rma.logistyx.net Open in urlscan Pro
51.105.106.185 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rma.tntexpressonline.com/booking?UID=3CA4E82DE5FF3B1F44C788351C93D922
Effective URL:
https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922
Submission: On August 12 via manual (August 12th 2022, 3:59:39 pm UTC) from US — Scanned from NL

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 51.105.106.185, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is rma.logistyx.net.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on May 27th 2020. Valid for: 2 years.

This is the only time rma.logistyx.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	80.95.171.54 80.95.171.54	24586 (NL-INTERM...) (NL-INTERMAX Intermax Cloudsourcing B.V.)
1 10	51.105.106.185 51.105.106.185	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	1

1 80.95.171.54 (Cuijk, Netherlands) 1 redirects

ASN24586 (NL-INTERMAX Intermax Cloudsourcing B.V., NL)
PTR: tnt.intermax.nl

rma.tntexpressonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 51.105.106.185 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

rma.logistyx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	logistyx.net 1 redirects rma.logistyx.net	267 KB
1	tntexpressonline.com 1 redirects rma.tntexpressonline.com	320 B
9	2

	Domain	Requested by
10	rma.logistyx.net	1 redirects rma.logistyx.net
1	rma.tntexpressonline.com	1 redirects
9	2

This site contains no links.

Subject Issuer	Validity	Valid
*.logistyx.net Sectigo RSA Organization Validation Secure Server CA	`2020-05-27` - `2022-08-18`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922
Frame ID: D7D70FFBBBFD3DED1E9C004CBFC67FA0
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TNT RMA - Enter Authorization Number

Page URL History Show full URLs

https://rma.tntexpressonline.com/booking?UID=3CA4E82DE5FF3B1F44C788351C93D922 HTTP 301
http://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 HTTP 301
https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

266 kB
Transfer

264 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rma.tntexpressonline.com/booking?UID=3CA4E82DE5FF3B1F44C788351C93D922 HTTP 301
http://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 HTTP 301
https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response rma.logistyx.net/booking/ Redirect Chain https://rma.tntexpressonline.com/booking?UID=3CA4E82DE5FF3B1F44C788351C93D922 http://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922	10 KB 11 KB	2082ms 2043ms	Document text/html	51.105.106.185 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.105.106.185 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `bd0ba0e97d21336cc464e0e80c172dbc433d4f29e8f453fb16510ee6cda84263` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Cache-Control private Connection keep-alive Content-Length 10582 Content-Type text/html Date Fri, 12 Aug 2022 15:59:34 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Redirect headers Connection keep-alive Content-Length 195 Content-Type text/html Date Fri, 12 Aug 2022 15:59:32 GMT Location https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 Server Microsoft-Azure-Application-Gateway/v2
GET H/1.1	200 OK	Validations.js Show response rma.logistyx.net/booking/includes/	15 KB 15 KB	21ms 20ms	Script application/javascript	51.105.106.185 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rma.logistyx.net/booking/includes/Validations.js Requested by Host: rma.logistyx.net URL: https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.105.106.185 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `90017eada170999c6f40dfa517b76ec0a7e12184874e35fea14e623f5c5b7afb` Request headers accept-language nl-NL,nl;q=0.9 Referer https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Fri, 12 Aug 2022 15:59:34 GMT ETag "0b25d136fc7c21:0" Last-Modified Wed, 29 Jan 2003 08:19:00 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 15359
GET H/1.1	200 OK	common.js Show response rma.logistyx.net/booking/includes/	7 KB 7 KB	59ms 26ms	Script application/javascript	51.105.106.185 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rma.logistyx.net/booking/includes/common.js Requested by Host: rma.logistyx.net URL: https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.105.106.185 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `509597aa350b20d8b4df755d69f2e9b73ea95df6cf20b4fbc72e16f4c160e16a` Request headers accept-language nl-NL,nl;q=0.9 Referer https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Fri, 12 Aug 2022 15:59:34 GMT ETag "03f8723c1d6cc1:0" Last-Modified Thu, 19 Jan 2012 15:43:50 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 6673
GET H/1.1	200 OK	json2.js Show response rma.logistyx.net/booking/includes/	17 KB 17 KB	73ms 41ms	Script application/javascript	51.105.106.185 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rma.logistyx.net/booking/includes/json2.js Requested by Host: rma.logistyx.net URL: https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.105.106.185 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `545702376ab709b91ca0479c1861558b6aedc312736257526ee311d3e9b31745` Request headers accept-language nl-NL,nl;q=0.9 Referer https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Fri, 12 Aug 2022 15:59:34 GMT ETag "0bbcc58aec8ce1:0" Last-Modified Mon, 14 Oct 2013 07:23:58 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 17468
GET H/1.1	200 OK	jquery-1.10.2.min.js Show response rma.logistyx.net/booking/includes/	91 KB 91 KB	73ms 42ms	Script application/javascript	51.105.106.185 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rma.logistyx.net/booking/includes/jquery-1.10.2.min.js Requested by Host: rma.logistyx.net URL: https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.105.106.185 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988` Request headers accept-language nl-NL,nl;q=0.9 Referer https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Fri, 12 Aug 2022 15:59:34 GMT ETag "0d22723aec8ce1:0" Last-Modified Mon, 14 Oct 2013 07:22:28 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 93107
GET H/1.1	200 OK	base.css rma.logistyx.net/booking/includes/css/	2 KB 2 KB	39ms 19ms	Stylesheet text/css	51.105.106.185 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rma.logistyx.net/booking/includes/css/base.css Requested by Host: rma.logistyx.net URL: https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.105.106.185 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `ca27a51596aadc7ccc265693e3346c6b4136ff99ffe48ffff26061518956335f` Request headers accept-language nl-NL,nl;q=0.9 Referer https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Fri, 12 Aug 2022 15:59:34 GMT ETag "08831d4402cd11:0" Last-Modified Tue, 01 Dec 2015 14:01:52 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 2065
GET H/1.1	200 OK	base_TX56.css rma.logistyx.net/booking/includes/css/	3 KB 3 KB	54ms 24ms	Stylesheet text/css	51.105.106.185 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rma.logistyx.net/booking/includes/css/base_TX56.css Requested by Host: rma.logistyx.net URL: https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.105.106.185 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `05fc7fc8c1432b262f15812be0df6ec205025c12394046148a83e2e8f40acd95` Request headers accept-language nl-NL,nl;q=0.9 Referer https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Fri, 12 Aug 2022 15:59:34 GMT ETag "06a64455ad2cc1:0" Last-Modified Sat, 14 Jan 2012 01:17:24 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 3017
GET H/1.1	200 OK	TNTRMA-Logo.jpg rma.logistyx.net/booking/includes/images/	80 KB 80 KB	21ms 21ms	Image image/jpeg	51.105.106.185 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://rma.logistyx.net/booking/includes/images/TNTRMA-Logo.jpg Requested by Host: rma.logistyx.net URL: https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.105.106.185 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `67652e5215a17aac6c73c6b716d072f4cc8f4b57e8c3e97f6f4e388b4a135b21` Request headers accept-language nl-NL,nl;q=0.9 Referer https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Fri, 12 Aug 2022 15:59:34 GMT ETag "0587134639d01:0" Last-Modified Wed, 26 Nov 2014 10:24:48 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 81905
GET H/1.1	200 OK	TNTRMA-Login.jpg rma.logistyx.net/booking/includes/images/	39 KB 39 KB	19ms 19ms	Image image/jpeg	51.105.106.185 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://rma.logistyx.net/booking/includes/images/TNTRMA-Login.jpg Requested by Host: rma.logistyx.net URL: https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.105.106.185 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `ac75a6b14f67a677e96b6a7ce60eb1f5e30dcb122b4ff4cd48bbb8462eecb160` Request headers accept-language nl-NL,nl;q=0.9 Referer https://rma.logistyx.net/booking/?UID=3CA4E82DE5FF3B1F44C788351C93D922 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Fri, 12 Aug 2022 15:59:34 GMT ETag "0c1b6bbba8d01:0" Last-Modified Tue, 25 Nov 2014 14:18:50 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 40144

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			rma.logistyx.net/	1969-12-31 23:59:59	Name: ASPSESSIONIDCCCQCARS Value: MLOJNOMCAOFCEPDNNPAOLEBC

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rma.logistyx.net
rma.tntexpressonline.com
51.105.106.185
80.95.171.54
05fc7fc8c1432b262f15812be0df6ec205025c12394046148a83e2e8f40acd95
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
509597aa350b20d8b4df755d69f2e9b73ea95df6cf20b4fbc72e16f4c160e16a
545702376ab709b91ca0479c1861558b6aedc312736257526ee311d3e9b31745
67652e5215a17aac6c73c6b716d072f4cc8f4b57e8c3e97f6f4e388b4a135b21
90017eada170999c6f40dfa517b76ec0a7e12184874e35fea14e623f5c5b7afb
ac75a6b14f67a677e96b6a7ce60eb1f5e30dcb122b4ff4cd48bbb8462eecb160
bd0ba0e97d21336cc464e0e80c172dbc433d4f29e8f453fb16510ee6cda84263
ca27a51596aadc7ccc265693e3346c6b4136ff99ffe48ffff26061518956335f

rma.logistyx.net Open in urlscan Pro 51.105.106.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

266 kBTransfer

264 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

1 Cookies

Indicators

rma.logistyx.net Open in urlscan Pro
51.105.106.185 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

266 kB
Transfer

264 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions