postnord.promotelogin.com
Open in
urlscan Pro
172.105.88.182
Public Scan
Effective URL: https://postnord.promotelogin.com/desktop/users/sign_in
Submission: On November 07 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Gandi Standard SSL CA 2 on September 4th 2019. Valid for: 2 years.
This is the only time postnord.promotelogin.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 16 | 172.105.88.182 172.105.88.182 | 63949 (LINODE-AP...) (LINODE-AP Linode) | |
15 | 1 |
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li2049-182.members.linode.com
postnord.promotelogin.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
promotelogin.com
1 redirects
postnord.promotelogin.com |
2 MB |
15 | 1 |
Domain | Requested by | |
---|---|---|
16 | postnord.promotelogin.com |
1 redirects
postnord.promotelogin.com
|
15 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.promotelogin.com Gandi Standard SSL CA 2 |
2019-09-04 - 2021-10-22 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://postnord.promotelogin.com/desktop/users/sign_in
Frame ID: 4A2F82100DDC53CC6F3856D337117030
Requests: 15 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://postnord.promotelogin.com/
HTTP 302
https://postnord.promotelogin.com/desktop/users/sign_in Page URL
Detected technologies
Ruby (Programming Languages) ExpandDetected patterns
- meta csrf-param /^authenticity_token$/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://postnord.promotelogin.com/
HTTP 302
https://postnord.promotelogin.com/desktop/users/sign_in Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
sign_in
postnord.promotelogin.com/desktop/users/ Redirect Chain
|
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
desktop-fb2df2dab2ec6d7434d99555212139c3ffcf813d52269ae339452d115dd08ecd.css
postnord.promotelogin.com/assets/ |
189 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3.css
postnord.promotelogin.com/brandings/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
airbrake.iife.min-8402abcb5dbcda06c71b87395fa5e83a2b7ce1a64cf93ac69a74bb1bc0958301.js
postnord.promotelogin.com/assets/third-party/ |
33 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
close-flash-message-52890fce5de7748b3e73f2ba38e949f71a8be6a71a8683e7b085bd86c0a316e5.svg
postnord.promotelogin.com/assets/next-gen/svg/ |
998 B 833 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
red_warning-2f4af28a9bf5d7011f4bf09bbb743466c65e52d4fbf3a723829b431231f4fecf.png
postnord.promotelogin.com/assets/errors/ |
23 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
public-0c93f9f73a6c1b20e7cadc3f013e86082e8f9ddcb61c1a6c0d3162c4f0e5ebb2.js
postnord.promotelogin.com/assets/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_PostnordBlue.jpg
postnord.promotelogin.com/files/branding/logotype_image/3/ |
21 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_JuneW6581x_0.png
postnord.promotelogin.com/files/branding/background_image/3/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
google-d502c4b6af5a268f1bc96b5744e07ebf2ad917a3fcbd7cf582258cc7826eb140.svg
postnord.promotelogin.com/assets/next-gen/svg/auth/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
linkedin-1676e107b21f6acc0226c25cc8c51617bd8b9313759abbe04db912b199989015.svg
postnord.promotelogin.com/assets/next-gen/svg/auth/ |
938 B 897 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebook-604b8ba2753fe63adad203befeda1fce9f15f6b0081f693dbb96d90e624850a1.svg
postnord.promotelogin.com/assets/next-gen/svg/auth/ |
449 B 624 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roboto-v18-500-96025fe9db6578d8bc7f4b8be739750b1490e07221c2b1f16acde2ea7669cedf.woff2
postnord.promotelogin.com/assets/next-gen/roboto/ |
64 KB 64 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roboto-v18-300-1d8f5280afb7f4fa0db5cdfcb751e180788b0f0da1488309c4243ebff11a9591.woff2
postnord.promotelogin.com/assets/next-gen/roboto/ |
63 KB 63 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roboto-v18-regular-47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562.woff2
postnord.promotelogin.com/assets/next-gen/roboto/ |
63 KB 63 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| Airbrake object| airbrake object| FlashMessagesUI function| FlashMessages object| flashMessages2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
postnord.promotelogin.com/ | Name: _session_id Value: edeefea81f38a156a8cc26fb61bac569 |
|
postnord.promotelogin.com/ | Name: intended_path Value: %2F |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15552000; includeSubDomains |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
postnord.promotelogin.com
172.105.88.182
0134adad366d8cb79ecea090300ef9d41443ea8199e0f880ff7fa45b7537a2c6
0c93f9f73a6c1b20e7cadc3f013e86082e8f9ddcb61c1a6c0d3162c4f0e5ebb2
1676e107b21f6acc0226c25cc8c51617bd8b9313759abbe04db912b199989015
1d8f5280afb7f4fa0db5cdfcb751e180788b0f0da1488309c4243ebff11a9591
2f4af28a9bf5d7011f4bf09bbb743466c65e52d4fbf3a723829b431231f4fecf
38702683b46e2c205e21d79af09034b23c4dfcbf5d4551d8a929381e64a7d0a8
47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562
52890fce5de7748b3e73f2ba38e949f71a8be6a71a8683e7b085bd86c0a316e5
604b8ba2753fe63adad203befeda1fce9f15f6b0081f693dbb96d90e624850a1
8402abcb5dbcda06c71b87395fa5e83a2b7ce1a64cf93ac69a74bb1bc0958301
96025fe9db6578d8bc7f4b8be739750b1490e07221c2b1f16acde2ea7669cedf
b09bda3465730dc3221c63f4eb2f7b38906a43b960a9afc9e5f8f53a9ccae163
d502c4b6af5a268f1bc96b5744e07ebf2ad917a3fcbd7cf582258cc7826eb140
f29c3700a20e0bcdd93257512b1d6622010c870d444197a6265a2a87dfcf5584
fb2df2dab2ec6d7434d99555212139c3ffcf813d52269ae339452d115dd08ecd