postlux.lieferung.biomed.com.bd Open in urlscan Pro
51.81.41.83 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://postlux.lieferung.biomed.com.bd/
Effective URL:
https://postlux.lieferung.biomed.com.bd/result
Submission: On March 07 via api (March 7th 2023, 5:34:31 pm UTC) from BE — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 20 HTTP transactions. The main IP is 51.81.41.83, located in United States and belongs to OVH, FR. The main domain is postlux.lieferung.biomed.com.bd.
TLS certificate: Issued by R3 on March 6th 2023. Valid for: 3 months.

This is the only time postlux.lieferung.biomed.com.bd was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Post Luxembourg (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 6	51.81.41.83 51.81.41.83	16276 (OVH) (OVH)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:400d:803::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:50c0:800... 2606:50c0:8003::153	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
20	7

6 51.81.41.83 (United States) 1 redirects

ASN16276 (OVH, FR)
PTR: ip83.ip-51-81-41.us

postlux.lieferung.biomed.com.bd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:803::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)

nosir.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	biomed.com.bd 1 redirects postlux.lieferung.biomed.com.bd	90 KB
3	gstatic.com fonts.gstatic.com	73 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 195	83 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 856	102 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	2 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	47 KB
1	github.io nosir.github.io — Cisco Umbrella Rank: 645386	7 KB
20	7

	Domain	Requested by
6	postlux.lieferung.biomed.com.bd	1 redirects postlux.lieferung.biomed.com.bd
3	fonts.gstatic.com	fonts.googleapis.com
3	cdnjs.cloudflare.com	postlux.lieferung.biomed.com.bd
3	use.fontawesome.com	postlux.lieferung.biomed.com.bd use.fontawesome.com
3	fonts.googleapis.com	postlux.lieferung.biomed.com.bd
2	cdn.jsdelivr.net	postlux.lieferung.biomed.com.bd
1	nosir.github.io	postlux.lieferung.biomed.com.bd
20	7

This site contains no links.

Subject Issuer	Validity	Valid
www.postlux.lieferung.biomed.com.bd R3	`2023-03-06` - `2023-06-04`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.github.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-04-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://postlux.lieferung.biomed.com.bd/result
Frame ID: 0E0D3571FB2DB18D5E4567BC43B5339A
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Track and Trace: Track your parcels and registered post - POST

Page URL History Show full URLs

https://postlux.lieferung.biomed.com.bd/ HTTP 302
https://postlux.lieferung.biomed.com.bd/result Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

20
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

402 kB
Transfer

917 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://postlux.lieferung.biomed.com.bd/ HTTP 302
https://postlux.lieferung.biomed.com.bd/result Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request result Show response
postlux.lieferung.biomed.com.bd/
Redirect Chain

https://postlux.lieferung.biomed.com.bd/
https://postlux.lieferung.biomed.com.bd/result

22 KB
5 KB

99ms
99ms

Document
text/html

51.81.41.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://postlux.lieferung.biomed.com.bd/result
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.41.83 , United States, ASN16276 (OVH, FR),
Reverse DNS: ip83.ip-51-81-41.us
Software: /
Resource Hash: 3b00bd3d8b8dda38748d2642693136718573b3bbcc25eaecf62ce5441a743ef2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 5470
content-type: text/html; charset=UTF-8
date: Tue, 07 Mar 2023 17:34:26 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding,User-Agent

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 07 Mar 2023 17:34:26 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: result
pragma: no-cache
vary: User-Agent

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 160 KB
24 KB 25ms
8ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

Requested by

Host: postlux.lieferung.biomed.com.bd
URL: https://postlux.lieferung.biomed.com.bd/result

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postlux.lieferung.biomed.com.bd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 07 Mar 2023 17:34:26 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 1156429
x-jsd-version: 5.1.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23938
x-served-by: cache-fra-eddf8230037-FRA, cache-hhn-etou8220036-HHN
x-jsd-version-type: version
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ 1 KB
894 B 185ms
69ms Stylesheet
text/css 2a00:1450:400d:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Alatsi&display=swap

Requested by

Host: postlux.lieferung.biomed.com.bd
URL: https://postlux.lieferung.biomed.com.bd/result

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7e9409fb269ee092759604cbd9db84847a22c5bebc67a61b2a28ff9f66a9ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postlux.lieferung.biomed.com.bd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Mar 2023 17:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 17:34:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Mar 2023 17:34:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 388 B
358 B 185ms
70ms Stylesheet
text/css 2a00:1450:400d:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Allerta&display=swap

Requested by

Host: postlux.lieferung.biomed.com.bd
URL: https://postlux.lieferung.biomed.com.bd/result

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

850f0c52d77c572506c7829892ac922693f9d89d34d6ee2f36f5db887b5f9fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postlux.lieferung.biomed.com.bd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Mar 2023 17:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 17:34:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Mar 2023 17:34:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
453 B 186ms
70ms Stylesheet
text/css 2a00:1450:400d:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Almarai:300,400,700&display=swap

Requested by

Host: postlux.lieferung.biomed.com.bd
URL: https://postlux.lieferung.biomed.com.bd/result

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

002dcd55a4ca19a7d0ce4e821ac9a179aac68bc7a034c30218f5f783fdd8cd60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postlux.lieferung.biomed.com.bd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Mar 2023 17:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 17:34:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Mar 2023 17:34:27 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.12.0/css/ 56 KB
13 KB 36ms
17ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.12.0/css/all.css
Requested by: Host: postlux.lieferung.biomed.com.bd
URL: https://postlux.lieferung.biomed.com.bd/result
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postlux.lieferung.biomed.com.bd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 17:34:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: RXHQKYYY955MKZ3Z
age: 1829570
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: R8LxzpqpwWdQqpMScLxuazWq6K/jKr19AEo0hiXZ0Q0y5IBtxo7m0iXs9mYI/P5VozFkzx0z8F8=
last-modified: Wed, 30 Jun 2021 15:37:55 GMT
server: cloudflare
etag: W/"500d1a92f875b1d96d37a3a3f8f0438c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FrZZRMTFIZBzK61Pd20OznxaljJ4CNNeBKWCqgxswlpuCk14J1jehwXce7No1ET04SZjk%2Bh8%2BPpmVaPN%2FyOFEOuWy9lFBHUYHO13yvANj%2FKMt2%2BaI89Z9Q3iBb9pNnFq66xHQbtCF9wYozphyAWVrpT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7a4496da9fd5691f-FRA

GET
H2 200 styles.min.css
postlux.lieferung.biomed.com.bd/assets/css/ 2 KB
620 B 98ms
98ms Stylesheet
text/css 51.81.41.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://postlux.lieferung.biomed.com.bd/assets/css/styles.min.css
Requested by: Host: postlux.lieferung.biomed.com.bd
URL: https://postlux.lieferung.biomed.com.bd/result
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.41.83 , United States, ASN16276 (OVH, FR),
Reverse DNS: ip83.ip-51-81-41.us
Software: /
Resource Hash: 91977c33a8d09745948b61048e2b11df2336e310e6e24580d52072e6742b99de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postlux.lieferung.biomed.com.bd/result
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 17:34:27 GMT
content-encoding: br
last-modified: Sat, 02 Jul 2022 00:13:48 GMT
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 490
expires: Tue, 14 Mar 2023 17:34:27 GMT

GET
H2 200 logo-post.svg
postlux.lieferung.biomed.com.bd/assets/img/ 9 KB
3 KB 195ms
194ms Image
image/svg+xml 51.81.41.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postlux.lieferung.biomed.com.bd/assets/img/logo-post.svg
Requested by: Host: postlux.lieferung.biomed.com.bd
URL: https://postlux.lieferung.biomed.com.bd/result
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.41.83 , United States, ASN16276 (OVH, FR),
Reverse DNS: ip83.ip-51-81-41.us
Software: /
Resource Hash: 59d18565c29f8c4c26ff1b862f5d0b9b69b74089b39efdab0ab88146ec57aecc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postlux.lieferung.biomed.com.bd/result
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 17:34:27 GMT
content-encoding: br
last-modified: Sat, 02 Jul 2022 00:13:48 GMT
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3025
expires: Tue, 14 Mar 2023 17:34:27 GMT

GET
H2 200 loading.gif
postlux.lieferung.biomed.com.bd/assets/img/ 75 KB
75 KB 196ms
195ms Image
image/gif 51.81.41.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postlux.lieferung.biomed.com.bd/assets/img/loading.gif
Requested by: Host: postlux.lieferung.biomed.com.bd
URL: https://postlux.lieferung.biomed.com.bd/result
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.41.83 , United States, ASN16276 (OVH, FR),
Reverse DNS: ip83.ip-51-81-41.us
Software: /
Resource Hash: 7430686386e11e1e4d44fe4638a2694774d7477f5bc41e177f241659a2423886

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postlux.lieferung.biomed.com.bd/result
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 17:34:27 GMT
last-modified: Sun, 03 Jul 2022 01:12:58 GMT
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 76793
expires: Tue, 14 Mar 2023 17:34:27 GMT

GET
H2 200 logo-post-circle.png
postlux.lieferung.biomed.com.bd/assets/img/ 5 KB
5 KB 195ms
194ms Image
image/png 51.81.41.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postlux.lieferung.biomed.com.bd/assets/img/logo-post-circle.png
Requested by: Host: postlux.lieferung.biomed.com.bd
URL: https://postlux.lieferung.biomed.com.bd/result
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.41.83 , United States, ASN16276 (OVH, FR),
Reverse DNS: ip83.ip-51-81-41.us
Software: /
Resource Hash: d8438feb7fb87f27e3f7356aa480223779610764372e434b99e67a8b0976bd5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postlux.lieferung.biomed.com.bd/result
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 17:34:27 GMT
last-modified: Sat, 02 Jul 2022 00:13:48 GMT
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5170
expires: Tue, 14 Mar 2023 17:34:27 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 76 KB
23 KB 9ms
7ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: postlux.lieferung.biomed.com.bd
URL: https://postlux.lieferung.biomed.com.bd/result

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postlux.lieferung.biomed.com.bd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 07 Mar 2023 17:34:26 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 1156428
x-jsd-version: 5.1.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23046
x-served-by: cache-fra-eddf8230075-FRA, cache-hhn-etou8220036-HHN
x-jsd-version-type: version
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 282 KB
69 KB 34ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.js

Requested by

Host: postlux.lieferung.biomed.com.bd
URL: https://postlux.lieferung.biomed.com.bd/result

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://postlux.lieferung.biomed.com.bd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 17:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6428667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70371
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-46744"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MB2OhIREMOwG4dODomwFL0YQz82EUABdpw2fcPpiN9uI4E%2F7jVaZuuKSOTuTZJ%2B9MCP0LmOA4kPIUzJS1nL52OZ75fVEIpmsUnULWzMLAhnQKH7rdA2FAscb90HESg4QRsZyEt4QrvuxJtwBEHPGvihr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a4496daa9d52bd6-FRA
expires: Sun, 25 Feb 2024 17:34:26 GMT

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.5/ 24 KB
8 KB 32ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.5/jquery.validate.min.js

Requested by

Host: postlux.lieferung.biomed.com.bd
URL: https://postlux.lieferung.biomed.com.bd/result

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://postlux.lieferung.biomed.com.bd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 17:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5170408
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7032
last-modified: Fri, 01 Jul 2022 15:30:23 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62bf130f-1b78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFUDlG1p0kCSPJt%2BfaGYpeCWVi8%2FFiOH0j8ate13OcJpCKguNAv3Dn3c1OpYl0GT0cZwTrDSt%2BLmY7aN78Ira807aPZjR759n81ImM8WyvGTbqGSDjT4O02GLtRkVe9baDs51kGivdkDCKT385LYVbVd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a4496daa9d82bd6-FRA
expires: Sun, 25 Feb 2024 17:34:26 GMT

GET
H2 200 additional-methods.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.5/ 22 KB
6 KB 33ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.5/additional-methods.min.js

Requested by

Host: postlux.lieferung.biomed.com.bd
URL: https://postlux.lieferung.biomed.com.bd/result

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f74465ceecfca4864ae20f68d88ee718afbd9f9714f516ddb781adc513b96ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://postlux.lieferung.biomed.com.bd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 17:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4665011
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5703
last-modified: Fri, 01 Jul 2022 15:30:23 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62bf130f-1647"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAB%2F4zGSVuuPhdFzqCvCUs9MmaBYTijEfpq3tjN0OyBOt1OHqTmAf7eTAm1pJaBYuwr77Vr7%2FEcvf8keHYRtD099IvMDB8p6RxFbnLr7tfKXeIfx2Pko4DaoH3yyQ5qr726CCi7jAK9Qkn4nHpyMYGpu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a4496daa9d92bd6-FRA
expires: Sun, 25 Feb 2024 17:34:26 GMT

GET
H2 200 cleave.min.js Show response
nosir.github.io/cleave.js/dist/ 21 KB
7 KB 57ms
12ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nosir.github.io/cleave.js/dist/cleave.min.js
Requested by: Host: postlux.lieferung.biomed.com.bd
URL: https://postlux.lieferung.biomed.com.bd/result
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 7eb194c2648de022cb8f29399b9f4409d5ec0cc5314d6e4eea175c78d1d5089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postlux.lieferung.biomed.com.bd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-fastly-request-id: 48df0db97dd71f2b0b09972d4dc462165f9a1962
date: Tue, 07 Mar 2023 17:34:27 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 499
x-cache: HIT
x-proxy-cache: MISS
content-length: 6354
x-served-by: cache-hhn-etou8220032-HHN
last-modified: Tue, 19 May 2020 10:51:11 GMT
server: GitHub.com
x-github-request-id: D6A0:7BCB:1565A4:1E2B23:63F589BD
x-timer: S1678210467.015157,VS0,VE2
etag: W/"5ec3ba1f-528d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Wed, 22 Feb 2023 03:29:25 GMT

GET
H2 200 TwMO-IAHRlkbx940YnYXSA.woff2
fonts.gstatic.com/s/allerta/v18/ 8 KB
8 KB 178ms
63ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/allerta/v18/TwMO-IAHRlkbx940YnYXSA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Allerta&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef4a4798ee810a9641529acd802d9b08b48623504b15d10fba88fc42dcb2d9f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://postlux.lieferung.biomed.com.bd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 12:55:21 GMT
x-content-type-options: nosniff
age: 448746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7824
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:20:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 12:55:21 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.12.0/webfonts/ 74 KB
75 KB 29ms
20ms Font
font/woff2 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.12.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.12.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Request headers

Referer: https://use.fontawesome.com/releases/v5.12.0/css/all.css
Origin: https://postlux.lieferung.biomed.com.bd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 17:34:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Z4EVZAPS8RV3CPW4
age: 17141
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76084
x-amz-id-2: jxNroric7KuuGZeQTsDVGdHSgyEgqyVDGWr3GrZNFIbyWfYko/A+Z1GVb4ZS5pQySICOOf9XxWmVdgdOFPJMfKTLu/yxmHQoUl501rIn0II=
last-modified: Wed, 30 Jun 2021 15:38:16 GMT
server: cloudflare
etag: "f6121be597a72928f54e7ab5b95512a1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCof4r%2FPjS7TeGX%2FJ72tD4k0Za3jEscwBMcKRkjbyFcKWZ0drwDjbhuW9amPtDhqsTPfg%2BFCQeLB7CoBXQb3W%2BcjiadpLyeG45du6QEQhQy%2BdmUT0jBWjlRDa3ChPHcAgFMW55YvPTjoo7Cnx%2BgU04n8"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7a4496dbb87d9a09-FRA

GET
H3 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.12.0/webfonts/ 13 KB
14 KB 22ms
14ms Font
font/woff2 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.12.0/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.12.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6

Request headers

Referer: https://use.fontawesome.com/releases/v5.12.0/css/all.css
Origin: https://postlux.lieferung.biomed.com.bd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 17:34:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Z4EJ8CWRFQT08WJF
age: 17141
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13576
x-amz-id-2: OSoRkNlnJpJeftYDtDU7rh0z97PgB00AolbeMpJxerW3TYCNxZgnrN5EcZPFm6yuWkB7Viagkvg=
last-modified: Wed, 30 Jun 2021 15:38:16 GMT
server: cloudflare
etag: "9efb86976bd53e159166c12365f61e25"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCmWOTFr59B0S6uSAcO%2FFlCelVCUYXwnwJJtTYwnSvnNONWZ4erZ%2BSGY9VmyJnXWKxvM%2BcQYxwW0O9S94tkV9xqgDbU0y8ZftizQWlh%2FrswXMT9E47knfp7fSPuC7u11j9QEw02cR4tJtnJxzjD58B7G"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7a4496dbb87b9a09-FRA

GET
H2 200 TK3iWkUJAxQ2nLN2GT8G.woff2
fonts.gstatic.com/s/alatsi/v10/ 19 KB
20 KB 161ms
47ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alatsi/v10/TK3iWkUJAxQ2nLN2GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alatsi&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55891efe749e9813cf55caaeb20502eead0be398179a4f4d0adca0db37e64eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://postlux.lieferung.biomed.com.bd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 07:18:39 GMT
x-content-type-options: nosniff
age: 36948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19640
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 15:48:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Mar 2024 07:18:39 GMT

GET
H2 200 tsstApxBaigK_hnnQ1iFow.woff2
fonts.gstatic.com/s/almarai/v12/ 46 KB
46 KB 211ms
97ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/almarai/v12/tsstApxBaigK_hnnQ1iFow.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Almarai:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a6bda3553569fc700de73f81edc96180d144db1e05a702bc9854dbe14961c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://postlux.lieferung.biomed.com.bd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:58:27 GMT
x-content-type-options: nosniff
age: 462960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46804
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:10:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 08:58:27 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Post Luxembourg (Transportation)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			postlux.lieferung.biomed.com.bd/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8f18c546747c408e1a6fc82f3ec3a309

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
nosir.github.io
postlux.lieferung.biomed.com.bd
use.fontawesome.com
2606:4700::6811:190e
2606:4700:e2::ac40:850f
2606:50c0:8003::153
2a00:1450:400d:803::200a
2a00:1450:400d:80d::2003
2a04:4e42:400::485
51.81.41.83
002dcd55a4ca19a7d0ce4e821ac9a179aac68bc7a034c30218f5f783fdd8cd60
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
2a6bda3553569fc700de73f81edc96180d144db1e05a702bc9854dbe14961c5e
3b00bd3d8b8dda38748d2642693136718573b3bbcc25eaecf62ce5441a743ef2
59d18565c29f8c4c26ff1b862f5d0b9b69b74089b39efdab0ab88146ec57aecc
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
7430686386e11e1e4d44fe4638a2694774d7477f5bc41e177f241659a2423886
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
7eb194c2648de022cb8f29399b9f4409d5ec0cc5314d6e4eea175c78d1d5089a
850f0c52d77c572506c7829892ac922693f9d89d34d6ee2f36f5db887b5f9fb8
86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6
91977c33a8d09745948b61048e2b11df2336e310e6e24580d52072e6742b99de
a7e9409fb269ee092759604cbd9db84847a22c5bebc67a61b2a28ff9f66a9ec0
c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd
d55891efe749e9813cf55caaeb20502eead0be398179a4f4d0adca0db37e64eb
d8438feb7fb87f27e3f7356aa480223779610764372e434b99e67a8b0976bd5b
ef4a4798ee810a9641529acd802d9b08b48623504b15d10fba88fc42dcb2d9f6
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f74465ceecfca4864ae20f68d88ee718afbd9f9714f516ddb781adc513b96ab0

postlux.lieferung.biomed.com.bd Open in urlscan Pro 51.81.41.83 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

86 %IPv6

7 Domains

7 Subdomains

7 IPs

2 Countries

402 kBTransfer

917 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

1 Cookies

Indicators

postlux.lieferung.biomed.com.bd Open in urlscan Pro
51.81.41.83 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

402 kB
Transfer

917 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!