app.delivra.net Open in urlscan Pro
52.8.197.158  Public Scan

12 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response app.delivra.net/vo/	22 KB 22 KB	1730ms 1383ms	Document text/html	52.8.197.158 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.8.197.158 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-8-197-158.us-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 08ba61dd3ea61171c52425415a5a1a4dad7b652c1fe261efb45469ce4acc327b Security Headers Name Value Content-Security-Policy default-src 'none'; frame-src *; frame-ancestors 'self'; style-src 'self' 'unsafe-inline' *; img-src 'self' *; font-src 'self' *; media-src *; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers cache-control private content-length 22472 content-security-policy default-src 'none'; frame-src *; frame-ancestors 'self'; style-src 'self' 'unsafe-inline' *; img-src 'self' *; font-src 'self' *; media-src *; content-type text/html; charset=utf-8 date Fri, 01 Apr 2022 13:10:10 GMT referrer-policy origin-when-cross-origin server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-content-type-options nosniff x-frame-options SAMEORIGIN x-powered-by ASP.NET x-xss-protection 1; mode=block
GET H2	200	css2 fonts.googleapis.com/	2 KB 643 B	49ms 18ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto+Slab Requested by Host: app.delivra.net URL: https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0b72e8754f4b8ca49699c91863b662185d8b8d74178b13c7c4e38064c7a6fad0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://app.delivra.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 01 Apr 2022 13:10:11 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 01 Apr 2022 13:10:11 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 01 Apr 2022 13:10:11 GMT
GET H2	404	Moriston-Regular directemployers.org/wp-content/uploads/et-fonts/	0 0	844ms 185ms	Stylesheet text/html	104.197.85.218 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://directemployers.org/wp-content/uploads/et-fonts/Moriston-Regular Requested by Host: app.delivra.net URL: https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.85.218 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.85.197.104.bc.googleusercontent.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://app.delivra.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H2	200	css2 fonts.googleapis.com/	1003 B 921 B	47ms 17ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins Requested by Host: app.delivra.net URL: https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 92538185f11c2023bd0a5e7030688eafbbc0e4a71886c2b6e608399f1ec8fb5b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://app.delivra.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 01 Apr 2022 12:39:04 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 01 Apr 2022 13:10:11 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 01 Apr 2022 13:10:11 GMT
GET H/1.1	200 OK	DE-header-white.png de.nlx.org/email/photos/	31 KB 31 KB	576ms 443ms	Image image/png	143.204.98.95 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://de.nlx.org/email/photos/DE-header-white.png Requested by Host: app.delivra.net URL: https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.98.95 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-95.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 647c558eff26d3b8d5609057128375b6c24bf6341ea0a5d519630e3b9f19c36f Request headers Accept-Language de-DE,de;q=0.9 Referer https://app.delivra.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 13:10:12 GMT Via 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront) Last-Modified Tue, 01 Mar 2022 00:31:49 GMT Server AmazonS3 X-Amz-Cf-Pop FRA50-C1 ETag "7d9b7a684979632c1229bbf47b461113" X-Cache Miss from cloudfront x-amz-version-id PuM3o1GgMdZB1r4_77BClIPL3pY3zPXS Connection keep-alive Accept-Ranges bytes Content-Type image/png Content-Length 31424 X-Amz-Cf-Id 2_z-Lu91xaYhv8HO6_MwjAFEBtvNVeSa81K1E-23xdzvJanC9HsxAg==
GET H2	200	spacer.gif editor.ne16.com/	43 B 581 B	87ms 15ms	Image image/gif	2600:9000:214f:2000:1b:350b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://editor.ne16.com/spacer.gif Requested by Host: app.delivra.net URL: https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2000:1b:350b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Content-Security-Policy media-src *; object-src 'self'; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://app.delivra.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers x-amz-version-id jwiHBHAJqB24BHBBj9Xpd1xqkIZYuNZM via 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront) x-content-type-options nosniff age 2972 x-cache Hit from cloudfront date Fri, 01 Apr 2022 12:32:25 GMT x-amz-replication-status COMPLETED content-length 43 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Tue, 27 Feb 2018 17:48:40 GMT server AmazonS3 etag "325472601571f31e1bf00674c368d335" content-type image/gif cache-control max-age=3600 content-security-policy media-src *; object-src 'self'; x-amz-cf-pop FRA53-C1 accept-ranges bytes x-amz-cf-id iNfBJeP6cs_224mpgRXP3E86ixnOsGyu20PPrcoRhHYaiEgzeD5Qeg==
GET H/1.1	200 OK	Dan-headshot.png de.nlx.org/email/photos/	1 MB 1 MB	566ms 433ms	Image image/png	143.204.98.95 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://de.nlx.org/email/photos/Dan-headshot.png Requested by Host: app.delivra.net URL: https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.98.95 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-95.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash a6e292f97fcab798131018adc6a8411936dfac4415cf0001a2097022b8acd18c Request headers Accept-Language de-DE,de;q=0.9 Referer https://app.delivra.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Fri, 01 Apr 2022 13:10:12 GMT Via 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront) Last-Modified Tue, 01 Mar 2022 00:37:35 GMT Server AmazonS3 X-Amz-Cf-Pop FRA50-C1 ETag "07d18ec4fb29adb76b5bb591dddad622" X-Cache Miss from cloudfront x-amz-version-id 0o4lE2LTxfyGR9.SC0438gcGY7WCU6ku Connection keep-alive Accept-Ranges bytes Content-Type image/png Content-Length 1428643 X-Amz-Cf-Id cfwEE4-wnILAR4q0ZGDQKGUMKZWZpLjKm0qgfQYp4ty4SQLESaKURw==
GET H2	200	dan-signature.png editor.ne16.com/direct-employers/	45 KB 45 KB	850ms 778ms	Image image/png	2600:9000:214f:2000:1b:350b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://editor.ne16.com/direct-employers/dan-signature.png Requested by Host: app.delivra.net URL: https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2000:1b:350b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bdd08bab2e19496d1cb9cec7f4520d98b752757e57990bf9a4517c7e1bda6f72 Security Headers Name Value Content-Security-Policy media-src *; object-src 'self'; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://app.delivra.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Fri, 01 Apr 2022 13:10:12 GMT via 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop FRA53-C1 x-cache Miss from cloudfront x-amz-replication-status COMPLETED content-length 45867 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Tue, 01 Mar 2022 00:28:06 GMT server AmazonS3 etag "1af8044424f7b44078f4df4dae19528b" x-amz-version-id Ve26IUsqjKj7Dk9gdELwOW6R2olt_3fL cache-control max-age=3600 content-security-policy media-src *; object-src 'self'; accept-ranges bytes content-type image/png x-amz-cf-id opvuAPFzXZJN2pkx5tPsAi8f8rebNB6fGwpmd-1yYDzNvvc0mBCINg==

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			app.delivra.net/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: tgznqm2czeacv0lcm0vqym1v

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304 Message: Mixed Content: The page at 'https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304' was loaded over HTTPS, but requested an insecure element 'http://editor.ne16.com/spacer.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304 Message: Mixed Content: The page at 'https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304' was loaded over HTTPS, but requested an insecure element 'http://editor.ne16.com/spacer.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304 Message: Mixed Content: The page at 'https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304' was loaded over HTTPS, but requested an insecure element 'http://editor.ne16.com/spacer.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304(Line 296) Message: Mixed Content: The page at 'https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304' was loaded over HTTPS, but requested an insecure element 'http://editor.ne16.com/spacer.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304 Message: Mixed Content: The page at 'https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304' was loaded over HTTPS, but requested an insecure element 'http://editor.ne16.com/spacer.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304 Message: Mixed Content: The page at 'https://app.delivra.net/vo/?FileID=ee1f0787-cb8b-4cde-ad81-343eea2a3790&List%20ID=100304' was loaded over HTTPS, but requested an insecure element 'http://editor.ne16.com/spacer.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://directemployers.org/wp-content/uploads/et-fonts/Moriston-Regular Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; frame-src *; frame-ancestors 'self'; style-src 'self' 'unsafe-inline' *; img-src 'self' *; font-src 'self' *; media-src *;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.delivra.net
de.nlx.org
directemployers.org
editor.ne16.com
fonts.googleapis.com
104.197.85.218
143.204.98.95
2600:9000:214f:2000:1b:350b:3f00:93a1
2a00:1450:4001:830::200a
52.8.197.158
08ba61dd3ea61171c52425415a5a1a4dad7b652c1fe261efb45469ce4acc327b
0b72e8754f4b8ca49699c91863b662185d8b8d74178b13c7c4e38064c7a6fad0
647c558eff26d3b8d5609057128375b6c24bf6341ea0a5d519630e3b9f19c36f
92538185f11c2023bd0a5e7030688eafbbc0e4a71886c2b6e608399f1ec8fb5b
a6e292f97fcab798131018adc6a8411936dfac4415cf0001a2097022b8acd18c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bdd08bab2e19496d1cb9cec7f4520d98b752757e57990bf9a4517c7e1bda6f72