urlscan.io logo urlscan.io
SecurityTrails logo

toestemming.ndcmediagroep.nl Open in urlscan Pro
143.204.94.53  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://authacc.frieschdagblad.nl/
Effective URL: https://toestemming.ndcmediagroep.nl/?token=5be4ba2e-4939-42b4-bfe8-48cdb13c294a
Submission: On October 05 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 6 HTTP transactions. The main IP is 143.204.94.53, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is toestemming.ndcmediagroep.nl.
TLS certificate: Issued by Amazon on April 9th 2020. Valid for: a year.
This is the only time toestemming.ndcmediagroep.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 31.186.164.9 35467 (DDF-AS)
1 143.204.94.53 16509 (AMAZON-02)
2 52.219.72.243 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
2 94.124.94.173 39704 (CJ2-AS)
6 4
2    31.186.164.9 (Leeuwarden, Netherlands)

ASN35467 (DDF-AS, NL)
PTR: 9.sub164.ddfr.nl
authacc.frieschdagblad.nl
mijnacc.frieschdagblad.nl
1    143.204.94.53 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-53.fra50.r.cloudfront.net
toestemming.ndcmediagroep.nl
2    52.219.72.243 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3.eu-central-1.amazonaws.com
s3.eu-central-1.amazonaws.com
1    2600:9000:2156:3400:17:d4e7:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.harvest.graindata.com
2    94.124.94.173 (Netherlands)

ASN39704 (CJ2-AS, NL)
PTR: vps-4-splunk-receive.cust.cj2.nl
splunk.ndcmediagroep.nl
Domain Requested by
2 splunk.ndcmediagroep.nl cdn.harvest.graindata.com
2 s3.eu-central-1.amazonaws.com toestemming.ndcmediagroep.nl
1 cdn.harvest.graindata.com toestemming.ndcmediagroep.nl
1 toestemming.ndcmediagroep.nl
1 mijnacc.frieschdagblad.nl 1 redirects
1 authacc.frieschdagblad.nl 1 redirects
6 6

This site contains links to these domains. Also see Links.

Domain
www.ndcmediagroep.nl
Subject Issuer Validity Valid
ndcmediagroep.nl
Amazon		 2020-04-09 -
2021-05-09		 a year crt.sh
*.s3.eu-central-1.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-10		 a year crt.sh
cdn.harvest.graindata.com
Amazon		 2020-06-29 -
2021-07-29		 a year crt.sh
splunk.ndcmediagroep.nl
Let's Encrypt Authority X3		 2020-09-14 -
2020-12-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://toestemming.ndcmediagroep.nl/?token=5be4ba2e-4939-42b4-bfe8-48cdb13c294a
Frame ID: 4AB4E3F21F79B449728F4D209305548F
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://authacc.frieschdagblad.nl/ HTTP 302
    https://mijnacc.frieschdagblad.nl/inloggen?redirect=https://authacc.frieschdagblad.nl/hash?h=W10= HTTP 302
    https://toestemming.ndcmediagroep.nl/?token=5be4ba2e-4939-42b4-bfe8-48cdb13c294a Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Page Statistics

6
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

6
Subdomains

4
IPs

3
Countries

111 kB
Transfer

327 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://authacc.frieschdagblad.nl/ HTTP 302
    https://mijnacc.frieschdagblad.nl/inloggen?redirect=https://authacc.frieschdagblad.nl/hash?h=W10= HTTP 302
    https://toestemming.ndcmediagroep.nl/?token=5be4ba2e-4939-42b4-bfe8-48cdb13c294a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
toestemming.ndcmediagroep.nl/
Redirect Chain
  • https://authacc.frieschdagblad.nl/
  • https://mijnacc.frieschdagblad.nl/inloggen?redirect=https://authacc.frieschdagblad.nl/hash?h=W10=
  • https://toestemming.ndcmediagroep.nl/?token=5be4ba2e-4939-42b4-bfe8-48cdb13c294a
13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://toestemming.ndcmediagroep.nl/?token=5be4ba2e-4939-42b4-bfe8-48cdb13c294a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.94.53 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-94-53.fra50.r.cloudfront.net
Software
/ up
Resource Hash
acfc8365765d96c723c154746f52730585db507a2a52d7796358df489bc205e3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
toestemming.ndcmediagroep.nl
:scheme
https
:path
/?token=5be4ba2e-4939-42b4-bfe8-48cdb13c294a
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html; charset=utf-8
content-length
3334
date
Mon, 05 Oct 2020 08:11:09 GMT
x-amzn-requestid
2220e28b-2f6e-4403-b68f-fa7aab8f5476
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
x-frame-options
SAMEORIGIN
x-download-options
noopen
set-cookie
_csrf=sXs13m9pXxAxp3R1QvAa0PYX; Path=/; HttpOnly; Secure; SameSite=Strict
x-amz-apigw-id
T7Y8jFHaliAFgmA=
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
up
etag
W/"35e4-2Gtr5SKE42gpTjZVzh48Ng6OKbw"
x-amzn-trace-id
Root=1-5f7ad51d-1e6ebfbc366933852b26b6ef;Sampled=0
x-amzn-remapped-date
Mon, 05 Oct 2020 08:11:09 GMT
x-cache
Miss from cloudfront
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
fNJQJlLRrCqiH5WkXtmCHNF8pJgawQDHsgrgKrlGjQiSN4P-_VVfzQ==

Redirect headers

status
302
server
nginx
date
Mon, 05 Oct 2020 08:11:08 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.2.33 PleskLin
set-cookie
ndc_consent_token=5be4ba2e-4939-42b4-bfe8-48cdb13c294a; expires=Mon, 05-Oct-2020 08:14:08 GMT; Max-Age=180; path=/ ndc_consent=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
location
https://toestemming.ndcmediagroep.nl/?token=5be4ba2e-4939-42b4-bfe8-48cdb13c294a
ndcmediagroep-logo.png
s3.eu-central-1.amazonaws.com/ndc-cookiewall-images/compressed/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.eu-central-1.amazonaws.com/ndc-cookiewall-images/compressed/ndcmediagroep-logo.png
Requested by
Host: toestemming.ndcmediagroep.nl
URL: https://toestemming.ndcmediagroep.nl/?token=5be4ba2e-4939-42b4-bfe8-48cdb13c294a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.72.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
37726398806789950507c0cc35a858f6ecb40784691eed50ffe77e801786ae64

Request headers

Referer
https://toestemming.ndcmediagroep.nl/?token=5be4ba2e-4939-42b4-bfe8-48cdb13c294a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 05 Oct 2020 08:11:10 GMT
Last-Modified
Fri, 13 Jul 2018 13:31:29 GMT
Server
AmazonS3
x-amz-request-id
37BDC66837CD5F9C
ETag
"6663fce49504c8a43e817c108cf7e6f4"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
6652
x-amz-id-2
v+agTBOoqSVp3XYYjcLWslQf5WWMTWpBgYvp1FL9UacLFYSjcaYyyB83Wuax5moN//UDw76NfnA=
harvest.js
cdn.harvest.graindata.com/ndc-cookiewall/prod/ 		278 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.harvest.graindata.com/ndc-cookiewall/prod/harvest.js
Requested by
Host: toestemming.ndcmediagroep.nl
URL: https://toestemming.ndcmediagroep.nl/?token=5be4ba2e-4939-42b4-bfe8-48cdb13c294a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3400:17:d4e7:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15eb14e33838360ff0a6cf198bd31404b9f7af039294854c1c7bd6e26bf36bf0

Request headers

Referer
https://toestemming.ndcmediagroep.nl/?token=5be4ba2e-4939-42b4-bfe8-48cdb13c294a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 05 Oct 2020 08:05:15 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 14:58:24 GMT
server
AmazonS3
age
355
etag
"d9bd39d6e48a692dcb596796c83b956b"
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
70676
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-id
G3m_1tyrzvZi3iRhv1s2qbLbqkqV8qoAJFVc5zqDwCM9F_C_qHiq6w==
ndcmediagroep-bgdesktop.jpeg
s3.eu-central-1.amazonaws.com/ndc-cookiewall-images/compressed/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.eu-central-1.amazonaws.com/ndc-cookiewall-images/compressed/ndcmediagroep-bgdesktop.jpeg
Requested by
Host: toestemming.ndcmediagroep.nl
URL: https://toestemming.ndcmediagroep.nl/?token=5be4ba2e-4939-42b4-bfe8-48cdb13c294a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.72.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4672b6b8f62a9f6acd3539af4b357aa845a51c5217fa3727cf71f3896690b767

Request headers

Referer
https://toestemming.ndcmediagroep.nl/?token=5be4ba2e-4939-42b4-bfe8-48cdb13c294a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 05 Oct 2020 08:11:10 GMT
Last-Modified
Fri, 13 Jul 2018 13:31:29 GMT
Server
AmazonS3
x-amz-request-id
7BC85A435DDE72B7
ETag
"ffa00ac40dc5ed43a2d79cb5e5ed5313"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
30089
x-amz-id-2
EWG65Lt/j9VgIPZPJzj+cbNmSd2ATZZ8xKW27i/ZgIhtj1Ummhh0IqYF8Ua+SliLqVjkJG+OBAk=
track
splunk.ndcmediagroep.nl/ 		0
447 B 		Other
General
Check archive.org
Download Go to
Full URL
https://splunk.ndcmediagroep.nl/track?event_id=ec5e4ec6-00ad-51c4-93f4-2399d3fbf1b6&type=tracking&method=beacon
Requested by
Host: cdn.harvest.graindata.com
URL: https://cdn.harvest.graindata.com/ndc-cookiewall/prod/harvest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.124.94.173 , Netherlands, ASN39704 (CJ2-AS, NL),
Reverse DNS
vps-4-splunk-receive.cust.cj2.nl
Software
nginx/1.17.8 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://toestemming.ndcmediagroep.nl/?token=5be4ba2e-4939-42b4-bfe8-48cdb13c294a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 05 Oct 2020 08:11:09 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.17.8
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
https://toestemming.ndcmediagroep.nl
Connection
keep-alive
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-DNS-Prefetch-Control
off
Vary
Origin
X-XSS-Protection
1; mode=block
track
splunk.ndcmediagroep.nl/ 		0
447 B 		Other
General
Check archive.org
Download Go to
Full URL
https://splunk.ndcmediagroep.nl/track?event_id=893ce41f-61a8-f1d7-6ce0-5c9532af4b02&type=tracking&method=beacon
Requested by
Host: cdn.harvest.graindata.com
URL: https://cdn.harvest.graindata.com/ndc-cookiewall/prod/harvest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.124.94.173 , Netherlands, ASN39704 (CJ2-AS, NL),
Reverse DNS
vps-4-splunk-receive.cust.cj2.nl
Software
nginx/1.17.8 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://toestemming.ndcmediagroep.nl/?token=5be4ba2e-4939-42b4-bfe8-48cdb13c294a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 05 Oct 2020 08:11:10 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.17.8
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
https://toestemming.ndcmediagroep.nl
Connection
keep-alive
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-DNS-Prefetch-Control
off
Vary
Origin
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| showAdvancedView function| showSimpleView function| togglePermissionsInTracking object| harvest object| harvestConfiguration string| harvest_library_version object| __core-js_shared__ object| core object| harvest_collect_debug object| tmsController

3 Cookies

Domain/Path Name / Value
.ndcmediagroep.nl/ Name: harvest_session
Value: %7B%22sessionUtmSource%22:%22%22,%22sessionUtmMedium%22:%22%22,%22sessionUtmCampaign%22:%22%22,%22sessionUtmContent%22:%22%22,%22sessionUtmTerm%22:%22%22,%22sessionGclid%22:%22%22,%22sessionDclid%22:%22%22,%22sessionID%22:%2206de17f5-0629-2466-ad70-d6f419b3f800%22,%22sessionReferrer%22:%22https://toestemming.ndcmediagroep.nl%22,%22sessionReferrerMatchingDomain%22:%22%22,%22sessionReferrerSecondLevelDomain%22:%22ndcmediagroep%22,%22totalEventCount%22:2,%22pageviewEventCount%22:0,%22interactionEventCount%22:1,%22medium%22:%22direct%22,%22source%22:%22none%22,%22campaign%22:%22%22,%22sourceMedium%22:%22none%20/%20direct%22,%22referrerIsExcluded%22:%220%22,%22rawReferrer%22:%22https://toestemming.ndcmediagroep.nl%22,%22isInvalidReferrerVariables%22:%220%22,%22channel%22:%22direct%22,%22sessionStart%22:%222020-10-05T08:11:09.222Z%22,%22adID%22:%22%22,%22adGroupID%22:%22%22,%22clickEventCount%22:0,%22adCampaignID%22:%22%22,%22adKeywordID%22:%22%22,%22adCreativeID%22:%22%22,%22adRandomNumber%22:%22%22,%22adData%22:%22%22,%22isNewSession%22:0,%22adKeyword%22:%22%22,%22isUnbounce%22:0%7D
.ndcmediagroep.nl/ Name: harvest_user
Value: %7B%22userID%22:%228226b40e-2340-f2d3-8719-2ce898791b18%22,%22userStart%22:%222020-10-05T08:11:09.220Z%22,%22sessionCount%22:1%7D
toestemming.ndcmediagroep.nl/ Name: _csrf
Value: sXs13m9pXxAxp3R1QvAa0PYX

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block