postnordes.tworder.com Open in urlscan Pro
104.21.7.213 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://eds-map.com/file_search.php?urls=dY0p5xa0W1Nn
Effective URL:
https://postnordes.tworder.com/get/57IC95MV30R40/
Submission: On September 05 via manual (September 5th 2024, 10:27:13 am UTC) from SE — Scanned from SE

Summary HTTP 15 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 104.21.7.213, located in and belongs to CLOUDFLARENET, US. The main domain is postnordes.tworder.com.
TLS certificate: Issued by WE1 on September 3rd 2024. Valid for: 3 months.

This is the only time postnordes.tworder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.160.50 172.67.160.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	104.21.7.213 104.21.7.213	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
1	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
15	5

1 172.67.160.50 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

eds-map.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.21.7.213 (None, )

ASN13335 (CLOUDFLARENET, US)

postnordes.tworder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	tworder.com postnordes.tworder.com	331 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 ajax.googleapis.com — Cisco Umbrella Rank: 641	31 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	eds-map.com 1 redirects eds-map.com	502 B
15	4

	Domain	Requested by
11	postnordes.tworder.com	postnordes.tworder.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ajax.googleapis.com	postnordes.tworder.com
1	fonts.googleapis.com	postnordes.tworder.com
1	eds-map.com	1 redirects
15	5

This site contains links to these domains. Also see Links.

Domain
www.postnord.se

Subject Issuer	Validity	Valid
tworder.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://postnordes.tworder.com/get/57IC95MV30R40/
Frame ID: 68E210EB2BB191A0022984343EF7814D
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Varorna har redan betalats Macbook pro 2015 | PostNord

Page URL History Show full URLs

https://eds-map.com/file_search.php?urls=dY0p5xa0W1Nn HTTP 302
https://postnordes.tworder.com/get/57IC95MV30R40/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

93 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

377 kB
Transfer

1161 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.postnord.se/en/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://eds-map.com/file_search.php?urls=dY0p5xa0W1Nn HTTP 302
https://postnordes.tworder.com/get/57IC95MV30R40/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
postnordes.tworder.com/get/57IC95MV30R40/
Redirect Chain

https://eds-map.com/file_search.php?urls=dY0p5xa0W1Nn
https://postnordes.tworder.com/get/57IC95MV30R40/

163 KB
16 KB

3853ms
3229ms

Document
text/html

104.21.7.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postnordes.tworder.com/get/57IC95MV30R40/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.7.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fbf71605724e681e578114900cba1caa9571c459ac6f4bd250284517a4bc8e5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8be58618facbbbf5-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 05 Sep 2024 10:26:58 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7p55F7L6imjIDShBF7H27MY1l%2F5eGJW6LTkn%2FexO6M7KoryaE18RTOp4C8%2Fx3uVutaOphixkRCnxRC%2BsEwQI%2FDYp%2F1shSZ2V%2BU5yUeNJBLRz4FN4QyNMIgHc9ePCLp3xUxDbQ5JLYeUz"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8be586087cf865de-FRA
content-type: text/html; charset=UTF-8
date: Thu, 05 Sep 2024 10:26:54 GMT
location: https://postnordes.tworder.com/get/57IC95MV30R40/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7LOSLf9vgRf28M7VCwHkXCcrVOlujK1%2FBUb4Mvl0QJs0m0HgNaZAmOIMnmAkZdGgzQ2LlGDooTHScdjfwtXMG2TeogKU494Nwfhg6AdYeIwYkcKzKUs%2BjuZUfW0a5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 stylecopy.css
postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/ 565 KB
74 KB 1293ms
1292ms Stylesheet
text/css 104.21.7.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/stylecopy.css
Requested by: Host: postnordes.tworder.com
URL: https://postnordes.tworder.com/get/57IC95MV30R40/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.7.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87fe54a2f7dd92f0fcc7aa9685793a387c58a1292d864ea2e09aeaf9d590d783

Request headers

Referer: https://postnordes.tworder.com/get/57IC95MV30R40/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 10:26:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 07 Aug 2024 09:21:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b33c93-8d4d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nbjzcm%2Bp%2BKYrLuqwAUnhi%2BVNHN59idm%2F15nhvRXnoNa1ffUQ7DZkMHYznMJ9b9olD5EONLZqi7oOJCgcY55DvNOTmRX%2BXDZ4iKK9s9Hkh8j7n6AQh%2BIaZYbDzJjWNv2k1OBQYZm2mVLR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8be5862d3a69bbf5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 styleinpages1.css
postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/ 84 KB
12 KB 771ms
771ms Stylesheet
text/css 104.21.7.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/styleinpages1.css
Requested by: Host: postnordes.tworder.com
URL: https://postnordes.tworder.com/get/57IC95MV30R40/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.7.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5684a667b28775fc92b30769ec2745ecfe2b38dcb95d045c8b4edbac58117c2

Request headers

Referer: https://postnordes.tworder.com/get/57IC95MV30R40/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 10:26:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 07 Aug 2024 09:21:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b33c93-15171"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sQZtxmqiVYdedmyd3vD96j2fafYWVsUbLgtO%2BjO19kOLtxSDe%2FHxhcdHfWszSJ3iQf%2FCjbNg2UKF7Rho3M26EuMldsBuB27%2FZOGW%2BbTFSVXuQ77oim89pp4Epw3I11jwD85zLaFRjtnC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8be5862d3a6abbf5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 styleinpages2.css
postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/ 26 KB
3 KB 745ms
744ms Stylesheet
text/css 104.21.7.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/styleinpages2.css
Requested by: Host: postnordes.tworder.com
URL: https://postnordes.tworder.com/get/57IC95MV30R40/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.7.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f1945a70f5df7fbb68eddd3861935610482579f1009427f4a00a22a34455998

Request headers

Referer: https://postnordes.tworder.com/get/57IC95MV30R40/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 10:26:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 07 Aug 2024 09:21:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b33c93-67ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kq9qnqdO0PCRFM5be7tLwXYbRpv0gKCS14V1jqZmzyxnEYy56LbFNYPfc37LM2cT8g5PWc%2BZf5MkVRabFEJFwH6hf%2FIgLZPg53eEcYqQYjrfouhFLm6gGY3YPycT%2BHSNUCZQjLRA5AXE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8be5862d3a6dbbf5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
982 B 2418ms
1026ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap

Requested by

Host: postnordes.tworder.com
URL: https://postnordes.tworder.com/get/57IC95MV30R40/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

9992412bb27e6f7246168320dd4efece61b87f8cdc3cb10bb568c5f5ebc4afa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://postnordes.tworder.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Sep 2024 10:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Sep 2024 08:39:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Sep 2024 10:27:00 GMT

GET
H3 200 operator-img.png
postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/gen/ 123 KB
123 KB 2053ms
2052ms Image
image/png 104.21.7.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/gen/operator-img.png
Requested by: Host: postnordes.tworder.com
URL: https://postnordes.tworder.com/get/57IC95MV30R40/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.7.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ad959dc0c70ef9d40126cefdcc3ad6aaba451078b3533a4204aff83e1de81f3

Request headers

Referer: https://postnordes.tworder.com/get/57IC95MV30R40/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 10:27:03 GMT
cf-cache-status: MISS
last-modified: Wed, 07 Aug 2024 09:20:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66b33c51-1ea0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DBMM9MAa2rgr%2FPHys2NoxZdVLXrO36NoWCTO6jy90la8fH%2B9%2FoRpI%2BfTYmcoVGZPtsaF24S4K3vfXhDkOWLeXeiRDEx4lKh2AewhQVkM6J2KIOR%2Bed6OxVNlVbOLOzrijOp05cvZxS5U"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8be58647096cbbf5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 125450

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
30 KB 2457ms
1088ms Script
text/javascript 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: postnordes.tworder.com
URL: https://postnordes.tworder.com/get/57IC95MV30R40/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postnordes.tworder.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Sep 2025 09:52:47 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 4308ms
1090ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

5a117249cdc1f7687bab98dc2cacdebd9a56553cf2c87ca8d41245cd12a3321a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://postnordes.tworder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 09:25:18 GMT
x-content-type-options: nosniff
age: 176508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14964
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:44:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Sep 2025 09:25:18 GMT

GET
H3 200 PostNordSans-Bold-6f78aac6.woff2
postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/fonts/ 27 KB
28 KB 2688ms
2688ms Font
application/octet-stream 104.21.7.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/fonts/PostNordSans-Bold-6f78aac6.woff2
Requested by: Host: postnordes.tworder.com
URL: https://postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/stylecopy.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.7.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f78aac65f196e103c049969af692b75300c6ee41ece2df98293918edceca448

Request headers

Referer: https://postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/stylecopy.css
Origin: https://postnordes.tworder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 10:27:03 GMT
cf-cache-status: MISS
last-modified: Wed, 07 Aug 2024 09:21:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66b33c93-6c70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wrawwu0y%2FuxaFwr1RUmqw53SI2hnJMJnZWF1wIgXiJwzKpTx6lWUJRNlJNawgMElFQuwVzD7Ot4hH3Zbffbs7d784gWcOupnyyMxwStnNv%2Fp8PWqH5fDTwhO8l1QVKWuOiAAsA5ZAB5L"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8be5864aee03bbf5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 27760

GET
H3 200 PostNordSans-Regular-93914d45.woff2
postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/fonts/ 25 KB
26 KB 2689ms
2689ms Font
application/octet-stream 104.21.7.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/fonts/PostNordSans-Regular-93914d45.woff2
Requested by: Host: postnordes.tworder.com
URL: https://postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/stylecopy.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.7.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93914d4538d1d68f086a4650fcaa932e8597caa2c86072650a44e9e7589955ff

Request headers

Referer: https://postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/stylecopy.css
Origin: https://postnordes.tworder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 10:27:03 GMT
cf-cache-status: MISS
last-modified: Wed, 07 Aug 2024 09:21:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66b33c93-651c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ZDBGH296vluDyrIZge1CedzkZRE0qpXjMnlQHTc9MJgzRRt3CUElXYrwARAtFV6ByJIpRZ67mgTCidS%2BQGWAyupCmQH6OoyKfiHj88bNHqdP8Fans97AMV3otFIXTKZ2LUB90FiTzb4"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8be5864aee08bbf5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25884

GET
H3 200 PostNordSans-Medium-7e113240.woff2
postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/fonts/ 26 KB
26 KB 4886ms
4886ms Font
application/octet-stream 104.21.7.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/fonts/PostNordSans-Medium-7e113240.woff2
Requested by: Host: postnordes.tworder.com
URL: https://postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/stylecopy.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.7.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e113240915eaee7a6b2ac0f50df00b852c409f6e9ec94067081dd24be92f214

Request headers

Referer: https://postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/stylecopy.css
Origin: https://postnordes.tworder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 10:27:03 GMT
cf-cache-status: MISS
last-modified: Wed, 07 Aug 2024 09:21:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66b33c93-66e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q8IPZvRPMMm3REPDw6Md0Xx7sc70w4DoZLqI%2BBUT2quaciwimfnmHGyTuih0BuWTz5KeHBrsRm60qGSDU%2F2ShjdW%2B0lpYbkAWmWIuABzpxQYf9yfvaGz78hGNhef3pjRA1qkQj1CrNQm"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8be5864aee09bbf5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 26340

POST
H3 200 ajax Show response
postnordes.tworder.com/ix9fjnak93/0w2gsb/166/ 2 B
486 B 830ms
829ms XHR
text/html 104.21.7.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postnordes.tworder.com/ix9fjnak93/0w2gsb/166/ajax
Requested by: Host: postnordes.tworder.com
URL: https://postnordes.tworder.com/get/57IC95MV30R40/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.7.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://postnordes.tworder.com/get/57IC95MV30R40/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 05 Sep 2024 10:27:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jTTSe439hLvbDiDYoz9icvL1JlRCXOwyjkP0Yl5sEoJ%2FWlTYtX1PKlhnoNGAWg7S7lAQy3CfH6XUf8PIu1PIdv7pBbNxOly40QjyS2Y%2F3ofK%2Fmr%2Fm%2BBPJz1U4iVdxTICRNvbW%2FlVmnQK"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8be58668ccbbbbf5-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 206 alert.mp3
postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/gen/ 14 KB
15 KB 964ms
964ms Media
audio/mpeg 104.21.7.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/gen/alert.mp3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.7.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a18bd97abbc747b6a928313fcfff5c253a4164ed768724912ac140edcb332c2

Request headers

Referer: https://postnordes.tworder.com/get/57IC95MV30R40/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 05 Sep 2024 10:27:08 GMT
cf-cache-status: MISS
last-modified: Wed, 07 Aug 2024 09:20:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66b33c51-39f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=38egfMZd2S6WpIdLqA%2BxRC%2BGvqXCd8WUjmSifQCyfPiCmTkv%2BjLRhf%2BIzKeV5wiTinom5Uj4VO%2BfYINQPevwc5wbLOzKR6SusFdKohKTVAOB0sxveohKt6qK6SrOrBrZ6nkoU6mrp480"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
Content-Range: bytes 0-14835/14836
cache-control: max-age=14400
cf-ray: 8be58668ecd6bbf5-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 14836

GET
H3 200 favicon.png
postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/ 7 KB
8 KB 842ms
841ms Other
image/png 104.21.7.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://postnordes.tworder.com/6y5vscqf/kg51x/343fdldg/services/postnordsv/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.7.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fba901ec6aa449f9af31288f8cc51bda3714a547ace1862fc42f4da76e82b84

Request headers

Referer: https://postnordes.tworder.com/get/57IC95MV30R40/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 10:27:08 GMT
cf-cache-status: MISS
last-modified: Wed, 07 Aug 2024 09:21:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66b33c93-1cee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AKwjCdzU1BnbZ5kJTEeXX7OPjeUNlw1iNgOXwdC7pxtn2WT66xGAKyEeW2mdQK4xEi7KLh%2BJ6NaTo%2BJQBNQ62u5%2BAwFv7LZEinp3v8pC9RImEYm8tLUqFJMlsJ7rqtQ4O8Lcm1Et6M53"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8be58668ecdabbf5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7406

POST ajax
postnordes.tworder.com/ix9fjnak93/0w2gsb/166/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: postnordes.tworder.com
URL: https://postnordes.tworder.com/ix9fjnak93/0w2gsb/166/ajax

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			postnordes.tworder.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 23c6fc1e08c27f26941245fd43211097

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
eds-map.com
fonts.googleapis.com
fonts.gstatic.com
postnordes.tworder.com
postnordes.tworder.com
104.21.7.213
142.250.184.195
142.250.186.138
142.250.186.170
172.67.160.50
3fba901ec6aa449f9af31288f8cc51bda3714a547ace1862fc42f4da76e82b84
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a117249cdc1f7687bab98dc2cacdebd9a56553cf2c87ca8d41245cd12a3321a
6ad959dc0c70ef9d40126cefdcc3ad6aaba451078b3533a4204aff83e1de81f3
6f78aac65f196e103c049969af692b75300c6ee41ece2df98293918edceca448
7e113240915eaee7a6b2ac0f50df00b852c409f6e9ec94067081dd24be92f214
87fe54a2f7dd92f0fcc7aa9685793a387c58a1292d864ea2e09aeaf9d590d783
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8fbf71605724e681e578114900cba1caa9571c459ac6f4bd250284517a4bc8e5
93914d4538d1d68f086a4650fcaa932e8597caa2c86072650a44e9e7589955ff
9992412bb27e6f7246168320dd4efece61b87f8cdc3cb10bb568c5f5ebc4afa7
9a18bd97abbc747b6a928313fcfff5c253a4164ed768724912ac140edcb332c2
9f1945a70f5df7fbb68eddd3861935610482579f1009427f4a00a22a34455998
e5684a667b28775fc92b30769ec2745ecfe2b38dcb95d045c8b4edbac58117c2

postnordes.tworder.com Open in urlscan Pro 104.21.7.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

377 kBTransfer

1161 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

Indicators

postnordes.tworder.com Open in urlscan Pro
104.21.7.213 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

377 kB
Transfer

1161 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions