&is_vtc=1&random=2433780586&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 10:10:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-45579462-1&cid=1864570142.1650622253&jid=597066360&_u=YEBAAEAAAAAAAC~&z=1068595549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 10:10:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-45579462-1&cid=1864570142.1650622253&jid=597066360&_u=YEBAAEAAAAAAAC~&z=1068595549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 10:10:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/eus2/s/0.6.34/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/s/0.6.34/clarity.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/5751770.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1377 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 10:10:52 GMT
content-encoding
br
etag
"1d85123589f1154"
last-modified
Fri, 15 Apr 2022 23:48:46 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0LH9iYgAAAAAApxX7Uu4JSZuZdWjpqmG5SEVMMDFFREdFMDUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=A1BCDD7BDB7C47F4A73FD0136A0A007E&RedC=c.clarity.ms&MXFR=1D7AD348E867601700CBC2C6EC676EE0
  • https://c.clarity.ms/c.gif?CtsSyncId=A1BCDD7BDB7C47F4A73FD0136A0A007E&MUID=344CE72271996C791362F6AC70F26DA0
42 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=A1BCDD7BDB7C47F4A73FD0136A0A007E&MUID=344CE72271996C791362F6AC70F26DA0
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 10:10:52 GMT
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8120eaf0ff3ad81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 22 Apr 2022 10:10:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CEB9CCACD14841B7ACD0FD10E14EE3DE Ref B: FRAEDGE1513 Ref C: 2022-04-22T10:10:52Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=A1BCDD7BDB7C47F4A73FD0136A0A007E&MUID=344CE72271996C791362F6AC70F26DA0
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
b.clarity.ms/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://inbox.postbutler.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://inbox.postbutler.net
date
Fri, 22 Apr 2022 10:10:53 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1084077541736338&ev=Microdata&dl=https%3A%2F%2Finbox.postbutler.net%2Fcustomers%2Fauth%2Flogin&rl=&if=false&ts=1650622254225&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Post%20Butler%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1650622252721.1856418016&it=1650622252659&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inbox.postbutler.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 10:10:54 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 22 Apr 2022 10:10:54 GMT

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| globalLanguage string| GTM_EventCategory_AccountSetting string| GTM_EventCategory_Activities string| GTM_EventCategory_Registration string| GTM_EventCategory_Blog string| GTM_EventCategory_Download string| GTM_EventCategory_Credit string| GTM_EventCategory_Account string| GTM_INTERFACE string| GTM_EventName string| GTM_EventNonInteraction string| GTM_TYPE_ASYOUGO string| GTM_TYPE_PRIVATE string| GTM_TYPE_BUSINESS string| GTM_Activities_DeletePostbox string| GTM_Activities_DowngradePostbox string| GTM_Activities_UpgradePostbox string| GTM_Activities_MultipleChanges string| GTM_Activities_AddPostbox string| GTM_Activities_DeleteAccount string| GTM_Activities_ManuallyDelete string| GTM_Activities_DirectFowarding string| GTM_Activities_CollectFowarding string| GTM_Activities_MarkCollect string| GTM_Activities_ScanEnvelope string| GTM_Activities_ScanItem string| GTM_Activities_DeleteItem string| GTM_Activities_EmailForwarding string| GTM_Activities_EmailRegistration string| GTM_Activities_Login string| GTM_Activities_Logout string| GTM_Activities_Onboarding string| GTM_Activities_Verification string| GTM_Activities_EmailConfirmation string| GTM_Activities_Select_AutomationSettings string| GTM_Activities_Unselect_AutomationSettings string| GTM_Activities_AutomationSettings string| GTM_Activities_EmailInterfaceSetupLink string| GTM_Activities_EmailInterfaceConfirm string| GTM_Activities_DropboxSetupLink string| GTM_Activities_DropboxConfirm string| GTM_Activities_Cloud string| GTM_Activities_CancelActivity string| GTM_EventLabel_Step1 string| GTM_EventLabel_Step2 string| GTM_EventLabel_Step3 string| GTM_EventLabel_Step4 string| GTM_EventLabel_Step5 string| GTM_EventLabel_Submited_Verification string| GTM_Event_funnelSuccess string| GTM_Activities_Email_Confirmed string| GTM_Activities_product_selected string| GTM_Activities_product_setup_finished string| GTM_Activities_product_addresses_added string| GTM_Activities_payment_method_added string| GTM_Activities_booking_success string| GTM_Activities_payment_success string| GTM_Activities_MarkPickup string| DIRECT_ACCESS_CUSTOMER_FLAG string| base_url string| customer_token string| DIMESION_WEIGHT_OZ string| DIMESION_WEIGHT_GR string| DIMESION_WEIGHT_LB string| OUNCE_NUMBER_PER_GRAM_CODE string| POUND_NUMBER_PER_GRAM_CODE string| DIMENSION_IN_CM string| DIMENSION_IN_INCH string| INCH_NUMBER_PER_CENTIMET_CODE string| CURRENCY_RATE string| LENGTH_UNIT string| WEIGHT_UNIT object| NUMBER_FORMAT_SEPARATOR object| userProfile object| dataLayer string| device object| trackingData function| detectMobileBrowser object| auth0 function| $ function| jQuery string| commonContext object| commonMimes object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| fbq function| _fbq function| setCookie function| getCookie function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaGlobal object| gaData function| UET function| UET_init function| UET_push object| ueto_966bca14e9 object| uetq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| clarity

26 Cookies

Domain/Path Name / Value
inbox.postbutler.net/ Name: clevvermail_ci_session
Value: DVgBVV06BzgCHVc5BCRReQFGCmVSFlEnWRxTOV1MB3xXC1oDUUoKJARpAlVYaVMoBg5YaldvATgDQgRrA3ZXLFwZVD1YTlAoWxIDa19DAWANTAFFXT0HZAIIVwMEHVExAUcKZVIwUWFZClM6XWEHNFccWiFRZwonBFECaFg7U20GG1gMV1oBKgNGBGsDR1dnXA9UAFhRUDlbEgNGX0MBLA1bAUJdHAc%2BAjFXLQQ%2FUXsBRApLUjxROVkyUwhdRAdgVwhaDFFWCjUEawJvWAZTJwY1WCFXSgFkA2gEewNtVy5cG1QtWGxQOFsQA3hfaQEgDUwBVV0cB34CHlc9BBVRNwFGCkxSZ1EpWR5TA11PBzFXMlohUWsKJgRFAkZYP1M0BjJYAFdNAT8DaARtAztXPlwMVGVYVVAkWzkDQV9DAWINYgF7XToHcQIfVwMEBVE1AUAKZFJiUSZZNlM9XWoHdVczWhxRQQooBEYCUVhkUyoGH1gbV2sBCwNqBFYDN1c9XDRUZFhnUCtbFANHXz8BAA1IAUVdEAd%2BAh5XPQQRUTQBQApJUjdRIFkxUzpdXwc2Vx5aIlFGCmoERgJoWAFTLQYfWB1XRQEkA2gERgN6VzpcAFRlWFVQOFsOAzBfZgFlDU0Be10AB3MCHFcuBGRReQFHCmZSElE%2FWQBTYF1uB1NXBVoOUXMKLQRBAkVYKFMtBjdYaldWATQDWQQzA1RXPFw3VGVYO1AhWxQDR19EAToNYgFsXWwHfQIIVwQEaFF7AUQKS1ISUSVZHlMTXTIHNlceWh9RbwpsBEQCaFgzU2wGH1geV00BOwNRBGwDRFcvXDdUBFg7UGBbEAN4X2kBIA1MAXtdDAdgAh1XZAQdUTUBRApbUh5RZlkaUz1dfgduVzJaaFFWCjgEUQJVWB5TbQY3WABXWQEjA28ESQNpVz9cGVRlWGhQZ1sQA1ZfUwFkDUwBRV0MB3ACH1c9BBlRMgFECltSJ1EqWRxTOl1tBzBXGFo1UVIKJARSAlpYGlM7BgxYH1dFAWMDUgRSA0tXYVw1VC1YbFAmWxIDa19DATwNTgEyXWUHNA%3D%3D
inbox.postbutler.net/ Name: PHPSESSID
Value: deqpm0941bfcqu7olbrseniki9
.postbutler.net/ Name: _gcl_au
Value: 1.1.431234749.1650622253
.inbox.postbutler.net/ Name: pageviewCount
Value: 1
.bing.com/ Name: MUID
Value: 344CE72271996C791362F6AC70F26DA0
.postbutler.net/ Name: _ga
Value: GA1.2.1864570142.1650622253
.postbutler.net/ Name: _gid
Value: GA1.2.1725773965.1650622253
.postbutler.net/ Name: _gat_UA-45579462-1
Value: 1
.postbutler.net/ Name: _uetsid
Value: 7dd08f00c22411ecb1a939d3c2087cd6
.postbutler.net/ Name: _uetvid
Value: 7dd0b0a0c22411ecaf9903c0158c29b9
.postbutler.net/ Name: _fbp
Value: fb.1.1650622252721.1856418016
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.linkedin.com/ Name: UserMatchHistory
Value: AQJk23m1eiZ6xgAAAYBQwMbdgcr9U0-utZbDwuQXw5gL-vHpDT2SOdJmbVn3jS1b8PctlSr2v3s5-g
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJ91KsAog-l3gAAAYBQwMbdRdxJmLJgS3ifhyOvMg1TSXVrPoE_edlGU4WvrJQEraXbsAYS_VWnLZfIr0Cn0A
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&fa052390-45f7-4473-894b-7aa9f2a8d22e"
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2289:u=1:x=1:i=1650622252:t=1650708652:v=2:sig=AQG7A4sV75VvmPpQU-KffrFA7p1reJfH"
.c.bing.com/ Name: SRM_B
Value: 344CE72271996C791362F6AC70F26DA0
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202204221010527fffc4ce-f82e-4f2b-8b41-e35b5441d51fAQESMVM5UR9OHlSmGjSAu9uHifVWYoBx"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTA2MjIyNTI7MjswMjEbC8znH6MrBpCnMeuxL7yI5ZmH0ee9LefnPUuzXoHQJA==
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 344CE72271996C791362F6AC70F26DA0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.postbutler.net/ Name: _clck
Value: z9vbfe|1|f0u|0
.postbutler.net/ Name: _clsk
Value: 1pbs94a|1650622253507|1|1|b.clarity.ms/collect

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.clarity.ms
bat.bing.com
c.bing.com
c.clarity.ms
cdn.auth0.com
connect.facebook.net
googleads.g.doubleclick.net
inbox.postbutler.net
maxcdn.bootstrapcdn.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
13.107.43.14
142.250.181.226
18.66.245.48
20.75.32.255
2606:4700::6812:acf
2620:1ec:21::14
2620:1ec:27::cafe:1377
2620:1ec:c11::200
2a00:1450:4001:800::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:827::2002
2a00:1450:400c:c06::9b
2a02:26f0:f7::5c7b:e053
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
37.120.188.21
52.142.114.2
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e3281ce824bc83f86243254926e320d7a51fd34e310d76f38ddf5ca4430bcd8
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4a557855464656e4c2c0d4097fb9e9ae451ce3a2376044b86da92c557fab52b3
5e90c891b107e2548b464a7c244f474df632a3072ab79c9ae2b36640b72b03fb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
95934e2f3ebcc6bdeb81ea359bfed277495f3feb07619936ebd61e5e59f656c4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a753c8255b77e1b2de100c1e511b95691eb606f2fb1de5b5173240a145593bf4
aa4b4457d7a8627362431b13abff0e1c7788f01c394e63a2e32b1d4fa58f45a5
b80a1e04e7cc44c34e18556355e7b7daba0aeb72992e0a46e4461ef81cf3c357
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
bc2a961e6c89afaa35eec93d160df2c29f95821860d980e84a00634d5a2e00e5
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
d05b1b28a386882b605157ba3c69e66d9a8d868d79daf80531fc124679f36255
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebaf4e9149b0303804e0359e988557790ba3f58b3712f60a354532f047a10e03
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c