postnord.promotelogin.com
Open in
urlscan Pro
192.46.235.144
Public Scan
Effective URL: https://postnord.promotelogin.com/nu/sign_in
Submission: On August 30 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by R3 on August 30th 2021. Valid for: 3 months.
This is the only time postnord.promotelogin.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 10 | 192.46.235.144 192.46.235.144 | 63949 (LINODE-AP...) (LINODE-AP Linode) | |
2 | 2606:2800:234... 2606:2800:234:59:254c:406:2366:268c | 15133 (EDGECAST) (EDGECAST) | |
1 | 104.244.42.200 104.244.42.200 | 13414 (TWITTER) (TWITTER) | |
9 | 3 |
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li2178-144.members.linode.com
postnord.promotelogin.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
promotelogin.com
4 redirects
postnord.promotelogin.com |
2 MB |
3 |
twitter.com
platform.twitter.com syndication.twitter.com |
133 KB |
9 | 2 |
Domain | Requested by | |
---|---|---|
10 | postnord.promotelogin.com |
4 redirects
postnord.promotelogin.com
|
2 | platform.twitter.com |
postnord.promotelogin.com
platform.twitter.com |
1 | syndication.twitter.com |
platform.twitter.com
|
9 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
postnord.promotelogin.com R3 |
2021-08-30 - 2021-11-28 |
3 months | crt.sh |
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-05 - 2021-11-09 |
a year | crt.sh |
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-05 - 2022-02-04 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://postnord.promotelogin.com/nu/sign_in
Frame ID: 992FE127052758EDF7F58BA154D76065
Requests: 7 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fpostnord.promotelogin.com
Frame ID: 22FD90D5C6979F2EBE45838CA7EED350
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
PromotePage URL History Show full URLs
-
https://postnord.promotelogin.com/
HTTP 302
https://postnord.promotelogin.com/desktop/users/sign_in HTTP 301
https://postnord.promotelogin.com/nu/sign_in Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Twitter (Widgets) Expand
Detected patterns
- script /\/\/platform\.twitter\.com\/widgets\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://postnord.promotelogin.com/
HTTP 302
https://postnord.promotelogin.com/desktop/users/sign_in HTTP 301
https://postnord.promotelogin.com/nu/sign_in Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://postnord.promotelogin.com/rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBEQT09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--e8e74f6439dbe44354c655538e9872267a0a1433/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdCam9VY21WemFYcGxYM1J2WDJ4cGJXbDBXd2RwQWFCcE5RPT0iLCJleHAiOm51bGwsInB1ciI6InZhcmlhdGlvbiJ9fQ==--9fee1e6397c6509beca95df564ad4dbd711823e8/PostnordBlue.jpg HTTP 302
- https://postnord.promotelogin.com/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSnJkbUZ5YVdGdWRITXZNVEJtTldOa2RYUnpNVGhtWXpFeGQzTjNZalpqZG14ak9YUnlNaTlqTnpjNU1UZzVaRGs1TmpFNU1EbG1ZamMzTlRGbU16RTNOalEwWVRBNVlqZzBZakZrWTJKa1ltVTVObUk0WVRZNVlqTm1ZakEzWlRrek16RTBZVEEwQmpvR1JWUTZFR1JwYzNCdmMybDBhVzl1U1NKTGFXNXNhVzVsT3lCbWFXeGxibUZ0WlQwaVVHOXpkRzV2Y21SQ2JIVmxMbXB3WnlJN0lHWnBiR1Z1WVcxbEtqMVZWRVl0T0NjblVHOXpkRzV2Y21SQ2JIVmxMbXB3WndZN0JsUTZFV052Ym5SbGJuUmZkSGx3WlVraUQybHRZV2RsTDJwd1pXY0dPd1pVIiwiZXhwIjoiMjAyMS0wOC0zMFQwNjozMTozNi4zMjNaIiwicHVyIjoiYmxvYl9rZXkifX0=--78b642d2aa47f97ef736ccb6c1e624a14f986a63/PostnordBlue.jpg?content_type=image%2Fjpeg&disposition=inline%3B+filename%3D%22PostnordBlue.jpg%22%3B+filename%2A%3DUTF-8%27%27PostnordBlue.jpg
- https://postnord.promotelogin.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBEUT09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--1b2cc3b678b6800329bfcdc9d27965ca20bd88e7/css_JuneW6581x_0.png HTTP 302
- https://postnord.promotelogin.com/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSWhlWHAzWlhOak5EY3lkamwzTUcxaGQyWnlkWFprTVc5dVltMDJiQVk2QmtWVU9oQmthWE53YjNOcGRHbHZia2tpVTJsdWJHbHVaVHNnWm1sc1pXNWhiV1U5SW1OemMxOUtkVzVsVnpZMU9ERjRYekF1Y0c1bklqc2dabWxzWlc1aGJXVXFQVlZVUmkwNEp5ZGpjM05mU25WdVpWYzJOVGd4ZUY4d0xuQnVad1k3QmxRNkVXTnZiblJsYm5SZmRIbHdaVWtpRG1sdFlXZGxMM0J1WndZN0JsUT0iLCJleHAiOiIyMDIxLTA4LTMwVDA2OjMxOjM2LjMzNVoiLCJwdXIiOiJibG9iX2tleSJ9fQ==--12ba84f4e11314bc344dad353578fd5ef1c0fb05/css_JuneW6581x_0.png?content_type=image%2Fpng&disposition=inline%3B+filename%3D%22css_JuneW6581x_0.png%22%3B+filename%2A%3DUTF-8%27%27css_JuneW6581x_0.png
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
sign_in
postnord.promotelogin.com/nu/ Redirect Chain
|
16 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
airbrake.min-c754b02803f442548670c4341b953fbad67b9e13f83299b6f84fd04bb0c91896.js
postnord.promotelogin.com/assets/third-party/ |
42 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-a0fc5b74.css
postnord.promotelogin.com/assets/packs/css/ |
74 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-90be2dbd38e892fd5322.js
postnord.promotelogin.com/assets/packs/js/ |
1 MB 370 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.js
platform.twitter.com/ |
96 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PostnordBlue.jpg
postnord.promotelogin.com/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSnJkbUZ5YVdGdWRITXZNVEJtTldOa2RYUnpNVGhtWXpFeGQzTjNZalpqZG14ak9YUnlNaTlqTnpjNU1UZzVaRGs1TmpFNU1Eb... Redirect Chain
|
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_JuneW6581x_0.png
postnord.promotelogin.com/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSWhlWHAzWlhOak5EY3lkamwzTUcxaGQyWnlkWFprTVc5dVltMDJiQVk2QmtWVU9oQmthWE53YjNOcGRHbHZia2tpVTJsdWJHb... Redirect Chain
|
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html
platform.twitter.com/widgets/ Frame 22FD |
319 KB 103 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings
syndication.twitter.com/ Frame 22FD |
232 B 431 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| Airbrake object| airbrake function| setImmediate function| clearImmediate object| regeneratorRuntime object| twttr function| makeEditor object| Turbolinks boolean| _rails_loaded object| FontAwesomeConfig object| ___FONT_AWESOME___ function| _ object| __twttrll object| __twttr3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
postnord.promotelogin.com/ | Name: detected_time_zone Value: %7B%22name%22%3A%22Europe%2FBerlin%22%2C%22offset%22%3A%22%2B01%3A00%22%2C%22is_dst%22%3Atrue%7D |
|
postnord.promotelogin.com/ | Name: _session_id Value: ab3890f0eb6a99be42b3bd40199dcbdc |
|
postnord.promotelogin.com/ | Name: intended_path Value: %2F |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
platform.twitter.com
postnord.promotelogin.com
syndication.twitter.com
104.244.42.200
192.46.235.144
2606:2800:234:59:254c:406:2366:268c
0af5f0d38c28228f2d5663c6a563af293bcb971e26e48fa6211613c3c7233516
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
97d131715a625ca7b6be59b5429adf403076662ce17b7f6c5e0b0ccb7739b55a
b09bda3465730dc3221c63f4eb2f7b38906a43b960a9afc9e5f8f53a9ccae163
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c754b02803f442548670c4341b953fbad67b9e13f83299b6f84fd04bb0c91896
e10f496dec7e5b646014022d8a7f32823b906902beb0fef3ba1e1f6e4fe4ac74
fab2a5c41c3acc842efd211d80626657dabe8b21bbaf1e1611b6bbd21aefe859