postnord-dk.icu Open in urlscan Pro
172.67.208.143 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/4cE2PyV
Effective URL:
https://postnord-dk.icu/DSGzt9/
Submission: On August 22 via automatic, source phishtank (August 22nd 2024, 4:27:20 am UTC) — Scanned from US

Summary HTTP 28 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 28 HTTP transactions. The main IP is 172.67.208.143, located in United States and belongs to CLOUDFLARENET, US. The main domain is postnord-dk.icu.
TLS certificate: Issued by WE1 on August 20th 2024. Valid for: 3 months.

This is the only time postnord-dk.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PostNord AB (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 29	172.67.208.143 172.67.208.143	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	1

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 172.67.208.143 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

postnord-dk.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	postnord-dk.icu 1 redirects postnord-dk.icu	390 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 6373	410 B
28	2

	Domain	Requested by
29	postnord-dk.icu	1 redirects postnord-dk.icu
1	bit.ly	1 redirects
28	2

This site contains links to these domains. Also see Links.

Domain
www.postnord.dk
apps.apple.com
play.google.com
portal.postnord.com
netbutik.postnord.dk
logistics.postnord.dk
kundeservice.postnord.dk
www.facebook.com
www.linkedin.com
www.instagram.com
www.findsmiley.dk
www.postnord.se
onetrust.com

Subject Issuer	Validity	Valid
postnord-dk.icu WE1	`2024-08-20` - `2024-11-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://postnord-dk.icu/DSGzt9/
Frame ID: 175DFD535E6C0847073C1B461A27629E
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/4cE2PyV HTTP 301
http://postnord-dk.icu/DSGzt9 HTTP 307
https://postnord-dk.icu/DSGzt9 HTTP 301
https://postnord-dk.icu/DSGzt9/ Page URL

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

28
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

390 kB
Transfer

1104 kB
Size

1
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://www.postnord.dk/#main-content

Search URL Search Domain Scan URL

URL: https://apps.apple.com/dk/app/postnord/id396871673?l=da
Title: Brug appen

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=se.postnord.private&hl=da&gl=DK
Title: Brug appen

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/

Search URL Search Domain Scan URL

URL: https://portal.postnord.com/?market=DK&cta=loginDK
Title: Kundeportalen

Search URL Search Domain Scan URL

URL: https://netbutik.postnord.dk/
Title: Netbutik

Search URL Search Domain Scan URL

URL: http://logistics.postnord.dk/login
Title: Gods Online

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/en/tools/track-and-trace

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/varktojer/track-trace

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/varktojer

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/varktojer/find-os
Title: Find Pakkeboks eller posthus

Search URL Search Domain Scan URL

URL: https://portal.postnord.com/onlineporto

Search URL Search Domain Scan URL

URL: https://kundeservice.postnord.dk/s/reklamation

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/modtag/told-og-moms

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/privat/priser-for-private

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/privat/forretningsbetingelser-for-private

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/erhverv/sadan-bliver-du-businesskunde

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/erhverv/vores-loesninger

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/erhverv/priser-for-erhverv

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/erhverv/forretningsbetingelser-for-erhverv

Search URL Search Domain Scan URL

URL: https://kundeservice.postnord.dk/

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/kundeservice/kundeservice-erhverv

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/driftinformation

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/kampagne/stot-ukraine

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/om-os/corporate-governance

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/om-os/pressekontakt

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/om-os/job

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PostNordDK

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/post-danmark

Search URL Search Domain Scan URL

URL: https://www.instagram.com/postnorddk

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/om-os/om-hjemmesiden

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/cookies

Search URL Search Domain Scan URL

URL: https://www.findsmiley.dk/Sider/Search.aspx?k=20148586%20OR%2026663903%20OR%2026115396

Search URL Search Domain Scan URL

URL: https://www.postnord.dk/personlige-oplysninger

Search URL Search Domain Scan URL

URL: https://www.postnord.se/en/cookies

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/4cE2PyV HTTP 301
http://postnord-dk.icu/DSGzt9 HTTP 307
https://postnord-dk.icu/DSGzt9 HTTP 301
https://postnord-dk.icu/DSGzt9/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response postnord-dk.icu/DSGzt9/ Redirect Chain https://bit.ly/4cE2PyV http://postnord-dk.icu/DSGzt9 https://postnord-dk.icu/DSGzt9 https://postnord-dk.icu/DSGzt9/	2 KB 1 KB	88ms 88ms	Document text/html	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `44194c17318edb717e421551162d503fb967445cc74a74262de58010a3071496` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=86400 cf-cache-status DYNAMIC cf-ray 8b701bfb6ea72f69-LAX content-encoding zstd content-type text/html; charset=utf-8 date Thu, 22 Aug 2024 04:27:15 GMT last-modified Wed, 29 May 2024 07:36:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YlIV3yMX6pUcL9XCbCvJQAFG1gVOA%2BKc2Dm%2FET4%2BHKEgIMn6GdBACN5W7U3Hw9925BwyhGenvhVdLIfBHtm2Qrb%2BKKzrgS%2FmKtCP3VxlMiQceCWn0iE%2BmCSWVIBXCordkOU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8b701bfabdb82f69-LAX content-type text/html; charset=utf-8 date Thu, 22 Aug 2024 04:27:15 GMT location /DSGzt9/ nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xPCldJxO%2FEaFBAUmic8y7wjnvi62TsLCKcIYSfk3IpLX%2FI%2FgdmSfUQseJFJ3gsHM%2FwvFsqP7Bcov2XXL0gXUEz7obS5H1eT8xW1YERV%2B5mQxzmqCEfPsaulLsIdUvYxzFiQ%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept
GET H3	200	index-6a5a1645.js Show response postnord-dk.icu/DSGzt9/assets/	493 KB 146 KB	86ms 85ms	Script application/javascript	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/assets/index-6a5a1645.js Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bfe487694adff1d4111e60cfd762873a9e29a06ce112877b50d8928beb334659` Request headers Referer https://postnord-dk.icu/DSGzt9/ Origin https://postnord-dk.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:15 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:36:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 254 etag W/"7b402-18fc3477800" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XqcSGcDlTPKzULwC69eoz%2BnCSAabOFdqF5X6%2B1B%2BUJxx6WUY3bbF02CPEt9l4lI9zta5IYWT%2Bjp%2FtO1wqR2XdofantTjtju1esIm4JxP9RMzO42nmMuPmIALj2WTWTqJ0VA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8b701bfc0f952f69-LAX alt-svc h3=":443"; ma=86400
GET H3	200	f6170fbbbRia6.css postnord-dk.icu/DSGzt9/assets/	952 B 948 B	301ms 301ms	Stylesheet text/css	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/assets/f6170fbbbRia6.css Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911` Request headers Referer https://postnord-dk.icu/DSGzt9/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:15 GMT content-encoding zstd cf-cache-status MISS last-modified Wed, 29 May 2024 07:36:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3b8-18fc3476860" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Z7i7MyxPjEUDWkGMfscyZzSpkLRUwo0JjK0Eu2Zf6mBu1uhA4YGPaJ3b7Oeat0rq1s03QV5f6m8c49YSA0cjhWN1MOkPpSxYYtStO30GMeZ0YYZ8iGVj7bI%2F0tVFJBrZQk%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8b701bfc0f982f69-LAX alt-svc h3=":443"; ma=86400
GET H3	200	06974353ZPpWM.js Show response postnord-dk.icu/DSGzt9/assets/	5 KB 2 KB	95ms 94ms	Script application/javascript	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/assets/06974353ZPpWM.js Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/index-6a5a1645.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `684a6807a52e8934ec1adbd04c57efbfcba0f9b724cd0d895d5897e6e83da36c` Request headers Referer Origin https://postnord-dk.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:15 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 29 May 2024 07:36:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1237-18fc3476860" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4IpziTMAwKXnzEetJLQ6LY1KN3OY8LcFQeJRN0K6jp1lBt0prhgRxlRd5zmYu0O9Q%2F6U%2B5tHGomQky4uSyAepBNrh%2BV3S9pKAxyVpTtD4zndhyek9Vb499%2B4nFpQd2nZ%2BYk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8b701bfe3b282f69-LAX alt-svc h3=":443"; ma=86400
GET H3	200	786e03d7ZPpWM.js Show response postnord-dk.icu/DSGzt9/assets/	52 KB 17 KB	103ms 102ms	Script application/javascript	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/assets/786e03d7ZPpWM.js Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/index-6a5a1645.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e82a18843adf1adcd57a350581835af847537e5cdecf35519f0b2a742547fe3b` Request headers Referer Origin https://postnord-dk.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:15 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 29 May 2024 07:36:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"d065-18fc3476860" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2JGOB2JooCSf1mvC3jc4LWkhd%2BF0eJsI4e5I7PWgORHqfzDxfjOGiFpnpVh%2BUHxP9kdDQjmU599Ic9GFDF6ltXRhmz2hIDu0IAPybB1IBBYz9yhdp8tJ6k394zRG%2FoybI%2Fo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8b701bfe3b2b2f69-LAX alt-svc h3=":443"; ma=86400
GET H3	200	favicon.ico postnord-dk.icu/	632 B 1 KB	96ms 95ms	Other image/vnd.microsoft.icon	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9229bc150b7631494ae964c0185067f6d40d62dbba088ddf93026c0179062d50` Request headers Referer https://postnord-dk.icu/DSGzt9/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:15 GMT content-encoding zstd cf-cache-status MISS last-modified Wed, 29 May 2024 07:36:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"278-18fc34750f0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vb34zjD%2FSkqphK9ZXSnEdVsJezETjsqnT92bBVswHpiB73fCmCxKAJUL8mcGF1l0djR9KNYfssvovy3YaHeGcOCDlcg8tj5Hidmj%2BlEYZedNqGeSj%2Btna8qq32w11%2FHAfic%3D"}],"group":"cf-nel","max_age":604800} content-type image/vnd.microsoft.icon access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8b701bfe4b4d2f69-LAX alt-svc h3=":443"; ma=86400
GET H3	200	70f23461ZPpWM.js Show response postnord-dk.icu/DSGzt9/assets/	34 KB 11 KB	99ms 99ms	Script application/javascript	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/assets/70f23461ZPpWM.js Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/index-6a5a1645.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0dd309d6c971ab65c12ff410b469084b87516e4f720e04f2e698b46beea27dc7` Request headers Referer Origin https://postnord-dk.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:15 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 29 May 2024 07:36:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"89b2-18fc3476860" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DnBP6KeplNmzY%2Fe28%2FeIMR83or9UiN9w4%2BZryyXPEhtlQU%2FuZgoXAJuiCwB7emQl1BQkVSz9UG%2F3OdA%2FmVx2QhvjEjYQ7HwmPgCU0pqGGTdQx23pDif8htNsgjSx%2Bion0c0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8b701bfeec4b2f69-LAX alt-svc h3=":443"; ma=86400
GET H3	200	09bf01f8ZPpWM.js Show response postnord-dk.icu/DSGzt9/assets/	2 KB 1 KB	136ms 135ms	Script application/javascript	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/assets/09bf01f8ZPpWM.js Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/index-6a5a1645.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `914cd9fdbc172d3edcf9a61f563cd296fd276d4d33e29c4e293937e9bd9760c7` Request headers Referer Origin https://postnord-dk.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:15 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 29 May 2024 07:36:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"7d4-18fc3476860" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VHhww0OmQMPZjTsdRpiPrH8P9Jx8J94KHLTb09zlUUvw4PSKiY9pi7YrKHvXZCOBfb1krP2phZ17%2FvWjEqMw54BwT3%2FLLSxlsqk8puYsg6MgTPnxV2Mptytv6iJk0A7AK0E%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8b701bfeec4f2f69-LAX alt-svc h3=":443"; ma=86400
GET H3	200	7de68cc5ZPpWM.js Show response postnord-dk.icu/DSGzt9/assets/	3 KB 2 KB	130ms 130ms	Script application/javascript	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/assets/7de68cc5ZPpWM.js Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/index-6a5a1645.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `229aabb3db33d604462e3d8a48ac853182dbffb8bc8b7c0229c0cfce12f254e2` Request headers Referer Origin https://postnord-dk.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:15 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 29 May 2024 07:36:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"a7f-18fc3476860" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F3pYDGMJTs7va7v5WFqIQUorqw2PLalrZIF3hqy3gmFJdSvSXRMtM0OV2uwHKoEJRvzt%2FMGcf%2BNayI3RUDqC%2Fcqep0FpX9OfOLufwXB8jbq1z4FD%2FzTb0xdhXCuHOGVqUhM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8b701bfeec542f69-LAX alt-svc h3=":443"; ma=86400
GET H3	200	ae452234ZPpWM.js Show response postnord-dk.icu/DSGzt9/assets/	117 KB 31 KB	134ms 134ms	Script application/javascript	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/assets/ae452234ZPpWM.js Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/index-6a5a1645.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b1166fb0052605d6c229087e475ce0715585dad7eb40d2170252e1a350c8ee0c` Request headers Referer Origin https://postnord-dk.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:15 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 29 May 2024 07:36:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1d2be-18fc3477030" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SxBdZtu76cEI3Y1Fr1tl2QJT%2BqHlqsLagUmatbDGXjdbVSXm48XdNBjJjYxjcz1pnPUIQGiyL6UaMFvRhWcSrXpS4SIocFiqevNMgWIBeiZvHszQ57HelJKQcgYde6gSLc8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8b701bfeec5b2f69-LAX alt-svc h3=":443"; ma=86400
GET H3	200	c27b6911ZPpWM.js Show response postnord-dk.icu/DSGzt9/assets/	2 KB 1 KB	100ms 100ms	Script application/javascript	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/assets/c27b6911ZPpWM.js Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/index-6a5a1645.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4b1a58eae69c38b656fcc5be6e4a650ead6c3029597b2ee2a4d4cc942e9dd6a5` Request headers Referer Origin https://postnord-dk.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:15 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 29 May 2024 07:36:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"7ce-18fc3477030" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zuCdRxr62tLJJW5Yb9EMVr51c7LJbfpfMgQ2whTEayJnNJ%2F6kg6fTKjEF6pq86BYTiF8krjagevksK1BS%2FU6rdOiwQseibNNuKa6%2F%2F6shNc7tShb2eMol5N0%2B08waR6qvM0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8b701bfeec5e2f69-LAX alt-svc h3=":443"; ma=86400
GET H3	200	dba37626bRia6.css postnord-dk.icu/DSGzt9/assets/	84 KB 19 KB	126ms 126ms	Stylesheet text/css	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/assets/dba37626bRia6.css Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/index-6a5a1645.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dba376269356c632a5a02c82da180a4b3370002aac4c5c715d9f91bb01f6e04e` Request headers Referer https://postnord-dk.icu/DSGzt9/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:15 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 29 May 2024 07:36:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"14f10-18fc3476860" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cx2rRhs%2B1ew%2FweWGqVFzWqw%2B9svcc5jiJKzrZURxC%2BQflovvxQmdi5dRLYpFMMb0yyEm5ZtkF9lGdiOc7FNjK2nIJhE9YOfzWC%2FY08XOKDN3zCtGgZudHqxJxtvWWQx0gZ0%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8b701bfeec5f2f69-LAX alt-svc h3=":443"; ma=86400
GET H3	200	5ce5fa4eZPpWM.js Show response postnord-dk.icu/DSGzt9/assets/	6 KB 3 KB	131ms 130ms	Script application/javascript	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/assets/5ce5fa4eZPpWM.js Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/index-6a5a1645.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `43aac3f836f900f13718f562faba12662eb02249bb21672ad34101b1b37b2ef5` Request headers Referer Origin https://postnord-dk.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:15 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 29 May 2024 07:36:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"18b4-18fc3476860" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rONzCVUxb%2BsN6aa%2BbZthqWZObpQwyJE0io3cXY1eZGXpeg4hEhEIBBrus9SUFPvQx4wxfMSneFWW7jBcdO4S9cTnDWtas%2F0wUgFBgFHjxrZu%2B1QVzSEX0P5GJJ9ew%2B7kT6w%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8b701bfeec642f69-LAX alt-svc h3=":443"; ma=86400
GET H3	200	4cd1ec68bRia6.css postnord-dk.icu/DSGzt9/assets/	323 B 683 B	145ms 144ms	Stylesheet text/css	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/assets/4cd1ec68bRia6.css Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/index-6a5a1645.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4cd1ec684ce1c4f864a8e95f9f7695c7f708160192531ff8e55fc5023abf5b64` Request headers Referer https://postnord-dk.icu/DSGzt9/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:15 GMT content-encoding zstd cf-cache-status MISS last-modified Wed, 29 May 2024 07:36:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"143-18fc3476860" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4Jvc%2BRnYLv5LQuyJEqvtAYVEycUOaYf44QbnRwhl7Pq7dVxJbd%2Fz%2BLg2Rf1D6xFNa7WF1AQ%2FAsiN8ahHn8zDbWDe3cGf75Em8JD3nLQj4ip9YlsrL68SIkqDz3iZMLJWa0%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8b701bfeec672f69-LAX alt-svc h3=":443"; ma=86400
POST H3	200	MC45NDMxMjIyMjc0OTEwMTQz Show response postnord-dk.icu/api/	536 B 903 B	108ms 106ms	XHR application/json	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/api/MC45NDMxMjIyMjc0OTEwMTQz Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/index-6a5a1645.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `384fdcbea655d9079e93167e77715afc8a0b36b8b9e508edbb527a47bb44dc72` Request headers Referer https://postnord-dk.icu/DSGzt9/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/encrypt Response headers date Thu, 22 Aug 2024 04:27:15 GMT content-encoding zstd cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"218-oHn/ralTq5jRRDNSGisVoKR7MqQ" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IOZ8s4rVR1O86eEieMVIGhRxt7opqfHZWcAHc13xIAuaHOnmrdwDIj66vZr40AvPj4UgZTVx90s9XRWXJzXSIPDq7L%2BeLMmz1i0q%2BPwj%2BUHeJtS1tNBXmGvwXTemYiXiYMo%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 8b701c000e542f69-LAX alt-svc h3=":443"; ma=86400
GET H3	200	b1baedebZPpWM.js Show response postnord-dk.icu/DSGzt9/assets/	111 KB 33 KB	111ms 111ms	Script application/javascript	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/assets/b1baedebZPpWM.js Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/index-6a5a1645.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bf2e92ac5fdfde49ccd3f829353e9b48bd0e4b32b5657ac6f3919d4b72b5243b` Request headers Referer Origin https://postnord-dk.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:15 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 29 May 2024 07:36:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1bbf7-18fc3477030" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4tQUDwZ9wBy6nsWjPsNTwsA5R7yA5abpiAMejiDeklv839GP6yqxzwdTx8R6NXVkm0mOG0OeVVqzJdNahandwIsdvSwV69J1EmbTyWZjQy8Mr%2FTG8datZr37S2cFzlvT%2Bmo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8b701c00bf722f69-LAX alt-svc h3=":443"; ma=86400
GET H3	200	/ Show response postnord-dk.icu/socket.io/	118 B 532 B	93ms 93ms	XHR text/plain	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/socket.io/?EIO=4&transport=polling&t=P5uLhpJ Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/b1baedebZPpWM.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4df0f2c47bb198638c9aec41f71c53b3ad26ee716f1a5de7230afef818ce26dc` Request headers Accept / Referer https://postnord-dk.icu/DSGzt9/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:16 GMT content-encoding zstd cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ytXirNLJuf400WfwnaOloT4o%2FsKRTNoywxhIEmi4R2doJ8imAMfoRC%2BOkJ2BgvysVz7yxi3jzUrJHJeV4nQbPDdShSUCRgpT6QinPak0R6aWO7e2h7YFv%2FFvst4lMPSUMI%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 access-control-allow-origin * cache-control no-store cf-ray 8b701c0198942f69-LAX alt-svc h3=":443"; ma=86400
GET H3	200	c2deb89eZPpWM.js Show response postnord-dk.icu/DSGzt9/assets/	112 KB 36 KB	172ms 171ms	Script application/javascript	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/assets/c2deb89eZPpWM.js Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/index-6a5a1645.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a3481b83b5a989d47d6073b17f5991dd96c6fc1659348cdf19d0223c2ad774d5` Request headers Referer Origin https://postnord-dk.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:16 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 29 May 2024 07:36:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1c1dd-18fc3477030" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yy90vWzmg%2BCNmeLHZ45IXxAQy56kcy%2B9C2GG7VLAZGecVm8SzmRvvR12V4H9xiMABpnM%2FTDJ7O9zsrVcWio%2BgAOI%2Fkbx%2FD9xlhelCSBW%2FTiSfeUlni28l3iPUG0Y7kK7%2BZY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8b701c0198952f69-LAX alt-svc h3=":443"; ma=86400
GET H3	200	f4397cedbRia6.css postnord-dk.icu/DSGzt9/assets/	400 B 749 B	191ms 190ms	Stylesheet text/css	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/assets/f4397cedbRia6.css Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/index-6a5a1645.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917` Request headers Referer https://postnord-dk.icu/DSGzt9/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:16 GMT content-encoding zstd cf-cache-status MISS last-modified Wed, 29 May 2024 07:36:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"190-18fc3476860" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3zDAWM3Ghs83Bji2NflboI96jPsnKad45kBCYQ8zkTBbE6IVaF5igma%2FC8vUk1%2Bw7Hn4%2Bn2cNsFtXJkWtlvRCIjUnFS0FeTiAkFnsE%2FhwLhHzyoyV0xFOynl37ViqjRQalg%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8b701c0198982f69-LAX alt-svc h3=":443"; ma=86400
POST H3	200	/ Show response postnord-dk.icu/socket.io/	2 B 416 B	97ms 96ms	XHR text/html	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/socket.io/?EIO=4&transport=polling&t=P5uLhqr&sid=MhNHsHPdXoi10-rGAAYt Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/b1baedebZPpWM.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Accept / Referer https://postnord-dk.icu/DSGzt9/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers date Thu, 22 Aug 2024 04:27:16 GMT content-encoding zstd cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H1G%2FlYvwAJI20oTs0fG5XRzESIHB61YbFGGiD987xDRwVD%2FFS4A2sfvUSlk%2FTjtBpybj1PEmcGXmH4ffN5qgwXg8ZwgOJ2jRGebrgy1CDj%2FU8mMlxcb9kttn8OrjaL1b6Ug%3D"}],"group":"cf-nel","max_age":604800} content-type text/html access-control-allow-origin * cache-control no-store cf-ray 8b701c02296f2f69-LAX alt-svc h3=":443"; ma=86400
GET H3	200	/ Show response postnord-dk.icu/socket.io/	32 B 441 B	98ms 98ms	XHR text/plain	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/socket.io/?EIO=4&transport=polling&t=P5uLhqs&sid=MhNHsHPdXoi10-rGAAYt Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/b1baedebZPpWM.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `07234ca93fb035767eeb60b66e4b8d2a5756d0cc1841edbb5e857d57af773daf` Request headers Accept / Referer https://postnord-dk.icu/DSGzt9/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:16 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s0jMvjBXRnEWALBhs8gfqLEcQRH1xFUZ7%2BCe%2BIBMME3aZgW3LGFPHmXgM6KiEAZ87%2FP83pGXVYCeIesdovXkkf%2FacJsbuLQX%2FrC2bAM4pHEyMimRPkR2kWzbNv8XLbyssgw%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 access-control-allow-origin * cache-control no-store cf-ray 8b701c0229742f69-LAX alt-svc h3=":443"; ma=86400 content-length 32
GET H3	200	/ Show response postnord-dk.icu/socket.io/	58 B 485 B	99ms 98ms	XHR text/plain	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/socket.io/?EIO=4&transport=polling&t=P5uLhsQ&sid=MhNHsHPdXoi10-rGAAYt Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/b1baedebZPpWM.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c1af1739f3a56f2af919ec4b5893a2cf27130c992c4cac8346e2238fb635025e` Request headers Accept / Referer https://postnord-dk.icu/DSGzt9/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:16 GMT content-encoding zstd cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HEM0VLftnqhpaxFIOH2af%2BgMAYkwnB9%2FS5G69Pc%2FYJFIuRUWBbE8d6KSnrnqzC7C6t0FPdp7%2BQNABPIQv5OPBbfU81AmefsDT48DzrKEO9oQ0cQ9u0AAwa6NN3VldBVujZI%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 access-control-allow-origin * cache-control no-store cf-ray 8b701c02ca9e2f69-LAX alt-svc h3=":443"; ma=86400
POST H3	200	/ Show response postnord-dk.icu/socket.io/	2 B 423 B	93ms 93ms	XHR text/html	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/socket.io/?EIO=4&transport=polling&t=P5uLhsS&sid=MhNHsHPdXoi10-rGAAYt Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/b1baedebZPpWM.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Accept / Referer https://postnord-dk.icu/DSGzt9/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers date Thu, 22 Aug 2024 04:27:16 GMT content-encoding zstd cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M2kGHan9c9cQv%2BxGq9SNeZrY9tMkIV3%2Fn%2FprxTftCvj9G6KfsHGpagvzWQeBzRH0OZQVqr9YiVd4%2Byu%2BB%2Fq1Yxp%2BIOJB%2FyKdYvjz7IIM5mGOXn8qyzQKZF6weg8jeuG6Aro%3D"}],"group":"cf-nel","max_age":604800} content-type text/html access-control-allow-origin * cache-control no-store cf-ray 8b701c02caa42f69-LAX alt-svc h3=":443"; ma=86400
GET H3	200	93914d45bRia6.woff2 postnord-dk.icu/DSGzt9/assets/	25 KB 26 KB	106ms 105ms	Font font/woff2	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/assets/93914d45bRia6.woff2 Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/dba37626bRia6.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `93914d4538d1d68f086a4650fcaa932e8597caa2c86072650a44e9e7589955ff` Request headers Referer https://postnord-dk.icu/DSGzt9/assets/dba37626bRia6.css Origin https://postnord-dk.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:16 GMT cf-cache-status MISS last-modified Wed, 29 May 2024 07:36:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"651c-18fc3476860" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cpSbYKsQYj9OOuB6y1Vfl4WPwAk8602ym7YbS84%2FDQwRUsR8gxYTzYWemxQaBNaGGjjWv3z2Ch2RvcEabTftbpnVhK%2Fz3xX2crugD8SWxyUJ5v9aI09cgeQzWMbKmxCQ0BI%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cf-ray 8b701c033b612f69-LAX alt-svc h3=":443"; ma=86400 content-length 25884
GET H3	200	7e113240bRia6.woff2 postnord-dk.icu/DSGzt9/assets/	26 KB 26 KB	102ms 102ms	Font font/woff2	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/assets/7e113240bRia6.woff2 Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/dba37626bRia6.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7e113240915eaee7a6b2ac0f50df00b852c409f6e9ec94067081dd24be92f214` Request headers Referer https://postnord-dk.icu/DSGzt9/assets/dba37626bRia6.css Origin https://postnord-dk.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:16 GMT cf-cache-status MISS last-modified Wed, 29 May 2024 07:36:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66e4-18fc3476860" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uFhaiLOPcxxtGcR1xxfVD%2F1oG%2FyHedqINGfMMcF6U74GBkhNHH4QjpD%2BCX3mMwMmQzbUxYvUZUeNL4U7ewGO9eQojWaR32zCrgfBdLZ1NeawYV1OOc%2FRbW8o0XZYkbomVKA%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cf-ray 8b701c033b642f69-LAX alt-svc h3=":443"; ma=86400 content-length 26340
GET H3	200	6f78aac6bRia6.woff2 postnord-dk.icu/DSGzt9/assets/	27 KB 28 KB	115ms 114ms	Font font/woff2	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/DSGzt9/assets/6f78aac6bRia6.woff2 Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/dba37626bRia6.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6f78aac65f196e103c049969af692b75300c6ee41ece2df98293918edceca448` Request headers Referer https://postnord-dk.icu/DSGzt9/assets/dba37626bRia6.css Origin https://postnord-dk.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:16 GMT cf-cache-status MISS last-modified Wed, 29 May 2024 07:36:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6c70-18fc3476860" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ka%2BBkJThWea8fQDwVQZ3%2BUE7GCh9i4lU1s12MENtg3MO9jElraw19th158d8%2B1B3W%2BeXQxtGczgk814dA%2FXTSStzy14i7drnBaZ%2BDixx7P8bIrpB8IwOIr6OWh4z7FdAqIM%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cf-ray 8b701c033b662f69-LAX alt-svc h3=":443"; ma=86400 content-length 27760
GET H3	200	/ Show response postnord-dk.icu/socket.io/	98 B 524 B	146ms 145ms	XHR text/plain	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/socket.io/?EIO=4&transport=polling&t=P5uLht-&sid=MhNHsHPdXoi10-rGAAYt Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/b1baedebZPpWM.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a2a653cf4790d5d88c3a8e2f1c43bae69676073d2eeb233893b19b0b7dd27a19` Request headers Accept / Referer https://postnord-dk.icu/DSGzt9/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 04:27:16 GMT content-encoding zstd cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m5cO7Atatut%2BeExRSgeUg75pEfJPOp%2FRXYm09k%2FbW5z3s0dSZ4md6ngXTUeeQG5s6LQ%2FZlD2Y5uGNhu7or%2FPA4jScYjkNfb4KzNcmX%2BoKBlGfLLFxObmvbGCaaibjHpL%2Bz4%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 access-control-allow-origin * cache-control no-store cf-ray 8b701c036bba2f69-LAX alt-svc h3=":443"; ma=86400
POST H3	200	MC44NzU0NjQwNDUzODczNTg2 Show response postnord-dk.icu/api/	36 B 472 B	88ms 87ms	XHR application/json	172.67.208.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postnord-dk.icu/api/MC44NzU0NjQwNDUzODczNTg2 Requested by Host: postnord-dk.icu URL: https://postnord-dk.icu/DSGzt9/assets/index-6a5a1645.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `665736004b357b099cc6db0c016168641d8f9130bd300a7efd1927669658f119` Request headers Referer https://postnord-dk.icu/DSGzt9/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/encrypt Response headers date Thu, 22 Aug 2024 04:27:18 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"24-C5GeBePgnh3kyaMj4bwF631ssP0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j5%2FXiKBYmfYsReN04tneJdCHH2R9PJp1oeB6pmeqFHo20d99BJ%2Fl3seb3%2Fs9QlN34l7hY9reUrtwq463eK9LuxnZiakiUQbFcxLFL0yyzAqM8ywF%2B8SJGlyXu%2FF7JlsdwJg%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 8b701c10f8f72f69-LAX alt-svc h3=":443"; ma=86400 content-length 36

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PostNord AB (Transportation)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| IMask boolean| __vite_is_modern_browser boolean| __VUE__

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bit.ly/	1970-01-21 03:17:32	Name: _bit Value: o7m4re-b06354991ca2a9b32d-00C

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
postnord-dk.icu
172.67.208.143
67.199.248.11
07234ca93fb035767eeb60b66e4b8d2a5756d0cc1841edbb5e857d57af773daf
0dd309d6c971ab65c12ff410b469084b87516e4f720e04f2e698b46beea27dc7
229aabb3db33d604462e3d8a48ac853182dbffb8bc8b7c0229c0cfce12f254e2
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
384fdcbea655d9079e93167e77715afc8a0b36b8b9e508edbb527a47bb44dc72
43aac3f836f900f13718f562faba12662eb02249bb21672ad34101b1b37b2ef5
44194c17318edb717e421551162d503fb967445cc74a74262de58010a3071496
4b1a58eae69c38b656fcc5be6e4a650ead6c3029597b2ee2a4d4cc942e9dd6a5
4cd1ec684ce1c4f864a8e95f9f7695c7f708160192531ff8e55fc5023abf5b64
4df0f2c47bb198638c9aec41f71c53b3ad26ee716f1a5de7230afef818ce26dc
665736004b357b099cc6db0c016168641d8f9130bd300a7efd1927669658f119
684a6807a52e8934ec1adbd04c57efbfcba0f9b724cd0d895d5897e6e83da36c
6f78aac65f196e103c049969af692b75300c6ee41ece2df98293918edceca448
7e113240915eaee7a6b2ac0f50df00b852c409f6e9ec94067081dd24be92f214
914cd9fdbc172d3edcf9a61f563cd296fd276d4d33e29c4e293937e9bd9760c7
9229bc150b7631494ae964c0185067f6d40d62dbba088ddf93026c0179062d50
93914d4538d1d68f086a4650fcaa932e8597caa2c86072650a44e9e7589955ff
a2a653cf4790d5d88c3a8e2f1c43bae69676073d2eeb233893b19b0b7dd27a19
a3481b83b5a989d47d6073b17f5991dd96c6fc1659348cdf19d0223c2ad774d5
b1166fb0052605d6c229087e475ce0715585dad7eb40d2170252e1a350c8ee0c
bf2e92ac5fdfde49ccd3f829353e9b48bd0e4b32b5657ac6f3919d4b72b5243b
bfe487694adff1d4111e60cfd762873a9e29a06ce112877b50d8928beb334659
c1af1739f3a56f2af919ec4b5893a2cf27130c992c4cac8346e2238fb635025e
dba376269356c632a5a02c82da180a4b3370002aac4c5c715d9f91bb01f6e04e
e82a18843adf1adcd57a350581835af847537e5cdecf35519f0b2a742547fe3b
f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917
f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911

postnord-dk.icu Open in urlscan Pro 172.67.208.143 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

390 kBTransfer

1104 kBSize

1 Cookies

36 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

postnord-dk.icu Open in urlscan Pro
172.67.208.143 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

390 kB
Transfer

1104 kB
Size

1
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!