urlscan.io logo urlscan.io
SecurityTrails logo

postnord.safedeals.art Open in urlscan Pro
45.89.54.167  Public Scan

Go To Rescan Add Verdict Report
URL: https://postnord.safedeals.art/safedeal/39579367ba1773/
Submission Tags: https://phish.report @phish_report Search All
Submission: On June 30 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 18 HTTP transactions. The main IP is 45.89.54.167, located in Bratislava, Slovakia and belongs to ESERVER-SK-AS, SK. The main domain is postnord.safedeals.art.
TLS certificate: Issued by R3 on May 11th 2023. Valid for: 3 months.
This is the only time postnord.safedeals.art was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 45.89.54.167 61424 (ESERVER-S...)
8 178.21.8.220 197695 (AS-REG)
4 52.222.149.32 16509 (AMAZON-02)
18 3
Apex Domain
Subdomains		 Transfer
8 replain.cc
widget.replain.cc — Cisco Umbrella Rank: 451215
app.replain.cc — Cisco Umbrella Rank: 449895
159 KB
6 safedeals.art
postnord.safedeals.art
57 KB
4 postnord.com
portal.postnord.com — Cisco Umbrella Rank: 527041
74 KB
18 3
Domain Requested by
6 postnord.safedeals.art postnord.safedeals.art
5 widget.replain.cc postnord.safedeals.art
widget.replain.cc
4 portal.postnord.com postnord.safedeals.art
3 app.replain.cc widget.replain.cc
18 4

This site contains links to these domains. Also see Links.

Domain
www.postnord.dk
www.postnord.se
Subject Issuer Validity Valid
postnord.safedeals.art
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
widget.replain.cc
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
portal.postnord.com
Amazon RSA 2048 M02		 2023-02-28 -
2024-01-12		 10 months crt.sh

This page contains 2 frames:

Primary Page: https://postnord.safedeals.art/safedeal/39579367ba1773/
Frame ID: 7392F288E6DB0081A86E2B4D181967C4
Requests: 11 HTTP requests in this frame

Frame: https://widget.replain.cc/dist/js/widget.2bce8a2c.js
Frame ID: 5231A927D8FF965F29B2572B35E5DCE0
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kenwood blender, Kenwood

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

290 kB
Transfer

535 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
postnord.safedeals.art/safedeal/39579367ba1773/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://postnord.safedeals.art/safedeal/39579367ba1773/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.89.54.167 Bratislava, Slovakia, ASN61424 (ESERVER-SK-AS, SK),
Reverse DNS
safedeals.art
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
44a42196b444e47eff7704535d5f2d623a78cadf72ff555fa932f19090ecf59d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Jun 2023 12:14:09 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
pn_style.css
postnord.safedeals.art/static/style/ 		36 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://postnord.safedeals.art/static/style/pn_style.css
Requested by
Host: postnord.safedeals.art
URL: https://postnord.safedeals.art/safedeal/39579367ba1773/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.89.54.167 Bratislava, Slovakia, ASN61424 (ESERVER-SK-AS, SK),
Reverse DNS
safedeals.art
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7995417643cd115c0991b6495acd30d3a3d08d9b2779857001741b25c78b607a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://postnord.safedeals.art/safedeal/39579367ba1773/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 12:14:09 GMT
Last-Modified
Wed, 11 Jan 2023 11:43:18 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"1673437398.0444024-36738-3025736294"
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache
Content-Disposition
inline; filename=pn_style.css
Connection
keep-alive
Content-Length
36738
delivery.svg
postnord.safedeals.art/static/style/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://postnord.safedeals.art/static/style/img/delivery.svg
Requested by
Host: postnord.safedeals.art
URL: https://postnord.safedeals.art/safedeal/39579367ba1773/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.89.54.167 Bratislava, Slovakia, ASN61424 (ESERVER-SK-AS, SK),
Reverse DNS
safedeals.art
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d5ad7ca667090e9f90788aa060cc408750534ad167b0d0773f175f5cdbfac97f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://postnord.safedeals.art/safedeal/39579367ba1773/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 12:14:09 GMT
Last-Modified
Wed, 11 Jan 2023 09:48:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"1673430480.7710733-16340-4274000847"
Content-Type
image/svg+xml; charset=utf-8
Cache-Control
no-cache
Content-Disposition
inline; filename=delivery.svg
Connection
keep-alive
Content-Length
16340
box.svg
postnord.safedeals.art/static/style/img/ 		741 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://postnord.safedeals.art/static/style/img/box.svg
Requested by
Host: postnord.safedeals.art
URL: https://postnord.safedeals.art/safedeal/39579367ba1773/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.89.54.167 Bratislava, Slovakia, ASN61424 (ESERVER-SK-AS, SK),
Reverse DNS
safedeals.art
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
612c2f678b0fb829e3413e857fd457e40ad41ca0043ceb0070c7481bd2854be1

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://postnord.safedeals.art/safedeal/39579367ba1773/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 12:14:09 GMT
Last-Modified
Wed, 11 Jan 2023 09:48:01 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"1673430481.2950766-741-2673021364"
Content-Type
image/svg+xml; charset=utf-8
Cache-Control
no-cache
Content-Disposition
inline; filename=box.svg
Connection
keep-alive
Content-Length
741
credit-card.svg
postnord.safedeals.art/static/style/img/ 		572 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://postnord.safedeals.art/static/style/img/credit-card.svg
Requested by
Host: postnord.safedeals.art
URL: https://postnord.safedeals.art/safedeal/39579367ba1773/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.89.54.167 Bratislava, Slovakia, ASN61424 (ESERVER-SK-AS, SK),
Reverse DNS
safedeals.art
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f44602b68c878b3ea0a7023e81a299d86838335f14163375277156ac7417810b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://postnord.safedeals.art/safedeal/39579367ba1773/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 12:14:09 GMT
Last-Modified
Wed, 11 Jan 2023 09:48:01 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"1673430481.035075-572-973280429"
Content-Type
image/svg+xml; charset=utf-8
Cache-Control
no-cache
Content-Disposition
inline; filename=credit-card.svg
Connection
keep-alive
Content-Length
572
invoice.svg
postnord.safedeals.art/static/style/img/ 		597 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://postnord.safedeals.art/static/style/img/invoice.svg
Requested by
Host: postnord.safedeals.art
URL: https://postnord.safedeals.art/safedeal/39579367ba1773/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.89.54.167 Bratislava, Slovakia, ASN61424 (ESERVER-SK-AS, SK),
Reverse DNS
safedeals.art
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
939817fbaed06365bc2207d21b542430a13f603d587c04e90e22459875db76df

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://postnord.safedeals.art/safedeal/39579367ba1773/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 12:14:09 GMT
Last-Modified
Wed, 11 Jan 2023 09:47:59 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"1673430479.9830685-597-3942519640"
Content-Type
image/svg+xml; charset=utf-8
Cache-Control
no-cache
Content-Disposition
inline; filename=invoice.svg
Connection
keep-alive
Content-Length
597
client.js
widget.replain.cc/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.replain.cc/dist/client.js
Requested by
Host: postnord.safedeals.art
URL: https://postnord.safedeals.art/safedeal/39579367ba1773/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.8.220 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
chat.cetis.ru
Software
nginx /
Resource Hash
a8ab98142920890b771f9e1e0ac61d349e1b0bf79fd2829eb70f2e8297b804d9

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://postnord.safedeals.art/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:14:05 GMT
content-encoding
gzip
last-modified
Thu, 08 Jun 2023 03:44:08 GMT
server
nginx
etag
W/"64814e88-de8"
content-type
application/javascript
cache-control
max-age=3600, public
expires
Fri, 30 Jun 2023 13:14:05 GMT
PostNordSans-Medium.woff2
portal.postnord.com/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portal.postnord.com/fonts/PostNordSans-Medium.woff2
Requested by
Host: postnord.safedeals.art
URL: https://postnord.safedeals.art/static/style/pn_style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-32.cdg52.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
a5907fb0803d2aba227d0c8179633ad5feaab2975bb7883ac09a8657ef933f11

Request headers

Referer
https://postnord.safedeals.art/
Origin
https://postnord.safedeals.art
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 09:23:37 GMT
x-amz-version-id
4TFwd3hHRSuGK9bUNVMoCWQ6o1SEFcwX
via
1.1 fb7dd4ab7d279a5ac003ba27474cf5ee.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P1
age
10228
x-cache
Hit from cloudfront
content-length
18624
x-ua-compatible
IE=Edge,chrome=1
last-modified
Thu, 08 Jul 2021 12:32:44 GMT
server
nginx/1.18.0
etag
"b898c7be9a6c426c57ee711801142417"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
f95i-rnJNlBvsqEljNg18uc549Pjb2nLitVRP_9tb5J1Cb9O8-vUDA==
PostNordSans-Light.woff2
portal.postnord.com/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portal.postnord.com/fonts/PostNordSans-Light.woff2
Requested by
Host: postnord.safedeals.art
URL: https://postnord.safedeals.art/static/style/pn_style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-32.cdg52.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
cb33b31f39c7c5e0b59f023ffa494d951544a4d97d86d83648b4ce9a87e8e838

Request headers

Referer
https://postnord.safedeals.art/
Origin
https://postnord.safedeals.art
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 09:23:37 GMT
x-amz-version-id
JY2TUB6HTYbjMkcYD37ekuw12ksZyG77
via
1.1 fb7dd4ab7d279a5ac003ba27474cf5ee.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P1
age
10228
x-cache
Hit from cloudfront
content-length
17924
x-ua-compatible
IE=Edge,chrome=1
last-modified
Thu, 08 Jul 2021 12:32:44 GMT
server
nginx/1.18.0
etag
"204691ef357645f1b88b79a6b5800583"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
jGWfnlBgJDLtW_xSHx_Bka_KrCCvkMKTOHW6awFws3hIvUu4D9nbug==
PostNordSans-Bold.woff2
portal.postnord.com/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portal.postnord.com/fonts/PostNordSans-Bold.woff2
Requested by
Host: postnord.safedeals.art
URL: https://postnord.safedeals.art/static/style/pn_style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-32.cdg52.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
925c29d9c349984b2c2fa129f9123515d42dddfb9c59fe08a6ac8eb85123d4e6

Request headers

Referer
https://postnord.safedeals.art/
Origin
https://postnord.safedeals.art
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 09:22:58 GMT
x-amz-version-id
6Ub5_ODE2ZbTSwAzMNj8rtAaTutdVb9E
via
1.1 fb7dd4ab7d279a5ac003ba27474cf5ee.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P1
age
10267
x-cache
Hit from cloudfront
content-length
18684
x-ua-compatible
IE=Edge,chrome=1
last-modified
Thu, 08 Jul 2021 12:32:44 GMT
server
nginx/1.18.0
etag
"cdbb430eb8a959e54d03839a49c2f293"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
fHBP4QatqrWYFHiTmVp_3BVhuzX62RQfRqGHLJpiPgh7WJzKhZN3ew==
PostNordSans-Regular.woff2
portal.postnord.com/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portal.postnord.com/fonts/PostNordSans-Regular.woff2
Requested by
Host: postnord.safedeals.art
URL: https://postnord.safedeals.art/static/style/pn_style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-32.cdg52.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
c3d6ac7c111917aa295e295cf90f5ab148f4b9b004bfcdfade7ad6ccca6da5cc

Request headers

Referer
https://postnord.safedeals.art/
Origin
https://postnord.safedeals.art
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 09:23:37 GMT
x-amz-version-id
DU8VIksKPOst..z0Wg7e2Os6h3pdkbjS
via
1.1 fb7dd4ab7d279a5ac003ba27474cf5ee.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P1
age
10228
x-cache
Hit from cloudfront
content-length
18456
x-ua-compatible
IE=Edge,chrome=1
last-modified
Thu, 08 Jul 2021 12:32:44 GMT
server
nginx/1.18.0
etag
"6e27090a4c7ad65ab906ec97e02eb795"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
cuyUsYA-OW9rxN7mDNsH-F5kSStUXT6rTDfdwDLHLm1NN7wfGAPjOg==
widget.2bce8a2c.js
widget.replain.cc/dist/js/ Frame 5231 		323 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.replain.cc/dist/js/widget.2bce8a2c.js
Requested by
Host: widget.replain.cc
URL: https://widget.replain.cc/dist/client.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.8.220 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
chat.cetis.ru
Software
nginx /
Resource Hash
dc0035dd99d695295370ac72f47c7b7bc32a9514dbaa45c2d353e1ffb8d749f1

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://postnord.safedeals.art/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
public
date
Fri, 30 Jun 2023 12:14:06 GMT
content-encoding
gzip
last-modified
Thu, 08 Jun 2023 03:43:46 GMT
server
nginx
etag
W/"64814e72-50bfb"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
expires
Sat, 29 Jun 2024 12:14:06 GMT
widget.bbae7d05.css
widget.replain.cc/dist/css/ Frame 5231 		45 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.replain.cc/dist/css/widget.bbae7d05.css
Requested by
Host: widget.replain.cc
URL: https://widget.replain.cc/dist/client.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.8.220 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
chat.cetis.ru
Software
nginx /
Resource Hash
60e4dbab265348f6e8d155d6a650cf0c60d07286d8e7c78efc2e689e28476f7e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://postnord.safedeals.art/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
public
date
Fri, 30 Jun 2023 12:14:06 GMT
content-encoding
gzip
last-modified
Thu, 08 Jun 2023 03:43:46 GMT
server
nginx
etag
W/"64814e72-b5f3"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
expires
Sat, 29 Jun 2024 12:14:06 GMT
auth
app.replain.cc/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.replain.cc/auth
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.8.220 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
chat.cetis.ru
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://postnord.safedeals.art
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://postnord.safedeals.art
allow
POST
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 30 Jun 2023 12:14:06 GMT
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
auth
app.replain.cc/ Frame 5231 		320 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.replain.cc/auth
Requested by
Host: widget.replain.cc
URL: https://widget.replain.cc/dist/js/widget.2bce8a2c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.8.220 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
chat.cetis.ru
Software
nginx /
Resource Hash
fea54feabb1e2ff3890c1082842860ee01972818e519d38be0004ab39e782e92
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://postnord.safedeals.art/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 30 Jun 2023 12:14:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff, nosniff
content-encoding
gzip
server
nginx
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
vary
Accept-Encoding
access-control-allow-origin
*
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
x-xss-protection
1; mode=block, 1; mode=block
notification.c5bc0cbc.mp3
widget.replain.cc/dist/media/ Frame 5231 		24 KB
24 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://widget.replain.cc/dist/media/notification.c5bc0cbc.mp3
Requested by
Host: postnord.safedeals.art
URL: https://postnord.safedeals.art/safedeal/39579367ba1773/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.8.220 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
chat.cetis.ru
Software
nginx /
Resource Hash
d29d3345cf4f562771b5b807bc898e977d32a63e49bb4b084dc86acae4597c1e

Request headers

Referer
https://postnord.safedeals.art/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=0-

Response headers

pragma
public
date
Fri, 30 Jun 2023 12:14:06 GMT
last-modified
Thu, 08 Jun 2023 03:43:46 GMT
server
nginx
etag
"64814e72-6053"
content-type
audio/mpeg
access-control-allow-origin
*
Content-Range
bytes 0-24658/24659
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
Content-Length
24659
expires
Sat, 29 Jun 2024 12:14:06 GMT
lang-en-json.f971d5a0.js
widget.replain.cc/dist/js/ Frame 5231 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.replain.cc/dist/js/lang-en-json.f971d5a0.js
Requested by
Host: widget.replain.cc
URL: https://widget.replain.cc/dist/js/widget.2bce8a2c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.8.220 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
chat.cetis.ru
Software
nginx /
Resource Hash
51ee66cb94d1f69ff172accdf998a4b0f8ded3a48b5367fa451b9ec41722e2e6

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://postnord.safedeals.art/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
public
date
Fri, 30 Jun 2023 12:14:08 GMT
content-encoding
gzip
last-modified
Thu, 08 Jun 2023 03:43:46 GMT
server
nginx
etag
W/"64814e72-1187"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
expires
Sat, 29 Jun 2024 12:14:08 GMT
logo-default.png
app.replain.cc/ Frame 5231 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.replain.cc/logo-default.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.8.220 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
chat.cetis.ru
Software
nginx /
Resource Hash
b3c27860935996ad254158082b7e75bacf50aaec182564f215461d8380840905

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://postnord.safedeals.art/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
public
date
Fri, 30 Jun 2023 12:14:08 GMT
last-modified
Thu, 08 Jun 2023 03:27:53 GMT
server
nginx
etag
"64814ab9-bf7"
content-type
image/png
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
3063
expires
Sat, 29 Jun 2024 12:14:08 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| replainSettings boolean| replainInitialized object| ReplainWidget function| ReplainAPI

0 Cookies