urlscan.io logo urlscan.io
SecurityTrails logo

liefer-pakete.com Open in urlscan Pro
104.21.7.110  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bandar89.f78escola.com/
Effective URL: https://liefer-pakete.com/login/
Submission: On February 24 via api from NL — Scanned from PT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 3 countries across 2 domains to perform 7 HTTP transactions. The main IP is 104.21.7.110, located in and belongs to CLOUDFLARENET, US. The main domain is liefer-pakete.com.
TLS certificate: Issued by GTS CA 1P5 on February 23rd 2024. Valid for: 3 months.
This is the only time liefer-pakete.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 94.126.169.173 33876 (FLESK-AS)
1 1 172.67.130.34 13335 (CLOUDFLAR...)
2 9 104.21.7.110 13335 (CLOUDFLAR...)
7 1
Apex Domain
Subdomains		 Transfer
10 liefer-pakete.com
liefer-pakete.com
32 KB
1 f78escola.com
bandar89.f78escola.com
269 B
7 2
Domain Requested by
10 liefer-pakete.com 3 redirects liefer-pakete.com
1 bandar89.f78escola.com 1 redirects
7 2

This site contains no links.

Subject Issuer Validity Valid
liefer-pakete.com
GTS CA 1P5		 2024-02-23 -
2024-05-23		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://liefer-pakete.com/login/
Frame ID: 34AFFF1149DED819514AE76AAB9859C4
Requests: 3 HTTP requests in this frame

Frame: https://liefer-pakete.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Frame ID: C2B3EDAB7A1C23C6BEF42FDA3C0969A9
Requests: 2 HTTP requests in this frame

Frame: https://liefer-pakete.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Frame ID: A710AA8AB5BEF632B505E871A97B0441
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. http://bandar89.f78escola.com/ HTTP 302
    http://liefer-pakete.com/login/ HTTP 301
    https://liefer-pakete.com/login/ Page URL
  2. https://liefer-pakete.com/login/ Page URL

Page Statistics

7
Requests

71 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

3
Countries

30 kB
Transfer

36 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bandar89.f78escola.com/ HTTP 302
    http://liefer-pakete.com/login/ HTTP 301
    https://liefer-pakete.com/login/ Page URL
  2. https://liefer-pakete.com/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bandar89.f78escola.com/ HTTP 302
  • http://liefer-pakete.com/login/ HTTP 301
  • https://liefer-pakete.com/login/
Request Chain 2
  • https://liefer-pakete.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://liefer-pakete.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Request Chain 4
  • https://liefer-pakete.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://liefer-pakete.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
liefer-pakete.com/login/
Redirect Chain
  • http://bandar89.f78escola.com/
  • http://liefer-pakete.com/login/
  • https://liefer-pakete.com/login/
19 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://liefer-pakete.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba6798932dec7079d124cd7d117cbe2f984328ca463d2ea0b6ebabcb6e3c4e75
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
85a6cd8a6ba22f86-MAD
content-type
text/html; charset=utf-8
date
Sat, 24 Feb 2024 09:50:11 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NumhciFzLQOu90lv6MK6FrENszZAyeGl%2FhccNHMQh5Au94MKGPcZZg91I74mQF%2B%2BLsoXjKJuMffy0sInFe308rsfiBQxRiYl8T09cj2YHCZi5Bep3bo7L9f2rKFGhp3OCQHTHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

CF-RAY
85a6cd892932dd7a-LHR
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 24 Feb 2024 09:50:11 GMT
Expires
Sat, 24 Feb 2024 10:50:11 GMT
Location
https://liefer-pakete.com/login/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnhI7IgItDx%2B7LlPHfWCR%2FQJG2HMH0%2BuInJClWfVblpp9QTbwUlmvAF6FZ4wXI%2Bv0QS5NAqlD5uMEtyVq6Z%2FDbPlko03H4vV3eCERodqseLM%2FArpL7fCGSjfr7jPeSzt%2BXK%2Bog%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
/
liefer-pakete.com/login/ 		0
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://liefer-pakete.com/login/
Requested by
Host: liefer-pakete.com
URL: https://liefer-pakete.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-Requested-TimeStamp-Expire
accept-language
pt-PT,pt;q=0.9
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
XGbAl6lJdEOgEVqDOf910vEoxk
43262247
Content-type
application/x-www-form-urlencoded
1z3wza1Y2FMJ3d9saOpEb3fx0
gtz3wq1Z-K8tJDiC8JyBcNGdR4
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Referer
https://liefer-pakete.com/login/
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp

Response headers

pragma
no-cache
date
Sat, 24 Feb 2024 09:50:11 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjBjoDhZAOBvFWKNhZb7jQikZDtRJzoH%2BMolypIw5Ef8zMoDssqJ%2F48OSU5SUNAckUfbnnK6AEKgRkIieezue8TaPkrb3xjgyVmgHWHViXbBj84YzgMFXq4gXcrxVkVDDEFxXw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
85a6cd8c6e692f86-MAD
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
liefer-pakete.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/ Frame C2B3
Redirect Chain
  • https://liefer-pakete.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://liefer-pakete.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://liefer-pakete.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Protocol
H2
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1db52e5e7d5f3211b932469486d5e4994177f92b6f52aaea96aba969f716621
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 09:50:11 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzaCsVC4cv96KgiqxVxABq2U6W7IQraqzogYE9UDH%2BgTVLG3JEqqsBjuyx8EnqGR%2B%2FaTQN2%2BX9b76UCxWnB51YqLyat%2Fx6haT9R2RHO9PgcSaZRokr0NJLwWC3sH4saVaNB3KA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
85a6cd8cdf192f86-MAD
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 24 Feb 2024 09:50:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZtKzxisP5P8IIWUT%2F1Gp0iW6j%2BHI%2FDg%2BVtYYmi5GZm%2Bx9HKZV01R0mPFcW9Ap00m1VNftPeuSGV0iZKFdBFfaf%2BEMN3eJZDfSnGRJNAhyTB6rLWsYRuI5l04Fv2Ou3kHcGm4g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
cache-control
max-age=300, public
cf-ray
85a6cd8c7e812f86-MAD
alt-svc
h3=":443"; ma=86400
85a6cd8a6ba22f86
liefer-pakete.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame C2B3 		0
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://liefer-pakete.com/cdn-cgi/challenge-platform/h/b/jsd/r/85a6cd8a6ba22f86
Requested by
Host: liefer-pakete.com
URL: https://liefer-pakete.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 24 Feb 2024 09:50:12 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwE8ZL58aHWGcusDzPomdrmPVBOHHGNaJ8xAG8rQZrT%2Fc6Zvu5Q%2B0%2Fm%2FeCtFSzzDuRR4vG7jAOPrS6WJh2Rhuh6c%2Bf4BaSH93qZ1NlmF2%2FlFvardss%2BQqXbWHO9TCMyoGJ6S6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
85a6cd8dbdce2159-MAD
alt-svc
h3=":443"; ma=86400
Primary Request /
liefer-pakete.com/login/ 		2 KB
1000 B 		Document
General
Check archive.org
Download Go to
Full URL
https://liefer-pakete.com/login/
Requested by
Host: liefer-pakete.com
URL: https://liefer-pakete.com/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ea37d43d7d69b43531c1d3d01b9c7943bcf9ac25c82daa61eae79f906898ea1
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://liefer-pakete.com/login/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85a6cd8dbdd12159-MAD
content-encoding
br
content-type
text/html
date
Sat, 24 Feb 2024 09:50:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFk%2Bd%2FnZSYeVv60uEo1dm9ppzu8WqWLJ62r6QVj5rn7Tf8s%2BNKroRabbCbBXQKw1urwcWafhhdGoGDTaLfgIncw02vKVEkNJs40p%2FgNKt1YmuGEH3LBss1YHgKRz3BuCiVWgJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
main.js
liefer-pakete.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/ Frame A710
Redirect Chain
  • https://liefer-pakete.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://liefer-pakete.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://liefer-pakete.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Protocol
H3
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3541ce68a4d7c3705209a325cadc569e7977093fba4c0127c9c777135dd59798
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 09:50:12 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiUROmG3mPUIYlC9fMyYpDb9FvJg1RrIT3wujk2rcuE1hdxl4DeDl8uxVzsFY8fDIjT1EcgcWEDQSuiv8pKanFNDFxaA%2BejJtx0Zqu386rSf6NRn9G5FL6qHmftIArlDBIyGiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
85a6cd8f7fe42159-MAD
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 24 Feb 2024 09:50:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3IYWhm86KPaPDQb4xeeGS%2Bf1x4ffvpbYgWxfjGug6FK%2FVhyzOktEoVRbPgFPd8f%2BLdxAO%2B1o%2F6whkeNoE8TJOao4CJAjiYWybuHohWIf29BU6DMzopHvDJWX9pzXuhUUu5gDg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
cache-control
max-age=300, public
cf-ray
85a6cd8f1f742159-MAD
alt-svc
h3=":443"; ma=86400
85a6cd8dbdd12159
liefer-pakete.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame A710 		0
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://liefer-pakete.com/cdn-cgi/challenge-platform/h/b/jsd/r/85a6cd8dbdd12159
Requested by
Host: liefer-pakete.com
URL: https://liefer-pakete.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 24 Feb 2024 09:50:12 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5zS6niuv%2FW%2BIDvrt8hV8e%2FSTy8bO8iFrAN6m00EJiSVs0MRXoYgbYfFbHISdWED1B4Rwk1RhLwNC%2BHmZqEORpDi5px2eY4If7%2FsG9msrZSmHg2D6Wrb04xWe%2Bb6yeO%2BNSrcHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
85a6cd90b9712159-MAD
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

11 Cookies

Domain/Path Name / Value
liefer-pakete.com/ Name: FS3Ydt_N49zRP5wcl2Gwt7zR0P8
Value: AVeJViTPZLFhKl0nHAcX5Rn3gRE
liefer-pakete.com/ Name: SAqHfxn-bitMg73lWLoKhCIHELI
Value: 1708768194
liefer-pakete.com/ Name: xDas2sYrO5mNf3JRpTlhOFyu9EI
Value: 1708854594
liefer-pakete.com/ Name: dabefr2OWPKG4dDJF7nM5Kea_x0
Value: 5sfGScyOlpu4ZHiFYskWS42OC6c
liefer-pakete.com/ Name: K51AuPswpYlLuJ0OpRIkoz0Vwb4
Value: P7A6nCpHV1zMlxKYSG7_4s2Djlo
liefer-pakete.com/ Name: T3Zm-WafqCtXiDBOUJSnacypJVk
Value: Dt3ABvS37l7YUVkQaxJwPqRDbTo
liefer-pakete.com/ Name: 2tmAgMg989Lqw9aXsECkZCqR3YY
Value: 1708768210
liefer-pakete.com/ Name: w3bvWDBnC0YRVk-7MUx535MzMbI
Value: 1708854610
liefer-pakete.com/ Name: Qwpf0gcPJtwNO4zCZwVT3-qSHRA
Value: NnoInv1MLdcFxsPmlxJGhs0hxTs
liefer-pakete.com/ Name: odLRjyD88uot-MHTIrKBDfgeV58
Value: WMnD97Cbvo3zNdq3hC5PKCVUWwg
.liefer-pakete.com/ Name: cf_clearance
Value: N2DokhoBEe8vnWWIk54lmrj7WIY_yDTpe0uXzO01vow-1708768212-1.0-AazPs97L1nEVLyWjVy1FeQwX6JTFgtOgqs4diNqhs1u3SZaW6DOimk4Idn6cixLY5iQRTW+zPJKasgsd4+cpBRU=

2 Console Messages

Source Level URL
Text
network error URL: https://liefer-pakete.com/login/
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://liefer-pakete.com/login/
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block