www.l2ndm.com Open in urlscan Pro
162.214.65.21 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://db-tabacco.com/core/email/ulinv4vxvp
Effective URL:
https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Submission: On November 03 via automatic, source phishtank (November 3rd 2020, 3:18:14 pm UTC)

Summary HTTP 52 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 20 domains to perform 52 HTTP transactions. The main IP is 162.214.65.21, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.l2ndm.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 9th 2020. Valid for: 3 months.

This is the only time www.l2ndm.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Posten Norge (Transportation) Generic Transportation (Transportation) Generic Tracking (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.210.102.37 162.210.102.37	32748 (STEADFAST) (STEADFAST)
12	162.214.65.21 162.214.65.21	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
6	178.33.167.190 178.33.167.190	16276 (OVH) (OVH)
1	94.23.87.92 94.23.87.92	16276 (OVH) (OVH)
1	104.75.89.172 104.75.89.172	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:10c... 2a02:26f0:10c:58e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	18.202.214.229 18.202.214.229	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:e2:... 2606:4700:e2::ac40:8b05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	13.226.132.98 13.226.132.98	16509 (AMAZON-02) (AMAZON-02)
1	13.226.132.117 13.226.132.117	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
1	54.171.113.129 54.171.113.129	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
52	22

1 162.210.102.37 (United States) 1 redirects

ASN32748 (STEADFAST, US)

db-tabacco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 162.214.65.21 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-214-65-21.unifiedlayer.com

www.l2ndm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.33.167.190 (Madrid, Spain)

ASN16276 (OVH, FR)
PTR: ip190.ip-178-33-167.eu

cdn.mycomandia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.87.92 (Spain)

ASN16276 (OVH, FR)
PTR: correosecommerce.com

tienda.correos.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.172 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-75-89-172.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:10c:58e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.202.214.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-214-229.eu-west-1.compute.amazonaws.com

in.taskanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8b05 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.132.98 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-98.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.132.117 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-117.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.113.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-113-129.eu-west-1.compute.amazonaws.com

posten.boost.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	l2ndm.com www.l2ndm.com	491 KB
6	taskanalytics.com in.taskanalytics.com
6	mycomandia.com cdn.mycomandia.com	43 KB
4	jsdelivr.net cdn.jsdelivr.net	83 KB
2	gstatic.com encrypted-tbn0.gstatic.com www.gstatic.com	7 KB
2	googleapis.com translate.googleapis.com fonts.googleapis.com	4 KB
2	hotjar.com static.hotjar.com script.hotjar.com	91 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	googletagmanager.com www.googletagmanager.com	99 KB
2	licdn.com snap.licdn.com	3 KB
1	linkedin.com px.ads.linkedin.com	397 B
1	boost.ai posten.boost.ai	194 KB
1	siteimproveanalytics.com siteimproveanalytics.com	23 KB
1	facebook.net connect.facebook.net	23 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googleadservices.com www.googleadservices.com	11 KB
1	moatads.com z.moatads.com	1 KB
1	correos.es tienda.correos.es	831 B
1	db-tabacco.com 1 redirects db-tabacco.com	251 B
0	scorecardresearch.com Failed b.scorecardresearch.com Failed
52	20

	Domain	Requested by
12	www.l2ndm.com	www.l2ndm.com
6	in.taskanalytics.com	www.l2ndm.com
6	cdn.mycomandia.com	www.l2ndm.com
4	cdn.jsdelivr.net	www.l2ndm.com
2	www.google-analytics.com	www.l2ndm.com
2	www.googletagmanager.com	www.l2ndm.com
2	snap.licdn.com	www.l2ndm.com snap.licdn.com
1	px.ads.linkedin.com	www.l2ndm.com
1	fonts.googleapis.com	www.l2ndm.com
1	www.gstatic.com	www.l2ndm.com
1	posten.boost.ai	www.l2ndm.com
1	encrypted-tbn0.gstatic.com	www.l2ndm.com
1	translate.googleapis.com	www.l2ndm.com
1	script.hotjar.com	www.l2ndm.com
1	static.hotjar.com	www.l2ndm.com
1	siteimproveanalytics.com	www.l2ndm.com
1	connect.facebook.net	www.l2ndm.com
1	static.ads-twitter.com	www.l2ndm.com
1	www.googleadservices.com	www.l2ndm.com
1	z.moatads.com	www.l2ndm.com
1	tienda.correos.es	www.l2ndm.com
1	db-tabacco.com	1 redirects
0	b.scorecardresearch.com Failed	www.l2ndm.com
52	23

This site contains no links.

Subject Issuer	Validity	Valid
cpcalendars.l2ndm.com Let's Encrypt Authority X3	`2020-10-09` - `2021-01-07`	3 months	crt.sh
*.mycomandia.com DigiCert SHA2 Secure Server CA	`2019-11-06` - `2022-01-03`	2 years	crt.sh
tienda.correos.es Entrust Certification Authority - L1K	`2019-04-01` - `2021-04-01`	2 years	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.taskanalytics.com COMODO RSA Domain Validation Secure Server CA	`2017-12-11` - `2021-01-07`	3 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-06` - `2021-08-06`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
*.hotjar.com Amazon	`2020-01-22` - `2021-02-22`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.boost.ai Sectigo RSA Domain Validation Secure Server CA	`2019-10-31` - `2021-10-30`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Frame ID: 5D0996A94803E674DDA80243B83B2398
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://db-tabacco.com/core/email/ulinv4vxvp HTTP 302
https://www.l2ndm.com/del/postjhen/posten/ Page URL
https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country= Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

52
Requests

92 %
HTTPS

50 %
IPv6

20
Domains

23
Subdomains

22
IPs

6
Countries

1096 kB
Transfer

2758 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://db-tabacco.com/core/email/ulinv4vxvp HTTP 302
https://www.l2ndm.com/del/postjhen/posten/ Page URL
https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://db-tabacco.com/core/email/ulinv4vxvp HTTP 302
https://www.l2ndm.com/del/postjhen/posten/

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set / Show response
www.l2ndm.com/del/postjhen/posten/
Redirect Chain

http://db-tabacco.com/core/email/ulinv4vxvp
https://www.l2ndm.com/del/postjhen/posten/

162 B
543 B

2176ms
1531ms

Document
text/html

162.214.65.21
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.l2ndm.com/del/postjhen/posten/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.65.21 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-214-65-21.unifiedlayer.com
Software: Apache /
Resource Hash: 85e142ad092d48be688f6e030bd4866475db77e0b7431820d92fc33f396948f6

Request headers

Host: www.l2ndm.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:37 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=76fed538a0c9dd1ffee994689fbb3655; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 03 Nov 2020 15:17:36 GMT
Server: Apache
Location: https://www.l2ndm.com/del/postjhen/posten/
Content-Length: 226
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK Primary Request / Show response
www.l2ndm.com/del/postjhen/posten/manage/ 305 KB
306 KB 174ms
173ms Document
text/html 162.214.65.21
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.65.21 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-214-65-21.unifiedlayer.com
Software: Apache /
Resource Hash: 338dbfbcc26613eaf96ebfb6dad7f60c84e8f20d208ade23860481c4e21f01e3

Request headers

Host: www.l2ndm.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://www.l2ndm.com/del/postjhen/posten/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: PHPSESSID=76fed538a0c9dd1ffee994689fbb3655
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.l2ndm.com/del/postjhen/posten/

Response headers

Date: Tue, 03 Nov 2020 15:17:39 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK bootstrap.min.css
cdn.mycomandia.com/static/shop/common/bundle/bootstrap-4.1.0/css/ 137 KB
25 KB 191ms
66ms Stylesheet
text/css 178.33.167.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mycomandia.com/static/shop/common/bundle/bootstrap-4.1.0/css/bootstrap.min.css?v=2019.12.17
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.167.190 Madrid, Spain, ASN16276 (OVH, FR),
Reverse DNS: ip190.ip-178-33-167.eu
Software: nginx /
Resource Hash: 34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Apr 2018 20:31:08 GMT
Server: nginx
ETag: W/"5ade428c-22485"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Backend: 1
Connection: keep-alive
Expires: Wed, 03 Nov 2021 15:17:39 GMT

GET
H/1.1 200
OK validationEngine.jquery.css
cdn.mycomandia.com/static/shop/common/css/ 3 KB
1 KB 284ms
107ms Stylesheet
text/css 178.33.167.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mycomandia.com/static/shop/common/css/validationEngine.jquery.css?v=2019.12.17
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.167.190 Madrid, Spain, ASN16276 (OVH, FR),
Reverse DNS: ip190.ip-178-33-167.eu
Software: nginx /
Resource Hash: cd363d0f8425d6b271c14ee5d6a8d693c3aa1323b64979b69c69d26661927303

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Aug 2015 21:41:08 GMT
Server: nginx
ETag: W/"55ce6074-d06"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Backend: 1
Connection: keep-alive
Expires: Wed, 03 Nov 2021 15:17:39 GMT

GET
H/1.1 200
OK flaticon.css
cdn.mycomandia.com/static/shop/common/fonts/flaticon/ 1 KB
2 KB 284ms
82ms Stylesheet
text/css 178.33.167.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mycomandia.com/static/shop/common/fonts/flaticon/flaticon.css?v=2019.12.17
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.167.190 Madrid, Spain, ASN16276 (OVH, FR),
Reverse DNS: ip190.ip-178-33-167.eu
Software: nginx /
Resource Hash: 2650ffdcb2bf4147d062825fee353bd86e80c1f1c22c0b29ea856fdd3213e0a3

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:39 GMT
Last-Modified: Mon, 02 Sep 2019 16:03:52 GMT
Server: nginx
ETag: "5d6d3d68-4ba"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Backend: 1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1210
Expires: Wed, 03 Nov 2021 15:17:39 GMT

GET
H/1.1 200
OK fontawesome-all.min.css
cdn.mycomandia.com/static/shop/common/bundle/font-awesome-5/web-fonts-with-css/css/ 36 KB
9 KB 287ms
53ms Stylesheet
text/css 178.33.167.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mycomandia.com/static/shop/common/bundle/font-awesome-5/web-fonts-with-css/css/fontawesome-all.min.css?v=2019.12.17
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.167.190 Madrid, Spain, ASN16276 (OVH, FR),
Reverse DNS: ip190.ip-178-33-167.eu
Software: nginx /
Resource Hash: cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Apr 2018 20:31:08 GMT
Server: nginx
ETag: W/"5ade428c-8ef7"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Backend: 1
Connection: keep-alive
Expires: Wed, 03 Nov 2021 15:17:39 GMT

GET
H/1.1 200
OK new-style.css
www.l2ndm.com/del/postjhen/posten/manage/file/ 69 KB
69 KB 513ms
169ms Stylesheet
text/css 162.214.65.21
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.l2ndm.com/del/postjhen/posten/manage/file/new-style.css
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.65.21 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-214-65-21.unifiedlayer.com
Software: Apache /
Resource Hash: c114ac82e20a42a83b74b5cc501010ee1e43f8fd4ef83a79421fd6677891ea7d

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:39 GMT
Last-Modified: Mon, 02 Nov 2020 00:57:45 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 70502

GET
H/1.1 200
OK common-dynamic.css
tienda.correos.es/css/ 519 B
831 B 325ms
226ms Stylesheet
text/css 94.23.87.92
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tienda.correos.es/css/common-dynamic.css
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.23.87.92 , Spain, ASN16276 (OVH, FR),
Reverse DNS: correosecommerce.com
Software: nginx /
Resource Hash: fdcb0b24c450c291ff671a4796be86d9220675a2ef20b1ba9967cd93d6b3aa64

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:39 GMT
Server: nginx
X-IPLB-Request-ID: B9D4AB43:E478_5E17575C:01BB_5FA17493_27BA8:14CE8
X-IPLB-Instance: 35326
Content-Type: text/css
Cache-control: private
Backend: 2
Content-Length: 519

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 71ms
23ms Script
application/x-javascript 104.75.89.172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.172 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-75-89-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:17:39 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 3DA20F33DFB043F4
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=37375
accept-ranges: bytes
content-length: 948
x-amz-id-2: g7+QTkfgFpKXdjIV1ns3PedgNVHG4mi9TLupYfjziOmGieTRD5DTu0V21U3C4oqBbTG5njMGxL0=

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
11 KB 34ms
34ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

0bfb81a6d3e2ed2e0cb381a9f933355ff00e64cd0d80724e83559861cad12711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:17:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11472
x-xss-protection: 0
server: cafe
etag: 8286593240961886057
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Nov 2020 15:17:41 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 10ms
10ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=10156
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
37 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c

Requested by

Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5518ebc08cebc11c7e6b0997f259535e96c090b64927547f36c2953fc718710c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:17:41 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38242
x-xss-protection: 0
last-modified: Tue, 03 Nov 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Nov 2020 15:17:41 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 72ms
23ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:17:41 GMT
content-encoding: gzip
age: 63904
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1958
x-served-by: cache-hhn4056-HHN
last-modified: Wed, 21 Oct 2020 21:46:56 GMT
x-timer: S1604416662.614564,VS0,VE0
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
23 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-trip-id: 664085054
pragma: public
x-fb-debug: R0H8YIs8p1KCAhw1g8HMH0M7UCgHlJQxWxn+ysAueycmQwFuStXjNk45d8sb3SiSHkCAhIAio8ori/8iDJhJbw==
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
date: Tue, 03 Nov 2020 15:17:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
vary: Accept-Encoding
content-length: 23070
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK f.txt Show response
www.l2ndm.com/del/postjhen/posten/manage/file/ 29 KB
29 KB 533ms
177ms Script
text/plain 162.214.65.21
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.l2ndm.com/del/postjhen/posten/manage/file/f.txt
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.65.21 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-214-65-21.unifiedlayer.com
Software: Apache /
Resource Hash: 677393ba495795a3d8ad7c585d8f593c1f3f8df3d6100995ac3aea8b2f785058

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:42 GMT
Last-Modified: Mon, 02 Nov 2020 00:57:45 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 29682

GET
H/1.1 200
OK js Show response
www.l2ndm.com/del/postjhen/posten/manage/file/ 84 KB
84 KB 178ms
178ms Script
text/plain 162.214.65.21
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.l2ndm.com/del/postjhen/posten/manage/file/js
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.65.21 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-214-65-21.unifiedlayer.com
Software: Apache /
Resource Hash: 6a8e46cbefc58dbc1b2f11902814d141b0c76200257c9144c5b0a025e535aa4e

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:42 GMT
Last-Modified: Mon, 02 Nov 2020 00:57:45 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 85977

GET
H/1.1 200
OK 1.txt Show response
www.l2ndm.com/del/postjhen/posten/manage/file/ 263 B
506 B 535ms
177ms Script
text/plain 162.214.65.21
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.l2ndm.com/del/postjhen/posten/manage/file/1.txt
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.65.21 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-214-65-21.unifiedlayer.com
Software: Apache /
Resource Hash: c941476875f1024e95df21890a7eb5eddc4acd304a54a8c3b0b033f3356bdaf1

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:39 GMT
Last-Modified: Mon, 02 Nov 2020 00:57:45 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 263

GET
H/1.1 200
OK 1(1).txt Show response
www.l2ndm.com/del/postjhen/posten/manage/file/ 1 KB
2 KB 556ms
185ms Script
text/plain 162.214.65.21
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.l2ndm.com/del/postjhen/posten/manage/file/1(1).txt
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.65.21 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-214-65-21.unifiedlayer.com
Software: Apache /
Resource Hash: ea0ff8a36f44af31d5379e7c0a28551018e697d4d424f9f31cdd37ed8891616d

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:39 GMT
Last-Modified: Mon, 02 Nov 2020 00:57:45 GMT
Server: Apache
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1529

GET
H/1.1 404
Not Found moatframe.js.t%C3%A9l%C3%A9chargement
www.l2ndm.com/del/postjhen/posten/manage/file/ 0
0 1116ms
595ms Script
text/html 162.214.65.21
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.l2ndm.com/del/postjhen/posten/manage/file/moatframe.js.t%C3%A9l%C3%A9chargement
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.65.21 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-214-65-21.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:39 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://www.l2ndm.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 403
Forbidden tm.js
in.taskanalytics.com/00012/ 0
0 148ms
41ms Script
text/html 18.202.214.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.taskanalytics.com/00012/tm.js?r=&1595299259862
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.214.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-214-229.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:42 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: origin
Content-Type: text/html; charset=utf-8
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 7

GET
H/1.1 403
Forbidden tm.js
in.taskanalytics.com/00012/ 0
0 37ms
37ms Script
text/html 18.202.214.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.taskanalytics.com/00012/tm.js?r=&1595299259698
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.214.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-214-229.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:42 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: origin
Content-Type: text/html; charset=utf-8
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 7

GET
H/1.1 403
Forbidden tm.js
in.taskanalytics.com/00012/ 0
0 38ms
37ms Script
text/html 18.202.214.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.taskanalytics.com/00012/tm.js?r=&1595299259690
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.214.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-214-229.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:42 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: origin
Content-Type: text/html; charset=utf-8
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 7

GET
H2 200 siteanalyze_6015663.js Show response
siteimproveanalytics.com/js/ 93 KB
23 KB 31ms
15ms Script
application/javascript 2606:4700:e2::ac40:8b05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_6015663.js
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ab43d7932cf19798539b65cd0acdaeab317c983f678a4bd985493c5b6f19ae0

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:17:42 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2341
cf-ray: 5ec7104f5b05177e-FRA
status: 200
content-length: 22488
x-amz-id-2: Uw970Wi3dr5xs2AAQ338vLL/9Q6RBHyr7/2Eg2NMthrYwKL0yEYYY29JX5+K2ZOXvuuiQuiNW2Y=
last-modified: Tue, 27 Oct 2020 17:49:18 GMT
server: cloudflare
etag: "a6e200e7f3b63fc91ad362d2d6026fad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qteVajqOb9t5m%2BYAm3V3QQAfIMkuBYanL%2Fg7mbq4IJ22dl1U%2BV17rQz%2Bw1k6dxdRNHePt56Shcc3Foy4eFOrGFnM4%2Bbz64zd3l99%2BMZTt%2BkwCUQ5l%2BJGzfo1nee2p2Z75jzl9us%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: DBCDA4C044DDA06A
cache-control: max-age=86400, no-transform
cf-request-id: 06304885940000177ed60ca000000001
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 235 KB
62 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M83DX4

Requested by

Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6fec8340f36d68cc3096e583771269e2609516c8843b117703df1ecac022121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:17:42 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63313
x-xss-protection: 0
last-modified: Tue, 03 Nov 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Nov 2020 15:17:42 GMT

GET
H/1.1 403
Forbidden tm.js
in.taskanalytics.com/00012/ 0
0 37ms
36ms Script
text/html 18.202.214.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.taskanalytics.com/00012/tm.js?r=&1595293061872
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.214.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-214-229.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:43 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: origin
Content-Type: text/html; charset=utf-8
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 7

GET
H/1.1 403
Forbidden tm.js
in.taskanalytics.com/00012/ 0
0 47ms
47ms Script
text/html 18.202.214.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.taskanalytics.com/00012/tm.js?r=&1595293061723
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.214.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-214-229.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:43 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: origin
Content-Type: text/html; charset=utf-8
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 7

GET
H2 200 fonts.css
cdn.jsdelivr.net/npm/@posten/hedwig@11/assets/ 2 KB
648 B 9ms
8ms Stylesheet
text/css 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@posten/hedwig@11/assets/fonts.css

Requested by

Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

304a57945a1b44c2f502ddb3d2b2f315f7baa57c4c3f1f47c00f499f71ef38c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 914
x-cache: HIT, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 542
etag: W/"855-mRW2/GJzwxRji+sy+ksrjfYsJnE"
x-served-by: cache-fra19177-FRA, cache-hhn4057-HHN
date: Tue, 03 Nov 2020 15:17:39 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 posten.css
cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/ 211 KB
28 KB 8ms
7ms Stylesheet
text/css 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/posten.css

Requested by

Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

15fe5eb8bea05d6d4b49245b36c4b56c382d4309ef8bd83117a8766a68581e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 7897
x-cache: HIT, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 28784
etag: W/"34a55-5EM3YCMW2dRcd3CeCqGQoJ5Pvm0"
x-served-by: cache-fra19124-FRA, cache-hhn4057-HHN
date: Tue, 03 Nov 2020 15:17:39 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 404
Not Found postenstyle.css
www.l2ndm.com/_/asset/no.posten.website:1594301215/css/ 0
0 777ms
587ms Stylesheet
text/html 162.214.65.21
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.l2ndm.com/_/asset/no.posten.website:1594301215/css/postenstyle.css
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.65.21 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-214-65-21.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:39 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://www.l2ndm.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1010 B 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 14:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1511
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Tue, 03 Nov 2020 15:52:32 GMT

GET
H/1.1 403
Forbidden tm.js
in.taskanalytics.com/00012/ 0
0 38ms
38ms Script
text/html 18.202.214.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.taskanalytics.com/00012/tm.js?r=&1595285185398
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.214.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-214-229.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:43 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: origin
Content-Type: text/html; charset=utf-8
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 7

GET
H2 200 hotjar-507531.js Show response
static.hotjar.com/c/ 8 KB
3 KB 45ms
45ms Script
application/javascript 13.226.132.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-507531.js?sv=7

Requested by

Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.132.98 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-132-98.dus51.r.cloudfront.net

Software

Resource Hash

a03dd15a1d63be02019f04663c6b50b3b7dddb10641b953691537fda24d2e754

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:16:53 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 50
etag: W/c94c4a581d03dc6e71ec3d5d9af72c41
status: 200
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: DUS51-C1
vary: Accept-Encoding
x-amz-cf-id: 8syJfJgF19BTAEPgaJI2tZiCp25Vi0tHfskG6MPxLFGiWCTShzUcdA==
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 115
date: Tue, 03 Nov 2020 15:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 03 Nov 2020 17:15:48 GMT

GET
H2 200 modules.a1fbf755044ca8f629ba.js Show response
script.hotjar.com/ 424 KB
87 KB 24ms
24ms Script
application/javascript 13.226.132.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a1fbf755044ca8f629ba.js

Requested by

Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.132.117 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-132-117.dus51.r.cloudfront.net

Software

Resource Hash

58917f9294af6a0c36358b92c7ac0250b7b21c35dc4db4332920430fb01822a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2178492
x-cache: Hit from cloudfront
status: 200
content-length: 88758
access-control-allow-origin: *
last-modified: Wed, 22 Jul 2020 09:42:49 GMT
etag: "db69fc2480d3485a988c1628d311d0c0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: CPS-INW-O1yLzzd9iSI68dZlxflSiy6-8-I8EX24iW-m__Y11-Nbow==

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 637
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 03 Nov 2020 16:07:02 GMT

GET
H/1.1 200
OK correos-paq-72-mini.png
cdn.mycomandia.com/static/logos/ 3 KB
3 KB 31ms
31ms Image
image/png 178.33.167.190
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mycomandia.com/static/logos/correos-paq-72-mini.png
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.167.190 Madrid, Spain, ASN16276 (OVH, FR),
Reverse DNS: ip190.ip-178-33-167.eu
Software: nginx /
Resource Hash: 6b893870132bba9a631cc37ba38974a715e5092c2d95d2051a62f98f94d0673c

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:43 GMT
Last-Modified: Mon, 22 Jun 2020 21:05:48 GMT
Server: nginx
ETag: "5ef11d2c-b78"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Backend: 1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2936
Expires: Wed, 03 Nov 2021 15:17:43 GMT

GET
H/1.1 200
OK correos-paq72.png
cdn.mycomandia.com/static/logos/ 2 KB
2 KB 31ms
31ms Image
image/png 178.33.167.190
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mycomandia.com/static/logos/correos-paq72.png
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.167.190 Madrid, Spain, ASN16276 (OVH, FR),
Reverse DNS: ip190.ip-178-33-167.eu
Software: nginx /
Resource Hash: 5d2fb215dbbcbfd1bd663a0cdeaf31c63abde8c6f20aa63551733ebc498bf605

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:43 GMT
Last-Modified: Mon, 07 Sep 2020 21:01:44 GMT
Server: nginx
ETag: "5f569fb8-7b8"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Backend: 1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1976
Expires: Wed, 03 Nov 2021 15:17:43 GMT

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 6 KB
6 KB 39ms
14ms Image
image/jpeg 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn%3AANd9GcQTrX8MP4pA-vzwCA0DiAM71Fj69Cm9CP7aY7NITLF99rsGcwM9

Requested by

Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fb41ab8877699782e17566fafad17e01b8d04b840db658583cb0d3b9508fff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:17:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Dec 2017 03:23:06 GMT
server: sffe
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6238
x-xss-protection: 0
expires: Wed, 03 Nov 2021 15:17:43 GMT

GET
H/1.1 404
Not Found bundle.js
www.l2ndm.com/_/asset/no.posten.website:1594301215/js/ 0
0 616ms
615ms Script
text/html 162.214.65.21
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.l2ndm.com/_/asset/no.posten.website:1594301215/js/bundle.js
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.65.21 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-214-65-21.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:40 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://www.l2ndm.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=99
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 main.js Show response
cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/ 157 KB
53 KB 7ms
7ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/main.js

Requested by

Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2544123c21b8c47d0570dfbf2e4d45e4a3510bdcb3a73744be388937cf119484

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 7895
x-cache: HIT, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 54132
etag: W/"274b1-z7x9/P1uA4Ch9pkpf7ZHskRqITg"
x-served-by: cache-fra19176-FRA, cache-hhn4057-HHN
date: Tue, 03 Nov 2020 15:17:40 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 icons.min.js Show response
cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/ 485 B
430 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/icons.min.js

Requested by

Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f660ca0badb23ddca91dd3b86c7a538d64c5acab3327a981942f792484ef631f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 7935
x-cache: HIT, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 325
etag: W/"1e5-WAbOTOVCBaDeieReJgLvn/XKjp4"
x-served-by: cache-fra19135-FRA, cache-hhn4057-HHN
date: Tue, 03 Nov 2020 15:17:40 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 chatPanel.js Show response
posten.boost.ai/chatPanel/ 658 KB
194 KB 124ms
43ms Script
application/javascript 54.171.113.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://posten.boost.ai/chatPanel/chatPanel.js

Requested by

Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.113.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-113-129.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

27e04533076978dfac703a4e86b2376adfa055ef9523e60c991e3d4ed7390c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=94608000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:17:41 GMT
content-encoding: gzip
status: 200
strict-transport-security: max-age=94608000; includeSubDomains
last-modified: Sun, 01 Nov 2020 18:02:14 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "a46a7-5b30f6e00cf1b-gzip"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
cache-control: max-age=600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: content-type, X-Requested-With, accept, Origin, Access-Control-Request-Method, Access-Control-Request-Headers, X-CSRF-TOKEN, X-XSRF-TOKEN, X-XHR-Logon
expires: Tue, 03 Nov 2020 15:27:41 GMT

GET
H/1.1 404
Not Found chatbot.js
www.l2ndm.com/_/asset/no.posten.website:1594301215/js/ 0
0 473ms
473ms Script
text/html 162.214.65.21
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.l2ndm.com/_/asset/no.posten.website:1594301215/js/chatbot.js
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.65.21 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-214-65-21.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:41 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://www.l2ndm.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=99
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
886 B 6ms
6ms Image
image/png 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 09:27:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 21023
vary: Origin
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Wed, 03 Nov 2021 09:27:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
642 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700

Requested by

Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/file/new-style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0720becb39f5eb1f8fb3194ff3c80bbcba445f6eb628223b8e5713ed1eadd594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/file/new-style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Nov 2020 13:59:31 GMT
server: ESF
date: Tue, 03 Nov 2020 15:17:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Nov 2020 15:17:40 GMT

GET beacon.js
b.scorecardresearch.com/ 0
0

GET
H/1.1 404
Not Found moatframe.js.t%C3%A9l%C3%A9chargement
www.l2ndm.com/del/postjhen/posten/manage/file/ 0
0 493ms
492ms Script
text/html 162.214.65.21
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.l2ndm.com/del/postjhen/posten/manage/file/moatframe.js.t%C3%A9l%C3%A9chargement
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.65.21 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-214-65-21.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:40 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://www.l2ndm.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=98
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET beacon.js
b.scorecardresearch.com/ 0
0

GET moatframe.js.t%C3%A9l%C3%A9chargement
www.l2ndm.com/del/postjhen/posten/manage/file/ 0
0

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:17:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Sep 2020 20:29:41 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=75746
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 collect
px.ads.linkedin.com/ 0
397 B 175ms
174ms Image
application/javascript 2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&url=https%3A%2F%2Fwww.l2ndm.com%2Fdel%2Fpostjhen%2Fposten%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D&time=1604416663345
Requested by: Host: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.l2ndm.com/del/postjhen/posten/manage/?view=login&appIdKey=fcd00c0656cc490&country=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:17:43 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: oH4Ca3QIRBawVEQsRisAAA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b.scorecardresearch.com
URL: http://b.scorecardresearch.com/beacon.js

Domain: b.scorecardresearch.com
URL: http://b.scorecardresearch.com/beacon.js

Domain: b.scorecardresearch.com
URL: http://b.scorecardresearch.com/beacon.js

Domain: www.l2ndm.com
URL: https://www.l2ndm.com/del/postjhen/posten/manage/file/moatframe.js.t%C3%A9l%C3%A9chargement

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Posten Norge (Transportation) Generic Transportation (Transportation) Generic Tracking (Transportation)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.scorecardresearch.com
cdn.jsdelivr.net
cdn.mycomandia.com
connect.facebook.net
db-tabacco.com
encrypted-tbn0.gstatic.com
fonts.googleapis.com
in.taskanalytics.com
posten.boost.ai
px.ads.linkedin.com
script.hotjar.com
siteimproveanalytics.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
tienda.correos.es
translate.googleapis.com
www.google-analytics.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.l2ndm.com
z.moatads.com
b.scorecardresearch.com
www.l2ndm.com
104.75.89.172
13.226.132.117
13.226.132.98
151.101.112.157
162.210.102.37
162.214.65.21
178.33.167.190
18.202.214.229
216.58.206.2
2606:4700:e2::ac40:8b05
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:814::2003
2a00:1450:4001:816::200e
2a00:1450:4001:817::200e
2a00:1450:4001:81a::200a
2a02:26f0:10c:58e::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42:1b::621
2a05:f500:11:101::b93f:9005
54.171.113.129
94.23.87.92
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0720becb39f5eb1f8fb3194ff3c80bbcba445f6eb628223b8e5713ed1eadd594
0bfb81a6d3e2ed2e0cb381a9f933355ff00e64cd0d80724e83559861cad12711
0fb41ab8877699782e17566fafad17e01b8d04b840db658583cb0d3b9508fff4
15fe5eb8bea05d6d4b49245b36c4b56c382d4309ef8bd83117a8766a68581e19
1ab43d7932cf19798539b65cd0acdaeab317c983f678a4bd985493c5b6f19ae0
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
2544123c21b8c47d0570dfbf2e4d45e4a3510bdcb3a73744be388937cf119484
2650ffdcb2bf4147d062825fee353bd86e80c1f1c22c0b29ea856fdd3213e0a3
27e04533076978dfac703a4e86b2376adfa055ef9523e60c991e3d4ed7390c93
304a57945a1b44c2f502ddb3d2b2f315f7baa57c4c3f1f47c00f499f71ef38c2
338dbfbcc26613eaf96ebfb6dad7f60c84e8f20d208ade23860481c4e21f01e3
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
5518ebc08cebc11c7e6b0997f259535e96c090b64927547f36c2953fc718710c
58917f9294af6a0c36358b92c7ac0250b7b21c35dc4db4332920430fb01822a3
5d2fb215dbbcbfd1bd663a0cdeaf31c63abde8c6f20aa63551733ebc498bf605
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
677393ba495795a3d8ad7c585d8f593c1f3f8df3d6100995ac3aea8b2f785058
6a8e46cbefc58dbc1b2f11902814d141b0c76200257c9144c5b0a025e535aa4e
6b893870132bba9a631cc37ba38974a715e5092c2d95d2051a62f98f94d0673c
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
85e142ad092d48be688f6e030bd4866475db77e0b7431820d92fc33f396948f6
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
a03dd15a1d63be02019f04663c6b50b3b7dddb10641b953691537fda24d2e754
c114ac82e20a42a83b74b5cc501010ee1e43f8fd4ef83a79421fd6677891ea7d
c6fec8340f36d68cc3096e583771269e2609516c8843b117703df1ecac022121
c941476875f1024e95df21890a7eb5eddc4acd304a54a8c3b0b033f3356bdaf1
cd363d0f8425d6b271c14ee5d6a8d693c3aa1323b64979b69c69d26661927303
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ea0ff8a36f44af31d5379e7c0a28551018e697d4d424f9f31cdd37ed8891616d
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f660ca0badb23ddca91dd3b86c7a538d64c5acab3327a981942f792484ef631f
fdcb0b24c450c291ff671a4796be86d9220675a2ef20b1ba9967cd93d6b3aa64

www.l2ndm.com Open in urlscan Pro 162.214.65.21 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

92 %HTTPS

50 %IPv6

20 Domains

23 Subdomains

22 IPs

6 Countries

1096 kBTransfer

2758 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.l2ndm.com Open in urlscan Pro
162.214.65.21 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

92 %
HTTPS

50 %
IPv6

20
Domains

23
Subdomains

22
IPs

6
Countries

1096 kB
Transfer

2758 kB
Size

0
Cookies

52 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!