urlscan.io logo urlscan.io
SecurityTrails logo

postamanika.com Open in urlscan Pro
107.175.247.164  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://postamanika.com/70f17
Effective URL: https://postamanika.com/70f17/
Submission: On November 23 via manual from NP — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 42 HTTP transactions. The main IP is 107.175.247.164, located in United States and belongs to AS-COLOCROSSING, US. The main domain is postamanika.com.
TLS certificate: Issued by R3 on October 30th 2021. Valid for: 3 months.
This is the only time postamanika.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banque Postale (Banking)

Domain & IP information

IP Address AS Autonomous System
2 8 107.175.247.164 36352 (AS-COLOCR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2606:4700::68... 13335 (CLOUDFLAR...)
25 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
42 8
8    107.175.247.164 (United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 107-175-247-164-host.colocrossing.com
postamanika.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
25    2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
va.tawk.to
vsa38.tawk.to
2    2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)
va.tawk.to
vsa38.tawk.to
3    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
21 embed.tawk.to postamanika.com
embed.tawk.to
8 postamanika.com 2 redirects postamanika.com
3 fonts.googleapis.com embed.tawk.to
3 vsa38.tawk.to embed.tawk.to
3 va.tawk.to embed.tawk.to
2 cdn.jsdelivr.net postamanika.com
embed.tawk.to
2 stackpath.bootstrapcdn.com postamanika.com
1 fonts.gstatic.com fonts.googleapis.com
1 code.jquery.com postamanika.com
42 9

This site contains no links.

Subject Issuer Validity Valid
postamanika.com
R3		 2021-10-30 -
2022-01-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://postamanika.com/70f17/
Frame ID: FB72337CA7287BE4933CE96FB6C44B7F
Requests: 33 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/619bb958bf7/css/min-widget.css
Frame ID: 4112A1C4362630D30F3AB16139562ABD
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/619bb958bf7/css/message-preview.css
Frame ID: 9EF006D223EFD3A6EB398D6D3801576F
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/619bb958bf7/css/max-widget.css
Frame ID: 305AFA24A867686EE47E0327C2FD86DB
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/619bb958bf7/css/bubble-widget.css
Frame ID: 131FBBE5C419D4A568BE3A6FC4C10E9B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

La Banque Postale - Banque et Assurance en ligne – La Banque Postale

Page URL History Show full URLs

  1. http://postamanika.com/70f17 HTTP 301
    https://postamanika.com/70f17 HTTP 301
    https://postamanika.com/70f17/ Page URL

Page Statistics

42
Requests

100 %
HTTPS

88 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

3096 kB
Transfer

4128 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://postamanika.com/70f17 HTTP 301
    https://postamanika.com/70f17 HTTP 301
    https://postamanika.com/70f17/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
postamanika.com/70f17/
Redirect Chain
  • http://postamanika.com/70f17
  • https://postamanika.com/70f17
  • https://postamanika.com/70f17/
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://postamanika.com/70f17/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.175.247.164 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
107-175-247-164-host.colocrossing.com
Software
nginx / PHP/7.4.25 PleskLin
Resource Hash
14ae7e0d1f4e2739cd1ac700ec36cfbd0d2072924ccc153f7409ae2696b59c1e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 23 Nov 2021 02:34:14 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.25 PleskLin
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-encoding
br

Redirect headers

server
nginx
date
Tue, 23 Nov 2021 02:34:14 GMT
content-type
text/html; charset=iso-8859-1
content-length
238
location
https://postamanika.com/70f17/
x-powered-by
PleskLin
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 		156 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: postamanika.com
URL: https://postamanika.com/70f17/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://postamanika.com/
Origin
https://postamanika.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601
age
2025540
cdn-cachedat
08/03/2021 15:16:56
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
bd6b79be92b30e9bdf625c7bcb138682
cf-ray
6b26ff50dc864351-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
p11.png
postamanika.com/70f17/cap/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://postamanika.com/70f17/cap/p11.png
Requested by
Host: postamanika.com
URL: https://postamanika.com/70f17/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.175.247.164 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
107-175-247-164-host.colocrossing.com
Software
nginx / PleskLin
Resource Hash
7c4ee816e44f918103b472b9f25f8d6cca02ee7deda0df72b24b358790a760c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/70f17/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:14 GMT
last-modified
Sat, 30 Oct 2021 19:16:27 GMT
server
nginx
x-powered-by
PleskLin
etag
"617d9a0b-18f12"
content-type
image/png
accept-ranges
bytes
content-length
102162
m11.png
postamanika.com/70f17/cap/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://postamanika.com/70f17/cap/m11.png
Requested by
Host: postamanika.com
URL: https://postamanika.com/70f17/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.175.247.164 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
107-175-247-164-host.colocrossing.com
Software
nginx / PleskLin
Resource Hash
08ac96cbcdec9ec14e257b53d9bfae5ff8d6e233a9bed2d0beab49082b267f97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/70f17/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:14 GMT
last-modified
Sat, 30 Oct 2021 19:16:27 GMT
server
nginx
x-powered-by
PleskLin
etag
"617d9a0b-92c8"
content-type
image/png
accept-ranges
bytes
content-length
37576
p2_2.png
postamanika.com/70f17/cap/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://postamanika.com/70f17/cap/p2_2.png
Requested by
Host: postamanika.com
URL: https://postamanika.com/70f17/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.175.247.164 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
107-175-247-164-host.colocrossing.com
Software
nginx / PleskLin
Resource Hash
8138be10ba8f34b704e48bf0291317e7de8c0892fd00ee1ef1a1696b1ea5ccab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/70f17/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:14 GMT
last-modified
Sat, 30 Oct 2021 19:16:27 GMT
server
nginx
x-powered-by
PleskLin
etag
"617d9a0b-b216"
content-type
image/png
accept-ranges
bytes
content-length
45590
p3.png
postamanika.com/70f17/cap/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://postamanika.com/70f17/cap/p3.png
Requested by
Host: postamanika.com
URL: https://postamanika.com/70f17/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.175.247.164 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
107-175-247-164-host.colocrossing.com
Software
nginx / PleskLin
Resource Hash
8c8014b809bdfd98c022805c1b412488e84576b649c67094e1cd8f1a2d9ccc97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/70f17/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:14 GMT
last-modified
Sat, 30 Oct 2021 19:16:27 GMT
server
nginx
x-powered-by
PleskLin
etag
"617d9a0b-11b3d"
content-type
image/png
accept-ranges
bytes
content-length
72509
m22.png
postamanika.com/70f17/cap/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://postamanika.com/70f17/cap/m22.png
Requested by
Host: postamanika.com
URL: https://postamanika.com/70f17/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.175.247.164 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
107-175-247-164-host.colocrossing.com
Software
nginx / PleskLin
Resource Hash
a46d0f72aa2bb07f59172949833e34521711c304cb902e200f059cbde189e16c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/70f17/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:14 GMT
last-modified
Sat, 30 Oct 2021 19:16:27 GMT
server
nginx
x-powered-by
PleskLin
etag
"617d9a0b-270a9d"
content-type
image/png
accept-ranges
bytes
content-length
2558621
jquery-3.4.1.slim.min.js
code.jquery.com/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by
Host: postamanika.com
URL: https://postamanika.com/70f17/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

Referer
https://postamanika.com/
Origin
https://postamanika.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:14 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
etag
W/"5cca0c33-1157d"
vary
Accept-Encoding
x-hw
1637634854.dop219.fr8.t,1637634854.cds242.fr8.hn,1637634854.cds260.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24328
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
Requested by
Host: postamanika.com
URL: https://postamanika.com/70f17/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://postamanika.com/
Origin
https://postamanika.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2240113
x-jsd-version
1.16.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19181-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6b26ff50df94690f-FRA
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: postamanika.com
URL: https://postamanika.com/70f17/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://postamanika.com/
Origin
https://postamanika.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
601, 617, 617
access-control-allow-origin
*
cdn-cachedat
2021-08-02 20:41:18
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
337cba4060400f488b44aedd802def5d
cf-ray
6b26ff50dc884351-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
1fhh28gtc
embed.tawk.to/6160cde3157d100a41ab816e/ 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/6160cde3157d100a41ab816e/1fhh28gtc
Requested by
Host: postamanika.com
URL: https://postamanika.com/70f17/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a941e80536f71709b0c035396d38cd0467fcbf766029742dd4cc31f6148b4ff
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://postamanika.com/
Origin
https://postamanika.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
server
cloudflare
etag
W/"stable-v4-619bb958bf7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
6b26ff511fa44e5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
twk-main.js
embed.tawk.to/_s/v4/app/619bb958bf7/js/ 		121 B
183 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/6160cde3157d100a41ab816e/1fhh28gtc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://postamanika.com/
Origin
https://postamanika.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:26 GMT
server
cloudflare
etag
W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff567ca24e5b-FRA
twk-vendor.js
embed.tawk.to/_s/v4/app/619bb958bf7/js/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/6160cde3157d100a41ab816e/1fhh28gtc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://postamanika.com/
Origin
https://postamanika.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35820
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:27 GMT
server
cloudflare
etag
W/"7dcb496e4882926f93f2e73fa87062c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff567ca34e5b-FRA
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/619bb958bf7/js/ 		192 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/6160cde3157d100a41ab816e/1fhh28gtc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fba2ac8608fe3ce05136e27ce4089b57f4354f5b1a277191c55c10540cc52f4
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://postamanika.com/
Origin
https://postamanika.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35820
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:27 GMT
server
cloudflare
etag
W/"92b2650ef9abd40c694a6fa1a15c3c48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff567ca44e5b-FRA
twk-chunk-common.js
embed.tawk.to/_s/v4/app/619bb958bf7/js/ 		138 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/6160cde3157d100a41ab816e/1fhh28gtc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe45eb8bdb029815e2bfb5d1c39f9b9381512f5655c31c9d656a7ec4328a5605
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://postamanika.com/
Origin
https://postamanika.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:26 GMT
server
cloudflare
etag
W/"2f6ae53ada9beab31873f5873e8db6b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff567ca54e5b-FRA
twk-runtime.js
embed.tawk.to/_s/v4/app/619bb958bf7/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/6160cde3157d100a41ab816e/1fhh28gtc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07498eccaad0503cfc73208fc3b9e0488cfee9240284f99876875f9bb147f25a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://postamanika.com/
Origin
https://postamanika.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35820
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:27 GMT
server
cloudflare
etag
W/"1a3c9c0c1b1be5164bf35b919cc58919"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff567ca64e5b-FRA
twk-app.js
embed.tawk.to/_s/v4/app/619bb958bf7/js/ 		151 B
207 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/6160cde3157d100a41ab816e/1fhh28gtc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://postamanika.com/
Origin
https://postamanika.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:26 GMT
server
cloudflare
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff567ca74e5b-FRA
register
va.tawk.to/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/register
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dafe57f9c56915b34c6060391a13c6652b0d17ef9e3b705a2371ba0b382f24b8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://postamanika.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 23 Nov 2021 02:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
visitor-application-preemptive-60pj
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://postamanika.com
vary
Accept-Encoding
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
6b26ff599dfd4ab6-FRA
access-control-allow-headers
content-type,x-tawk-token
widget-settings
va.tawk.to/v1/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=6160cde3157d100a41ab816e&widgetId=1fhh28gtc&sv=undefined
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1229522e5b853e208294ad3dd11a4a6dbab1baff00b142fb40e85fc73656831
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
visitor-application-preemptive-drb3
server
cloudflare
etag
W/"2-4-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
6b26ff598f0c4e5b-FRA
access-control-allow-headers
content-type,x-tawk-token
fr.js
embed.tawk.to/_s/v4/app/619bb958bf7/languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/languages/fr.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d150133b0b1d14ce147cd742f8fea4e996acee610fcde1c7e3551bbc8745ed08
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
37708
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:27 GMT
server
cloudflare
etag
W/"065c921b415531adc84834a6357eb47f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff5c9ce8d711-FRA
twk-chunk-2d0d2b7c.js
embed.tawk.to/_s/v4/app/619bb958bf7/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-2d0d2b7c.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0258bf0904baa243eb5f64f1607f3f568ac3aa3290b3f50f673968c71344c37d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
37655
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:27 GMT
server
cloudflare
etag
W/"722cffb3daa1570354cb1b80cb4846c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff5cbd01d711-FRA
twk-chunk-2d224aff.js
embed.tawk.to/_s/v4/app/619bb958bf7/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-2d224aff.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7969f0e3a1135dea4b63ea9e9c9c54c0bda843879a2704dbe40809478438159d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
37655
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:26 GMT
server
cloudflare
etag
W/"98b5e073210747cdd13205c37726febe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff5cbd02d711-FRA
twk-chunk-f1596d96.js
embed.tawk.to/_s/v4/app/619bb958bf7/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-f1596d96.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9e8c89b5106be48fa1ea9f7b28c6a27cdf9fda37b0fccc9e1c7b07c0811dd99
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
37689
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:27 GMT
server
cloudflare
etag
W/"402637123c53fe10c8d6b9e5b94ee825"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff5cbd03d711-FRA
twk-chunk-48f46bef.js
embed.tawk.to/_s/v4/app/619bb958bf7/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-48f46bef.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e24a15e6d04759c7eb0d018c70b505ae376a9cf6cbc4b5274b47382118b57d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
37653
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:26 GMT
server
cloudflare
etag
W/"452eb3e1a6439160cb3be68b418cf0b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff5cbd04d711-FRA
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/619bb958bf7/js/ 		942 B
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-4fe9d5dd.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
37652
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:26 GMT
server
cloudflare
etag
W/"5f434bdd806571a4e1b385bee9316ff6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff5cbd05d711-FRA
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/619bb958bf7/js/ 		546 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-2d0b9454.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
37652
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:27 GMT
server
cloudflare
etag
W/"09c3819d373bd4178a620d721429fada"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff5cbd06d711-FRA
twk-chunk-f163fcd0.js
embed.tawk.to/_s/v4/app/619bb958bf7/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-f163fcd0.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
37654
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:27 GMT
server
cloudflare
etag
W/"5d825157bfbb4872b9ce8ea19e5eb7e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff5cbd07d711-FRA
twk-chunk-49eb0da8.js
embed.tawk.to/_s/v4/app/619bb958bf7/js/ 		66 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-49eb0da8.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
514fc96d0010bd44c7ce10d0ad77fd4367419e2775759a4145649db8ef3dde01
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
37651
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:27 GMT
server
cloudflare
etag
W/"00cce19eeb65e52a83527d46301299c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff5cbd08d711-FRA
/
vsa38.tawk.to/s/ 		101 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsa38.tawk.to/s/?k=619c53288ff3a3610895891b&cver=0&pop=false&asver=20&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MTYwY2RlMzE1N2QxMDBhNDFhYjgxNmUiLCJ2aWQiOiJkOTgwM2Y5YjEyMjZlNzc0ZWUzMTI4MjIwZjIwMmM5NjAyZTE4ZmRjMTk0MmQ5YjBkODM4ZjVjZWI1NGZkNjNhIiwiaWF0IjoxNjM3NjM0ODU2LCJleHAiOjE2Mzc2MzY2NTYsImp0aSI6IkJvRmRDR1BEX1BqVjA0X2dfaTZXRSJ9.O-3hu2V6zS9p3jNaSn-fd68heusMWvDjKlFrUCqCTChGKUwOsuzQz6LcKNAa1EfILkmCHDk6Rl1OKQ491rr4yA&EIO=3&transport=polling&__t=NrAfDNx
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0850a1f591e570ea943244d6469082a692887e851d24c564e973dac9eb2c4d2a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:16 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://postamanika.com
access-control-allow-credentials
true
cf-ray
6b26ff5cd8bb4ab6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
101
min-widget.css
embed.tawk.to/_s/v4/app/619bb958bf7/css/ Frame 4112 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
37621
cf-polished
origSize=25050
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:26 GMT
server
cloudflare
etag
W/"ca07acfc9643befa104a07a93067f7c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff5d0d4bd711-FRA
cf-bgj
minify
message-preview.css
embed.tawk.to/_s/v4/app/619bb958bf7/css/ Frame 9EF0 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/css/message-preview.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
37606
cf-polished
origSize=37650
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:26 GMT
server
cloudflare
etag
W/"792b46302ed8c4acdf03169ba30069fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff5d1d53d711-FRA
cf-bgj
minify
max-widget.css
embed.tawk.to/_s/v4/app/619bb958bf7/css/ Frame 305A 		72 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/css/max-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89ab7fd53e99ea2991d6e35b55bc1771aab327d0e7a1ffb016a1a7c8f000cd28
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
37606
cf-polished
origSize=74104
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:26 GMT
server
cloudflare
etag
W/"987828ebb230aff2aaeab0ac82354266"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff5d2d5fd711-FRA
cf-bgj
minify
css
fonts.googleapis.com/ Frame 4112 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/css/min-widget.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.tawk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 02:07:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Nov 2021 02:34:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Nov 2021 02:34:16 GMT
bubble-widget.css
embed.tawk.to/_s/v4/app/619bb958bf7/css/ Frame 131F 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/619bb958bf7/css/bubble-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
37628
cf-polished
origSize=13594
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 15:39:26 GMT
server
cloudflare
etag
W/"ce7913b80c763449b3895d46419f7a6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff5d3d67d711-FRA
cf-bgj
minify
css
fonts.googleapis.com/ Frame 9EF0 		7 KB
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/css/message-preview.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.tawk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 02:17:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Nov 2021 02:34:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Nov 2021 02:34:16 GMT
css
fonts.googleapis.com/ Frame 305A 		7 KB
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/css/max-widget.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.tawk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 02:15:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Nov 2021 02:34:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Nov 2021 02:34:16 GMT
168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 131F 		22 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
951142
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 22 May 2021 07:25:19 GMT
server
cloudflare
etag
W/"f66e029841759471d2ec78b86760dca7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6b26ff5d5d77d711-FRA
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame 4112 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://postamanika.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 21:26:28 GMT
x-content-type-options
nosniff
age
18468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 22 Nov 2022 21:26:28 GMT
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 		295 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-vendors.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2440045
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19120-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6b26ff5d98bd4e4f-FRA
/
vsa38.tawk.to/s/ 		77 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsa38.tawk.to/s/?k=619c53288ff3a3610895891b&cver=0&pop=false&asver=20&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MTYwY2RlMzE1N2QxMDBhNDFhYjgxNmUiLCJ2aWQiOiJkOTgwM2Y5YjEyMjZlNzc0ZWUzMTI4MjIwZjIwMmM5NjAyZTE4ZmRjMTk0MmQ5YjBkODM4ZjVjZWI1NGZkNjNhIiwiaWF0IjoxNjM3NjM0ODU2LCJleHAiOjE2Mzc2MzY2NTYsImp0aSI6IkJvRmRDR1BEX1BqVjA0X2dfaTZXRSJ9.O-3hu2V6zS9p3jNaSn-fd68heusMWvDjKlFrUCqCTChGKUwOsuzQz6LcKNAa1EfILkmCHDk6Rl1OKQ491rr4yA&EIO=3&transport=polling&__t=NrAfDVV&sid=-EoTb2qxLgJt92LcHahY
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-vendors.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a5ca0308703d0fcdd8a169c52aa8e4dcab910f1539510f0d1287d24a02e0a93
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:17 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://postamanika.com
access-control-allow-credentials
true
cf-ray
6b26ff5fceadd711-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77
v3
va.tawk.to/log-performance/ 		5 B
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://postamanika.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 23 Nov 2021 02:34:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
visitor-application-preemptive-lvs5
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://postamanika.com
vary
Accept-Encoding
access-control-allow-credentials
true
cf-ray
6b26ff62cb416949-FRA
access-control-allow-headers
content-type,x-tawk-token
/
vsa38.tawk.to/s/ 		4 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsa38.tawk.to/s/?k=619c53288ff3a3610895891b&cver=0&pop=false&asver=20&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MTYwY2RlMzE1N2QxMDBhNDFhYjgxNmUiLCJ2aWQiOiJkOTgwM2Y5YjEyMjZlNzc0ZWUzMTI4MjIwZjIwMmM5NjAyZTE4ZmRjMTk0MmQ5YjBkODM4ZjVjZWI1NGZkNjNhIiwiaWF0IjoxNjM3NjM0ODU2LCJleHAiOjE2Mzc2MzY2NTYsImp0aSI6IkJvRmRDR1BEX1BqVjA0X2dfaTZXRSJ9.O-3hu2V6zS9p3jNaSn-fd68heusMWvDjKlFrUCqCTChGKUwOsuzQz6LcKNAa1EfILkmCHDk6Rl1OKQ491rr4yA&EIO=3&transport=polling&__t=NrAfDct&sid=-EoTb2qxLgJt92LcHahY
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619bb958bf7/js/twk-chunk-vendors.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postamanika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 02:34:17 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://postamanika.com
access-control-allow-credentials
true
cf-ray
6b26ff62c87dd711-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banque Postale (Banking)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| Tawk_API object| Tawk_LoadStart function| $ function| jQuery function| Popper object| bootstrap function| clavier string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| regeneratorRuntime object| Tawk_Window object| emojione

5 Cookies

Domain/Path Name / Value
postamanika.com/ Name: PHPSESSID
Value: rphuvh0pv198sicv4frqhvhv9m
va.tawk.to/ Name: ss
Value: svromqidz8
va.tawk.to/ Name: tawkUUID
Value: QsEcZrNzDGPySfzoTGazK88M%2BfSOxD%2F3yovDUX2spVWvQSh7FqW3hwkKmLyo5g9P%7C%7C2
postamanika.com/ Name: TawkConnectionTime
Value: 0
.postamanika.com/ Name: __tawkuuid
Value: e::postamanika.com::Lpvr5IJMVhpK861HJCt76E7s+ujLtGmJFmhKyR7rnx0OuCAWg1jp3nowlv6Lh7d1::2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jquery.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
postamanika.com
stackpath.bootstrapcdn.com
va.tawk.to
vsa38.tawk.to
107.175.247.164
2001:4de0:ac18::1:a:1b
2606:4700:10::6816:1883
2606:4700:10::6816:1983
2606:4700::6810:5514
2606:4700::6812:acf
2a00:1450:4001:808::2003
2a00:1450:4001:812::200a
0258bf0904baa243eb5f64f1607f3f568ac3aa3290b3f50f673968c71344c37d
07498eccaad0503cfc73208fc3b9e0488cfee9240284f99876875f9bb147f25a
0850a1f591e570ea943244d6469082a692887e851d24c564e973dac9eb2c4d2a
08ac96cbcdec9ec14e257b53d9bfae5ff8d6e233a9bed2d0beab49082b267f97
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
14ae7e0d1f4e2739cd1ac700ec36cfbd0d2072924ccc153f7409ae2696b59c1e
24e24a15e6d04759c7eb0d018c70b505ae376a9cf6cbc4b5274b47382118b57d
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
2fba2ac8608fe3ce05136e27ce4089b57f4354f5b1a277191c55c10540cc52f4
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
3a941e80536f71709b0c035396d38cd0467fcbf766029742dd4cc31f6148b4ff
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
514fc96d0010bd44c7ce10d0ad77fd4367419e2775759a4145649db8ef3dde01
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
6a5ca0308703d0fcdd8a169c52aa8e4dcab910f1539510f0d1287d24a02e0a93
6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
7969f0e3a1135dea4b63ea9e9c9c54c0bda843879a2704dbe40809478438159d
7c4ee816e44f918103b472b9f25f8d6cca02ee7deda0df72b24b358790a760c8
8138be10ba8f34b704e48bf0291317e7de8c0892fd00ee1ef1a1696b1ea5ccab
89ab7fd53e99ea2991d6e35b55bc1771aab327d0e7a1ffb016a1a7c8f000cd28
8c8014b809bdfd98c022805c1b412488e84576b649c67094e1cd8f1a2d9ccc97
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
a46d0f72aa2bb07f59172949833e34521711c304cb902e200f059cbde189e16c
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
b9e8c89b5106be48fa1ea9f7b28c6a27cdf9fda37b0fccc9e1c7b07c0811dd99
bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19
c1229522e5b853e208294ad3dd11a4a6dbab1baff00b142fb40e85fc73656831
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
d150133b0b1d14ce147cd742f8fea4e996acee610fcde1c7e3551bbc8745ed08
dafe57f9c56915b34c6060391a13c6652b0d17ef9e3b705a2371ba0b382f24b8
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
fe45eb8bdb029815e2bfb5d1c39f9b9381512f5655c31c9d656a7ec4328a5605