urlscan.io logo urlscan.io
SecurityTrails logo

postnord.promotelogin.com Open in urlscan Pro
192.46.235.144  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://postnord.promotelogin.com/
Effective URL: https://postnord.promotelogin.com/nu/sign_in
Submission: On August 30 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 192.46.235.144, located in Frankfurt am Main, Germany and belongs to LINODE-AP Linode, LLC, US. The main domain is postnord.promotelogin.com.
TLS certificate: Issued by R3 on August 30th 2021. Valid for: 3 months.
This is the only time postnord.promotelogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 10 192.46.235.144 63949 (LINODE-AP...)
2 2606:2800:234... 15133 (EDGECAST)
1 104.244.42.200 13414 (TWITTER)
9 3
Apex Domain
Subdomains		 Transfer
10 promotelogin.com
postnord.promotelogin.com
2 MB
3 twitter.com
platform.twitter.com
syndication.twitter.com
133 KB
9 2
Domain Requested by
10 postnord.promotelogin.com 4 redirects postnord.promotelogin.com
2 platform.twitter.com postnord.promotelogin.com
platform.twitter.com
1 syndication.twitter.com platform.twitter.com
9 3

This site contains no links.

Subject Issuer Validity Valid
postnord.promotelogin.com
R3		 2021-08-30 -
2021-11-28		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh

This page contains 2 frames:

Primary Page: https://postnord.promotelogin.com/nu/sign_in
Frame ID: 992FE127052758EDF7F58BA154D76065
Requests: 7 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fpostnord.promotelogin.com
Frame ID: 22FD90D5C6979F2EBE45838CA7EED350
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Promote

Page URL History Show full URLs

  1. https://postnord.promotelogin.com/ HTTP 302
    https://postnord.promotelogin.com/desktop/users/sign_in HTTP 301
    https://postnord.promotelogin.com/nu/sign_in Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

9
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

2072 kB
Transfer

3614 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://postnord.promotelogin.com/ HTTP 302
    https://postnord.promotelogin.com/desktop/users/sign_in HTTP 301
    https://postnord.promotelogin.com/nu/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://postnord.promotelogin.com/rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBEQT09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--e8e74f6439dbe44354c655538e9872267a0a1433/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdCam9VY21WemFYcGxYM1J2WDJ4cGJXbDBXd2RwQWFCcE5RPT0iLCJleHAiOm51bGwsInB1ciI6InZhcmlhdGlvbiJ9fQ==--9fee1e6397c6509beca95df564ad4dbd711823e8/PostnordBlue.jpg HTTP 302
  • https://postnord.promotelogin.com/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSnJkbUZ5YVdGdWRITXZNVEJtTldOa2RYUnpNVGhtWXpFeGQzTjNZalpqZG14ak9YUnlNaTlqTnpjNU1UZzVaRGs1TmpFNU1EbG1ZamMzTlRGbU16RTNOalEwWVRBNVlqZzBZakZrWTJKa1ltVTVObUk0WVRZNVlqTm1ZakEzWlRrek16RTBZVEEwQmpvR1JWUTZFR1JwYzNCdmMybDBhVzl1U1NKTGFXNXNhVzVsT3lCbWFXeGxibUZ0WlQwaVVHOXpkRzV2Y21SQ2JIVmxMbXB3WnlJN0lHWnBiR1Z1WVcxbEtqMVZWRVl0T0NjblVHOXpkRzV2Y21SQ2JIVmxMbXB3WndZN0JsUTZFV052Ym5SbGJuUmZkSGx3WlVraUQybHRZV2RsTDJwd1pXY0dPd1pVIiwiZXhwIjoiMjAyMS0wOC0zMFQwNjozMTozNi4zMjNaIiwicHVyIjoiYmxvYl9rZXkifX0=--78b642d2aa47f97ef736ccb6c1e624a14f986a63/PostnordBlue.jpg?content_type=image%2Fjpeg&disposition=inline%3B+filename%3D%22PostnordBlue.jpg%22%3B+filename%2A%3DUTF-8%27%27PostnordBlue.jpg
Request Chain 5
  • https://postnord.promotelogin.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBEUT09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--1b2cc3b678b6800329bfcdc9d27965ca20bd88e7/css_JuneW6581x_0.png HTTP 302
  • https://postnord.promotelogin.com/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSWhlWHAzWlhOak5EY3lkamwzTUcxaGQyWnlkWFprTVc5dVltMDJiQVk2QmtWVU9oQmthWE53YjNOcGRHbHZia2tpVTJsdWJHbHVaVHNnWm1sc1pXNWhiV1U5SW1OemMxOUtkVzVsVnpZMU9ERjRYekF1Y0c1bklqc2dabWxzWlc1aGJXVXFQVlZVUmkwNEp5ZGpjM05mU25WdVpWYzJOVGd4ZUY4d0xuQnVad1k3QmxRNkVXTnZiblJsYm5SZmRIbHdaVWtpRG1sdFlXZGxMM0J1WndZN0JsUT0iLCJleHAiOiIyMDIxLTA4LTMwVDA2OjMxOjM2LjMzNVoiLCJwdXIiOiJibG9iX2tleSJ9fQ==--12ba84f4e11314bc344dad353578fd5ef1c0fb05/css_JuneW6581x_0.png?content_type=image%2Fpng&disposition=inline%3B+filename%3D%22css_JuneW6581x_0.png%22%3B+filename%2A%3DUTF-8%27%27css_JuneW6581x_0.png

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign_in
postnord.promotelogin.com/nu/
Redirect Chain
  • https://postnord.promotelogin.com/
  • https://postnord.promotelogin.com/desktop/users/sign_in
  • https://postnord.promotelogin.com/nu/sign_in
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://postnord.promotelogin.com/nu/sign_in
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.46.235.144 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2178-144.members.linode.com
Software
nginx /
Resource Hash
fab2a5c41c3acc842efd211d80626657dabe8b21bbaf1e1611b6bbd21aefe859
Security Headers
Name Value
Content-Security-Policy
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
postnord.promotelogin.com
:scheme
https
:path
/nu/sign_in
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
intended_path=%2F; _session_id=ab3890f0eb6a99be42b3bd40199dcbdc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server
nginx
date
Mon, 30 Aug 2021 06:26:36 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
etag
W/"fab2a5c41c3acc842efd211d80626657"
cache-control
max-age=0, private, must-revalidate
content-security-policy
x-request-id
5e15efde-2e63-4dd8-8ee8-6445b9376c9b
x-runtime
0.055401
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip

Redirect headers

server
nginx
date
Mon, 30 Aug 2021 06:26:36 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
location
https://postnord.promotelogin.com/nu/sign_in
cache-control
no-cache
content-security-policy
x-request-id
a99c05cd-706a-4a58-b958-f0c41140fe21
x-runtime
0.007221
strict-transport-security
max-age=31536000; includeSubDomains
airbrake.min-c754b02803f442548670c4341b953fbad67b9e13f83299b6f84fd04bb0c91896.js
postnord.promotelogin.com/assets/third-party/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://postnord.promotelogin.com/assets/third-party/airbrake.min-c754b02803f442548670c4341b953fbad67b9e13f83299b6f84fd04bb0c91896.js
Requested by
Host: postnord.promotelogin.com
URL: https://postnord.promotelogin.com/nu/sign_in
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.46.235.144 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2178-144.members.linode.com
Software
nginx /
Resource Hash
c754b02803f442548670c4341b953fbad67b9e13f83299b6f84fd04bb0c91896

Request headers

:path
/assets/third-party/airbrake.min-c754b02803f442548670c4341b953fbad67b9e13f83299b6f84fd04bb0c91896.js
pragma
no-cache
cookie
intended_path=%2F; _session_id=ab3890f0eb6a99be42b3bd40199dcbdc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
postnord.promotelogin.com
referer
https://postnord.promotelogin.com/nu/sign_in
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://postnord.promotelogin.com/nu/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 06:26:36 GMT
content-encoding
gzip
last-modified
Fri, 27 Aug 2021 19:19:03 GMT
server
nginx
etag
"61293aa7-318e"
content-type
application/javascript
cache-control
max-age=315360000 public
content-length
12686
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-a0fc5b74.css
postnord.promotelogin.com/assets/packs/css/ 		74 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://postnord.promotelogin.com/assets/packs/css/application-a0fc5b74.css
Requested by
Host: postnord.promotelogin.com
URL: https://postnord.promotelogin.com/nu/sign_in
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.46.235.144 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2178-144.members.linode.com
Software
nginx /
Resource Hash
97d131715a625ca7b6be59b5429adf403076662ce17b7f6c5e0b0ccb7739b55a

Request headers

:path
/assets/packs/css/application-a0fc5b74.css
pragma
no-cache
cookie
intended_path=%2F; _session_id=ab3890f0eb6a99be42b3bd40199dcbdc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
postnord.promotelogin.com
referer
https://postnord.promotelogin.com/nu/sign_in
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://postnord.promotelogin.com/nu/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 06:26:36 GMT
content-encoding
gzip
last-modified
Fri, 27 Aug 2021 19:19:56 GMT
server
nginx
etag
"61293adc-3b64"
content-type
text/css
cache-control
max-age=315360000 public
content-length
15204
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-90be2dbd38e892fd5322.js
postnord.promotelogin.com/assets/packs/js/ 		1 MB
370 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://postnord.promotelogin.com/assets/packs/js/application-90be2dbd38e892fd5322.js
Requested by
Host: postnord.promotelogin.com
URL: https://postnord.promotelogin.com/nu/sign_in
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.46.235.144 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2178-144.members.linode.com
Software
nginx /
Resource Hash
0af5f0d38c28228f2d5663c6a563af293bcb971e26e48fa6211613c3c7233516

Request headers

:path
/assets/packs/js/application-90be2dbd38e892fd5322.js
pragma
no-cache
cookie
intended_path=%2F; _session_id=ab3890f0eb6a99be42b3bd40199dcbdc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
postnord.promotelogin.com
referer
https://postnord.promotelogin.com/nu/sign_in
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://postnord.promotelogin.com/nu/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 06:26:36 GMT
content-encoding
gzip
last-modified
Fri, 27 Aug 2021 19:19:56 GMT
server
nginx
etag
"61293adc-5c59a"
content-type
application/javascript
cache-control
max-age=315360000 public
content-length
378266
expires
Thu, 31 Dec 2037 23:55:55 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: postnord.promotelogin.com
URL: https://postnord.promotelogin.com/assets/packs/js/application-90be2dbd38e892fd5322.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) /
Resource Hash
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer
https://postnord.promotelogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 30 Aug 2021 06:26:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:34:57 GMT
Server
ECS (frb/67D5)
Age
1489
Etag
"d405b816322f9770c70cbd10cfa87be4+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28872
PostnordBlue.jpg
postnord.promotelogin.com/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSnJkbUZ5YVdGdWRITXZNVEJtTldOa2RYUnpNVGhtWXpFeGQzTjNZalpqZG14ak9YUnlNaTlqTnpjNU1UZzVaRGs1TmpFNU1Eb...
Redirect Chain
  • https://postnord.promotelogin.com/rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBEQT09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--e8e74f6439dbe44354c655538e9872267a0a1433/eyJ...
  • https://postnord.promotelogin.com/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSnJkbUZ5YVdGdWRITXZNVEJtTldOa2RYUnpNVGhtWXpFeGQzTjNZalpqZG14ak9YUnlNaTlqTnpjNU1UZzVaRGs1T...
24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://postnord.promotelogin.com/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSnJkbUZ5YVdGdWRITXZNVEJtTldOa2RYUnpNVGhtWXpFeGQzTjNZalpqZG14ak9YUnlNaTlqTnpjNU1UZzVaRGs1TmpFNU1EbG1ZamMzTlRGbU16RTNOalEwWVRBNVlqZzBZakZrWTJKa1ltVTVObUk0WVRZNVlqTm1ZakEzWlRrek16RTBZVEEwQmpvR1JWUTZFR1JwYzNCdmMybDBhVzl1U1NKTGFXNXNhVzVsT3lCbWFXeGxibUZ0WlQwaVVHOXpkRzV2Y21SQ2JIVmxMbXB3WnlJN0lHWnBiR1Z1WVcxbEtqMVZWRVl0T0NjblVHOXpkRzV2Y21SQ2JIVmxMbXB3WndZN0JsUTZFV052Ym5SbGJuUmZkSGx3WlVraUQybHRZV2RsTDJwd1pXY0dPd1pVIiwiZXhwIjoiMjAyMS0wOC0zMFQwNjozMTozNi4zMjNaIiwicHVyIjoiYmxvYl9rZXkifX0=--78b642d2aa47f97ef736ccb6c1e624a14f986a63/PostnordBlue.jpg?content_type=image%2Fjpeg&disposition=inline%3B+filename%3D%22PostnordBlue.jpg%22%3B+filename%2A%3DUTF-8%27%27PostnordBlue.jpg
Requested by
Host: postnord.promotelogin.com
URL: https://postnord.promotelogin.com/nu/sign_in
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.46.235.144 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2178-144.members.linode.com
Software
nginx /
Resource Hash
e10f496dec7e5b646014022d8a7f32823b906902beb0fef3ba1e1f6e4fe4ac74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

:path
/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSnJkbUZ5YVdGdWRITXZNVEJtTldOa2RYUnpNVGhtWXpFeGQzTjNZalpqZG14ak9YUnlNaTlqTnpjNU1UZzVaRGs1TmpFNU1EbG1ZamMzTlRGbU16RTNOalEwWVRBNVlqZzBZakZrWTJKa1ltVTVObUk0WVRZNVlqTm1ZakEzWlRrek16RTBZVEEwQmpvR1JWUTZFR1JwYzNCdmMybDBhVzl1U1NKTGFXNXNhVzVsT3lCbWFXeGxibUZ0WlQwaVVHOXpkRzV2Y21SQ2JIVmxMbXB3WnlJN0lHWnBiR1Z1WVcxbEtqMVZWRVl0T0NjblVHOXpkRzV2Y21SQ2JIVmxMbXB3WndZN0JsUTZFV052Ym5SbGJuUmZkSGx3WlVraUQybHRZV2RsTDJwd1pXY0dPd1pVIiwiZXhwIjoiMjAyMS0wOC0zMFQwNjozMTozNi4zMjNaIiwicHVyIjoiYmxvYl9rZXkifX0=--78b642d2aa47f97ef736ccb6c1e624a14f986a63/PostnordBlue.jpg?content_type=image%2Fjpeg&disposition=inline%3B+filename%3D%22PostnordBlue.jpg%22%3B+filename%2A%3DUTF-8%27%27PostnordBlue.jpg
pragma
no-cache
cookie
intended_path=%2F; _session_id=ab3890f0eb6a99be42b3bd40199dcbdc; detected_time_zone=%7B%22name%22%3A%22Europe%2FBerlin%22%2C%22offset%22%3A%22%2B01%3A00%22%2C%22is_dst%22%3Atrue%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
postnord.promotelogin.com
referer
https://postnord.promotelogin.com/nu/sign_in
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://postnord.promotelogin.com/nu/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-runtime
0.005603
date
Mon, 30 Aug 2021 06:26:36 GMT
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 19 Mar 2021 08:32:24 GMT
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-permitted-cross-domain-policies
none
cache-control
max-age=0, private, must-revalidate
content-disposition
inline; filename="PostnordBlue.jpg"; filename*=UTF-8''PostnordBlue.jpg
strict-transport-security
max-age=31536000; includeSubDomains
content-length
24323
x-request-id
b852f748-a75c-4e9b-b59d-33427adf4c22

Redirect headers

x-runtime
0.010501
date
Mon, 30 Aug 2021 06:26:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
location
https://postnord.promotelogin.com/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSnJkbUZ5YVdGdWRITXZNVEJtTldOa2RYUnpNVGhtWXpFeGQzTjNZalpqZG14ak9YUnlNaTlqTnpjNU1UZzVaRGs1TmpFNU1EbG1ZamMzTlRGbU16RTNOalEwWVRBNVlqZzBZakZrWTJKa1ltVTVObUk0WVRZNVlqTm1ZakEzWlRrek16RTBZVEEwQmpvR1JWUTZFR1JwYzNCdmMybDBhVzl1U1NKTGFXNXNhVzVsT3lCbWFXeGxibUZ0WlQwaVVHOXpkRzV2Y21SQ2JIVmxMbXB3WnlJN0lHWnBiR1Z1WVcxbEtqMVZWRVl0T0NjblVHOXpkRzV2Y21SQ2JIVmxMbXB3WndZN0JsUTZFV052Ym5SbGJuUmZkSGx3WlVraUQybHRZV2RsTDJwd1pXY0dPd1pVIiwiZXhwIjoiMjAyMS0wOC0zMFQwNjozMTozNi4zMjNaIiwicHVyIjoiYmxvYl9rZXkifX0=--78b642d2aa47f97ef736ccb6c1e624a14f986a63/PostnordBlue.jpg?content_type=image%2Fjpeg&disposition=inline%3B+filename%3D%22PostnordBlue.jpg%22%3B+filename%2A%3DUTF-8%27%27PostnordBlue.jpg
x-permitted-cross-domain-policies
none
cache-control
max-age=300, private
content-security-policy
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
5b0e484f-df11-4e87-a482-5c6409022147
css_JuneW6581x_0.png
postnord.promotelogin.com/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSWhlWHAzWlhOak5EY3lkamwzTUcxaGQyWnlkWFprTVc5dVltMDJiQVk2QmtWVU9oQmthWE53YjNOcGRHbHZia2tpVTJsdWJHb...
Redirect Chain
  • https://postnord.promotelogin.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBEUT09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--1b2cc3b678b6800329bfcdc9d27965ca20bd88e7/css_JuneW6581...
  • https://postnord.promotelogin.com/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSWhlWHAzWlhOak5EY3lkamwzTUcxaGQyWnlkWFprTVc5dVltMDJiQVk2QmtWVU9oQmthWE53YjNOcGRHbHZia2tpV...
1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://postnord.promotelogin.com/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSWhlWHAzWlhOak5EY3lkamwzTUcxaGQyWnlkWFprTVc5dVltMDJiQVk2QmtWVU9oQmthWE53YjNOcGRHbHZia2tpVTJsdWJHbHVaVHNnWm1sc1pXNWhiV1U5SW1OemMxOUtkVzVsVnpZMU9ERjRYekF1Y0c1bklqc2dabWxzWlc1aGJXVXFQVlZVUmkwNEp5ZGpjM05mU25WdVpWYzJOVGd4ZUY4d0xuQnVad1k3QmxRNkVXTnZiblJsYm5SZmRIbHdaVWtpRG1sdFlXZGxMM0J1WndZN0JsUT0iLCJleHAiOiIyMDIxLTA4LTMwVDA2OjMxOjM2LjMzNVoiLCJwdXIiOiJibG9iX2tleSJ9fQ==--12ba84f4e11314bc344dad353578fd5ef1c0fb05/css_JuneW6581x_0.png?content_type=image%2Fpng&disposition=inline%3B+filename%3D%22css_JuneW6581x_0.png%22%3B+filename%2A%3DUTF-8%27%27css_JuneW6581x_0.png
Requested by
Host: postnord.promotelogin.com
URL: https://postnord.promotelogin.com/nu/sign_in
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.46.235.144 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2178-144.members.linode.com
Software
nginx /
Resource Hash
b09bda3465730dc3221c63f4eb2f7b38906a43b960a9afc9e5f8f53a9ccae163
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

:path
/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSWhlWHAzWlhOak5EY3lkamwzTUcxaGQyWnlkWFprTVc5dVltMDJiQVk2QmtWVU9oQmthWE53YjNOcGRHbHZia2tpVTJsdWJHbHVaVHNnWm1sc1pXNWhiV1U5SW1OemMxOUtkVzVsVnpZMU9ERjRYekF1Y0c1bklqc2dabWxzWlc1aGJXVXFQVlZVUmkwNEp5ZGpjM05mU25WdVpWYzJOVGd4ZUY4d0xuQnVad1k3QmxRNkVXTnZiblJsYm5SZmRIbHdaVWtpRG1sdFlXZGxMM0J1WndZN0JsUT0iLCJleHAiOiIyMDIxLTA4LTMwVDA2OjMxOjM2LjMzNVoiLCJwdXIiOiJibG9iX2tleSJ9fQ==--12ba84f4e11314bc344dad353578fd5ef1c0fb05/css_JuneW6581x_0.png?content_type=image%2Fpng&disposition=inline%3B+filename%3D%22css_JuneW6581x_0.png%22%3B+filename%2A%3DUTF-8%27%27css_JuneW6581x_0.png
pragma
no-cache
cookie
intended_path=%2F; _session_id=ab3890f0eb6a99be42b3bd40199dcbdc; detected_time_zone=%7B%22name%22%3A%22Europe%2FBerlin%22%2C%22offset%22%3A%22%2B01%3A00%22%2C%22is_dst%22%3Atrue%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
postnord.promotelogin.com
referer
https://postnord.promotelogin.com/nu/sign_in
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://postnord.promotelogin.com/nu/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-runtime
0.005739
date
Mon, 30 Aug 2021 06:26:36 GMT
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 11 Mar 2021 21:25:52 GMT
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/png
x-permitted-cross-domain-policies
none
cache-control
max-age=0, private, must-revalidate
content-disposition
inline; filename="css_JuneW6581x_0.png"; filename*=UTF-8''css_JuneW6581x_0.png
strict-transport-security
max-age=31536000; includeSubDomains
content-length
1545095
x-request-id
b6cf97da-3f1e-4711-90fc-b114db960f4f

Redirect headers

x-runtime
0.009364
date
Mon, 30 Aug 2021 06:26:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
location
https://postnord.promotelogin.com/rails/active_storage/disk/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9JYTJWNVNTSWhlWHAzWlhOak5EY3lkamwzTUcxaGQyWnlkWFprTVc5dVltMDJiQVk2QmtWVU9oQmthWE53YjNOcGRHbHZia2tpVTJsdWJHbHVaVHNnWm1sc1pXNWhiV1U5SW1OemMxOUtkVzVsVnpZMU9ERjRYekF1Y0c1bklqc2dabWxzWlc1aGJXVXFQVlZVUmkwNEp5ZGpjM05mU25WdVpWYzJOVGd4ZUY4d0xuQnVad1k3QmxRNkVXTnZiblJsYm5SZmRIbHdaVWtpRG1sdFlXZGxMM0J1WndZN0JsUT0iLCJleHAiOiIyMDIxLTA4LTMwVDA2OjMxOjM2LjMzNVoiLCJwdXIiOiJibG9iX2tleSJ9fQ==--12ba84f4e11314bc344dad353578fd5ef1c0fb05/css_JuneW6581x_0.png?content_type=image%2Fpng&disposition=inline%3B+filename%3D%22css_JuneW6581x_0.png%22%3B+filename%2A%3DUTF-8%27%27css_JuneW6581x_0.png
x-permitted-cross-domain-policies
none
cache-control
max-age=300, private
content-security-policy
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
b6134a73-7191-4dd3-a735-9f556de549e1
widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html
platform.twitter.com/widgets/ Frame 22FD 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fpostnord.promotelogin.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://postnord.promotelogin.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://postnord.promotelogin.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
309203
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 30 Aug 2021 06:26:36 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67D5)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
settings
syndication.twitter.com/ Frame 22FD 		232 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=fefa97e7fd063b30e2f55e16e851881b2772812f
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fpostnord.promotelogin.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 06:26:36 GMT
content-encoding
gzip
last-modified
Mon, 30 Aug 2021 06:26:36 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
c5ac86373ba92b10c5a707ba553e149970ad33f9dc6c58e7ee4bf042b024401f
content-length
166

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| Airbrake object| airbrake function| setImmediate function| clearImmediate object| regeneratorRuntime object| twttr function| makeEditor object| Turbolinks boolean| _rails_loaded object| FontAwesomeConfig object| ___FONT_AWESOME___ function| _ object| __twttrll object| __twttr

3 Cookies

Domain/Path Name / Value
postnord.promotelogin.com/ Name: detected_time_zone
Value: %7B%22name%22%3A%22Europe%2FBerlin%22%2C%22offset%22%3A%22%2B01%3A00%22%2C%22is_dst%22%3Atrue%7D
postnord.promotelogin.com/ Name: _session_id
Value: ab3890f0eb6a99be42b3bd40199dcbdc
postnord.promotelogin.com/ Name: intended_path
Value: %2F

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN