urlscan.io logo urlscan.io
SecurityTrails logo

post-kundenserv.nl Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nordwest-tour.ru/ton#ur
Effective URL: https://post-kundenserv.nl/TRAN/t/
Submission Tags: 0xscam
Submission: On May 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is post-kundenserv.nl.
TLS certificate: Issued by E1 on April 29th 2024. Valid for: 3 months.
This is the only time post-kundenserv.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a03:6f00:1::... 9123 (TIMEWEB-AS)
1 8 2a06:98c1:312... 13335 (CLOUDFLAR...)
9 3
Apex Domain
Subdomains		 Transfer
8 post-kundenserv.nl
post-kundenserv.nl
16 KB
1 nordwest-tour.ru
nordwest-tour.ru
282 B
9 2
Domain Requested by
8 post-kundenserv.nl 1 redirects nordwest-tour.ru
post-kundenserv.nl
1 nordwest-tour.ru
9 2

This site contains no links.

Subject Issuer Validity Valid
nordwest-tour.ru
R3		 2024-03-14 -
2024-06-12		 3 months crt.sh
post-kundenserv.nl
E1		 2024-04-29 -
2024-07-28		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://post-kundenserv.nl/TRAN/t/
Frame ID: FBA8B977782C0CB6B5CD62F5E70CC511
Requests: 5 HTTP requests in this frame

Frame: https://post-kundenserv.nl/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Frame ID: A174D0B9DB5AB51E1442793ED0999D9E
Requests: 2 HTTP requests in this frame

Frame: https://post-kundenserv.nl/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: 112FAE02F6E65FC5E3096F59232990F2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. https://nordwest-tour.ru/ton Page URL
  2. https://post-kundenserv.nl/TRAN/t/ Page URL
  3. https://post-kundenserv.nl/TRAN/t/ Page URL

Page Statistics

9
Requests

67 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

16 kB
Transfer

25 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nordwest-tour.ru/ton Page URL
  2. https://post-kundenserv.nl/TRAN/t/ Page URL
  3. https://post-kundenserv.nl/TRAN/t/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://post-kundenserv.nl/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://post-kundenserv.nl/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ton
nordwest-tour.ru/ 		152 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nordwest-tour.ru/ton
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:1::5c35:606c , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
5a05ecbb2a24f2f6c6e58b756c98b7bf2d63d75d858cf1195e75a2ed0a667acb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-length
152
date
Mon, 06 May 2024 13:43:00 GMT
etag
"98-617c671d4d140"
last-modified
Mon, 06 May 2024 10:22:21 GMT
server
nginx/1.24.0
/
post-kundenserv.nl/TRAN/t/ 		8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://post-kundenserv.nl/TRAN/t/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16dd96c18405b3abb9c1ab97b6ee51b0cd30d9598d792f6301f14f0da0ffd449
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://nordwest-tour.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
87f96593febebbbb-FRA
content-type
text/html; charset=utf-8
date
Mon, 06 May 2024 13:43:00 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zXIaTKbLJxZDLMHyjbULkeBoIMVJJDgosQdw5BYtEzHHaflIC2p43QFqom30Wng4mFZYQwGAiraVpPF8CbbbbXo13io5mhJwblRgCF02908U14rP%2BpW45rFvzfceocRi22lBMybqEVnIckauUboXixM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
favicon.ico
nordwest-tour.ru/ 		0
0
/
post-kundenserv.nl/TRAN/t/ 		0
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://post-kundenserv.nl/TRAN/t/
Requested by
Host: nordwest-tour.ru
URL: https://nordwest-tour.ru/ton
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Requested-TimeStamp-Expire
DskmMDWDY8j4S4bZDh5c0tCSBOo
yGPqmginawhJExMTLOBu7LOAaI
sec-ch-ua-mobile
?0
X-Requested-TimeStamp-Combination
4fo7MIwe4ZMQ2X3EnvhimHIqEc
25292529
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://post-kundenserv.nl/TRAN/t/
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 06 May 2024 13:43:00 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6r65bm6mVg95FJbsxkV1MY2Db2PKLzgr1iQs%2BFOPNeTvz1VM2FScLApr70MLc3A5ZvYd9gt1d%2Bx5P%2FzXwLr0%2FG0Q8o3iksWQXPzfxma1xSeMDL7WqHL%2Fy4A88rPXb7gxb6Np%2FXeJmqc%2FC1FYP4Yjkcg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87f9659518c3bbbb-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
post-kundenserv.nl/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/ Frame A174
Redirect Chain
  • https://post-kundenserv.nl/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://post-kundenserv.nl/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://post-kundenserv.nl/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Protocol
H3
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521762ffa2cc39374f4ef643ceba68fdcae0314d64e03d41351246ec237a496c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 06 May 2024 13:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ujQmjywHlXXaDoC%2BwYWPKokWyVmuxES83LprRTa5Q%2FwSm82luv7ThkFisJ70BAb1Rh33JCMUnM9Hu3QGbq%2FTHhRb%2BlrzLIpW8yaFsBWIe0eIcMueytfK6BgH43Shfk0AifrBqIzWg%2FwwPGF2lH%2BSFZU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
87f96595491bbbbb-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 06 May 2024 13:43:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nwYNGcxAzdMQckBFXAGCuGtvD%2BErp%2BAg2UehAilco3lrYJKr48CURhLS%2By3r0GoTmYAAtU37PZl9kLAK97I2NyUw7x9MvUtrH8XhW3%2Ff2IxYLP%2FuZxGlAfxm1qxShUOISw2RCldgsEtZBpNKjKNq1bM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
cache-control
max-age=300, public
cf-ray
87f9659518c7bbbb-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
87f96593febebbbb
post-kundenserv.nl/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame A174 		0
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://post-kundenserv.nl/cdn-cgi/challenge-platform/h/g/jsd/r/87f96593febebbbb
Requested by
Host: post-kundenserv.nl
URL: https://post-kundenserv.nl/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 May 2024 13:43:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=apfULdYuaFtoRpgQREpH6B2SoogTjfgjA%2BlbMtpzEQF3hCsP5FmT%2B%2FOAqFJkZeJJb9zD88B1NuLwZBt65FIpi26R0v0fZQwN2DeoPnZtIdnUiUr%2B8rsAr7Fv4LDlCKS%2FFEkbIPGqZhZLKnk%2BzXXEuaI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
87f96595c9dabbbb-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
Primary Request /
post-kundenserv.nl/TRAN/t/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://post-kundenserv.nl/TRAN/t/
Requested by
Host: nordwest-tour.ru
URL: https://nordwest-tour.ru/ton
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9628cd3df9fbec701bfa32a18d27b20cf98b413a1f1ead7a0e71197a3d1a8a80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://post-kundenserv.nl/TRAN/t/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87f96595c9dfbbbb-FRA
content-encoding
br
content-type
text/html
date
Mon, 06 May 2024 13:43:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WfxrT6UFn1wgyyNhpzj4muHxxP3woFiGt29REc%2BzNIIOXEqW0yaBQbYBE3GmKR61%2B2sej375Jz5EyzkJGMpESieB9Ra8p%2F2kIRXv%2ByEehsezg1CmuZlmsAKAkBDFEtZvQdAg0NYweVEnGAM5j9wHEQM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block 1; mode=block
main.js
post-kundenserv.nl/cdn-cgi/challenge-platform/scripts/jsd/ Frame 112F 		8 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://post-kundenserv.nl/cdn-cgi/challenge-platform/scripts/jsd/main.js
Requested by
Host: nordwest-tour.ru
URL: https://nordwest-tour.ru/ton
Protocol
H3
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521762ffa2cc39374f4ef643ceba68fdcae0314d64e03d41351246ec237a496c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 13:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ujQmjywHlXXaDoC%2BwYWPKokWyVmuxES83LprRTa5Q%2FwSm82luv7ThkFisJ70BAb1Rh33JCMUnM9Hu3QGbq%2FTHhRb%2BlrzLIpW8yaFsBWIe0eIcMueytfK6BgH43Shfk0AifrBqIzWg%2FwwPGF2lH%2BSFZU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
87f96595491bbbbb-FRA
alt-svc
h3=":443"; ma=86400
87f96595c9dfbbbb
post-kundenserv.nl/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 112F 		0
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://post-kundenserv.nl/cdn-cgi/challenge-platform/h/g/jsd/r/87f96595c9dfbbbb
Requested by
Host: post-kundenserv.nl
URL: https://post-kundenserv.nl/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 May 2024 13:43:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bgesv%2F61v3%2B%2BeD3aInKZPF1zjyDwGX%2BS4eG3KGkNnI16PmsaqzTdUWcCOA7phdKt%2FU769WQlQIIviTM8n4tI1m9zFV9EbWcitupLAxRD2Q7lHNJMc%2BKBfNS7x%2F5EWsChSB8ZXZsuaYouOXipZz5fs9o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
87f96596ab18bbbb-FRA
alt-svc
h3=":443"; ma=86400
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nordwest-tour.ru
URL
https://nordwest-tour.ru/favicon.ico

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

11 Cookies

Domain/Path Name / Value
post-kundenserv.nl/ Name: 89Z7C3mYvFPsDDevUp0zwU7M-Co
Value: qwalRrGSg4pf2NGNbx1Nwow3rMQ
post-kundenserv.nl/ Name: AaykaJoleqZbH1lyU3AkoSSDOZY
Value: 1715002967
post-kundenserv.nl/ Name: IwjGgIDBcS_df6belIDFl5NuFnw
Value: 1715089367
post-kundenserv.nl/ Name: 75nbKDaH9gmPKBLrP5wOi2_Y6Lw
Value: YXsHuorB85ohSy_KzdZSLgavnmo
post-kundenserv.nl/ Name: qjtQY8wVsppUVeRblN71SSGffrs
Value: qp-DgBsa_KaZONfreWuCYcOK-tU
post-kundenserv.nl/ Name: kBjyUCo6ELVh558v1i0NctwpaVc
Value: n9l9RFWkAclkyyrhlL_LoKckowE
post-kundenserv.nl/ Name: AkvKFxzezyL6gajII2ZxM1QcU0Y
Value: 1715002978
post-kundenserv.nl/ Name: BUD2-m1BOY0VZPVIMUBj8ED-tOY
Value: 1715089378
post-kundenserv.nl/ Name: tbrBMmU6amV5Wfklxl6htfhJTik
Value: e_-s6jMUnyaycbOdH5Y42sTsuXc
post-kundenserv.nl/ Name: JKSSpK9m8fw_enfIqOzezPSZxjE
Value: WS-RfISA2s5yntA99CdmWVA6_vI
.post-kundenserv.nl/ Name: cf_clearance
Value: BkswE2jD7iVvmCWjISUllB4ef4o3jUZ3u5IpE3HlEeU-1715002980-1.0.1.1-NAH3_Zp4fChfMJv1CC.d_2WQnqq6kzhjHn9w2IqTr4lEvgeZLUX1dVCiHqd4zQClUfPASb9Gk8nwzUFXcyD5SQ

2 Console Messages

Source Level URL
Text
network error URL: https://post-kundenserv.nl/TRAN/t/
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://post-kundenserv.nl/TRAN/t/
Message:
Failed to load resource: the server responded with a status of 403 ()