URL: https://post.pauments.kz/
Submission: On November 23 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 10 HTTP transactions. The main IP is 213.139.210.162, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is post.pauments.kz.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on November 23rd 2021. Valid for: 3 months.
This is the only time post.pauments.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 213.139.210.162 198610 (BEGET-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 92.46.220.184 9198 (KAZTELECO...)
2 2a00:1450:400... 15169 (GOOGLE)
10 5
Domain Requested by
4 post.pauments.kz post.pauments.kz
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com post.pauments.kz
1 pay.post.kz post.pauments.kz
1 cdnjs.cloudflare.com post.pauments.kz
10 5

This site contains links to these domains. Also see Links.

Domain
pay.post.kz
Subject Issuer Validity Valid
post.pauments.kz
ZeroSSL RSA Domain Secure Site CA
2021-11-23 -
2022-02-21
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
*.post.kz
Sectigo RSA Domain Validation Secure Server CA
2021-07-03 -
2022-07-10
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh

This page contains 1 frames:

Primary Page: https://post.pauments.kz/
Frame ID: 8B7A969395E4C91BB155172A8016D04E
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

PayPost

Page Statistics

10
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

254 kB
Transfer

356 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
post.pauments.kz/
788 B
707 B
Document
General
Full URL
https://post.pauments.kz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.139.210.162 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c5deab627c9bf0123cf810d294298aef8879a76afa7ddffc43bbd90c60ab6319

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Tue, 23 Nov 2021 16:28:19 GMT
Content-Type
text/html
Last-Modified
Tue, 23 Nov 2021 14:14:06 GMT
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"619cf72e-314"
Content-Encoding
gzip
app.ea9f88ec.css
post.pauments.kz/css/
14 KB
14 KB
Stylesheet
General
Full URL
https://post.pauments.kz/css/app.ea9f88ec.css
Requested by
Host: post.pauments.kz
URL: https://post.pauments.kz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.139.210.162 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bf67e7355eb803cb5710a67078de1715c7a872b53cabc0ba7a33ad46fd9d603e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://post.pauments.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 16:28:19 GMT
Last-Modified
Tue, 23 Nov 2021 14:14:06 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"619cf72e-37f1"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14321
app.82a2ef48.js
post.pauments.kz/js/
25 KB
26 KB
Script
General
Full URL
https://post.pauments.kz/js/app.82a2ef48.js
Requested by
Host: post.pauments.kz
URL: https://post.pauments.kz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.139.210.162 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
eec1b3ad32b2318386e09b29843bc47c9344c38d97cc0b27abe1c35f9533f392

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://post.pauments.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 16:28:19 GMT
Last-Modified
Tue, 23 Nov 2021 14:14:06 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"619cf72e-65a1"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26017
chunk-vendors.4a91a01f.js
post.pauments.kz/js/
150 KB
150 KB
Script
General
Full URL
https://post.pauments.kz/js/chunk-vendors.4a91a01f.js
Requested by
Host: post.pauments.kz
URL: https://post.pauments.kz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.139.210.162 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f2ac0b5e4a90c4238151b17d1aed1195c669c53ed5c47a1a8b2ba09023b9e047

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://post.pauments.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 16:28:19 GMT
Last-Modified
Tue, 23 Nov 2021 14:14:06 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"619cf72e-25671"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
153201
css2
fonts.googleapis.com/
25 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap
Requested by
Host: post.pauments.kz
URL: https://post.pauments.kz/css/app.ea9f88ec.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e626e17655e4bbf7a9a768e80f65b585f21139a2c6056027d8c852061939b675
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://post.pauments.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 16:28:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Nov 2021 16:28:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Nov 2021 16:28:19 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/
80 KB
15 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
Requested by
Host: post.pauments.kz
URL: https://post.pauments.kz/css/app.ea9f88ec.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81735261671cd094376ce5c6d31058c64fa70ad0f3b0798ffce2f2d8eeb7ab51
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://post.pauments.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 16:28:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
73706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14374
timing-allow-origin
*
last-modified
Tue, 21 Sep 2021 07:01:54 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61498362-3826"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ea60kw7R6W1Rx8b2nHgOxeabplCGALKoPrMTPRB%2FyTNpS%2BIKcMCbt5OfP%2F0%2FxpoPHG7i5qe6jMyqgVlpF%2F9QEcWFe1ss%2FTUV3KtjVS45j2NDR4l8sTYQXydyStsOYDo%2FbnLTFP3dlRT6KBfeMo4lWII%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b2bc51cf8c83756-MXP
expires
Sun, 13 Nov 2022 16:28:19 GMT
css
fonts.googleapis.com/
15 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap
Requested by
Host: post.pauments.kz
URL: https://post.pauments.kz/css/app.ea9f88ec.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e755b1135b0c7694a533d765932a2d306f4195536fbde4472809826167a89faa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://post.pauments.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 16:28:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Nov 2021 16:28:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Nov 2021 16:28:19 GMT
logo.svg
pay.post.kz/static/img/
6 KB
7 KB
Image
General
Full URL
https://pay.post.kz/static/img/logo.svg
Requested by
Host: post.pauments.kz
URL: https://post.pauments.kz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.46.220.184 Taldykorgan, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
92.46.220.184.static.telecom.kz
Software
nginx/1.20.1 /
Resource Hash
122669c755854a6d96d689e6aafc636bb094b75215224eacd9f95d7b82de30a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://post.pauments.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 16:28:22 GMT
Last-Modified
Fri, 19 Jun 2020 17:09:08 GMT
X-Frame-Option
ALLOW-FROM https://post.kz/
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=60, public
Connection
keep-alive
Content-Length
6604
Server
nginx/1.20.1
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://post.pauments.kz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 13:18:02 GMT
x-content-type-options
nosniff
age
357017
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 19 Nov 2022 13:18:02 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/
19 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://post.pauments.kz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 07:59:11 GMT
x-content-type-options
nosniff
age
30548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Nov 2022 07:59:11 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| webpackJsonp boolean| __VUE__

0 Cookies