gtarp.be Open in urlscan Pro
2606:4700:3036::6815:387 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/index.php?email=karstenconstruction%40...
Effective URL:
https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/default.php
Submission: On June 16 via api (June 16th 2023, 5:25:45 am UTC) from IE — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3036::6815:387, located in United States and belongs to CLOUDFLARENET, US. The main domain is gtarp.be.
TLS certificate: Issued by GTS CA 1P5 on June 13th 2023. Valid for: 3 months.

This is the only time gtarp.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3036::6815:387	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.32.242.5 23.32.242.5	16625 (AKAMAI-AS) (AKAMAI-AS)
12	3

3 2606:4700:3036::6815:387 (United States)

ASN13335 (CLOUDFLARENET, US)

gtarp.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.32.242.5 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-242-5.deploy.static.akamaitechnologies.com

secure.wlxrs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	wlxrs.com secure.wlxrs.com — Cisco Umbrella Rank: 338870	23 KB
3	gtarp.be gtarp.be	16 KB
0	w3schools.com Failed www.w3schools.com Failed
12	3

	Domain	Requested by
3	secure.wlxrs.com	gtarp.be
3	gtarp.be	gtarp.be
0	www.w3schools.com Failed	gtarp.be
12	3

This site contains no links.

Subject Issuer	Validity	Valid
gtarp.be GTS CA 1P5	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.test.edgekey.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-13` - `2023-09-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/default.php
Frame ID: D95AC48385BF33F16120446D6B5061F2
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/index.php?email=ka... Page URL
https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/default.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

12
Requests

25 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

39 kB
Transfer

136 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/index.php?email=karstenconstruction%40live.com Page URL
https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/default.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	index.php Show response gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/	10 KB 4 KB	3235ms 53ms	Document text/html	2606:4700:3036::6815:387 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/index.php?email=karstenconstruction%40live.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:387 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash `18e28e47c05afb12b66054c5160974415e9967757f1f57419e15b933b86f0a42` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d80a22c9e2bbb95-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 16 Jun 2023 05:25:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YARtuMy%2Fu2hlHpOGxZnxavQ56TZqLyHFPWrgPzDDHETVFpxlYQov%2FQuQLn8Sx49isKuiYOKBazZYoOUO9qtXUdnqZ6CoCzPUPXmyy6ldQVBryrScAHFifVk14OoT5ulTJZ6j5%2FbCdw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding,User-Agent x-powered-by PHP/7.4.33
GET H/1.1	200 OK	NYKpPzcj59cAccountCSSX.css secure.wlxrs.com/jy5kqke3ytP4lb3i5ZDpNLiWSfajaQ-eDIOI7KaGMzOGtx7r-zkJzcZQdL-oXfcuo!qhAxV70lLofVjqeMaFkn0-MYEtUYM8BG5a7nbwMSo/Base/16.4.4507/	101 KB 20 KB	827ms 88ms	Stylesheet image/x-icon	23.32.242.5 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://secure.wlxrs.com/jy5kqke3ytP4lb3i5ZDpNLiWSfajaQ-eDIOI7KaGMzOGtx7r-zkJzcZQdL-oXfcuo!qhAxV70lLofVjqeMaFkn0-MYEtUYM8BG5a7nbwMSo/Base/16.4.4507/NYKpPzcj59cAccountCSSX.css?ZfDHJ0dwkwrfIMoja3-R7w Requested by Host: gtarp.be URL: https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/index.php?email=karstenconstruction%40live.com Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.32.242.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-32-242-5.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash `4b0e6a62b21d3b6aeeada5430d4a2b9dc9cb9176c984b26ff92aefcffd71ed4b` Request headers accept-language de-DE,de;q=0.9 Referer https://gtarp.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Fri, 16 Jun 2023 05:25:40 GMT Content-Encoding gzip Last-Modified Wed, 26 Feb 2014 18:00:31 GMT Server AkamaiNetStorage Vary Accept-Encoding Content-Type image/x-icon Connection keep-alive Accept-Ranges bytes Content-Length 19739
GET H/1.1	200 OK	invis.gif secure.wlxrs.com/$live.controls.images/is/	43 B 262 B	765ms 24ms	Image image/gif	23.32.242.5 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://secure.wlxrs.com/$live.controls.images/is/invis.gif Requested by Host: gtarp.be URL: https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/index.php?email=karstenconstruction%40live.com Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.32.242.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-32-242-5.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash `cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c` Request headers accept-language de-DE,de;q=0.9 Referer https://gtarp.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Fri, 16 Jun 2023 05:25:40 GMT Last-Modified Mon, 05 May 2014 18:05:20 GMT Server AkamaiNetStorage Connection keep-alive Accept-Ranges bytes Content-Length 43 Content-Type image/gif
GET H2	200	progressindicator.gif gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/	12 KB 12 KB	63ms 62ms	Image image/gif	2606:4700:3036::6815:387 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/progressindicator.gif Requested by Host: gtarp.be URL: https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/index.php?email=karstenconstruction%40live.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:387 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dfbfc72e2b282d309847621829b78cc68d8dc1e7e1a79899e7846935c18c1969` Request headers accept-language de-DE,de;q=0.9 Referer https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/index.php?email=karstenconstruction%40live.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 16 Jun 2023 05:25:40 GMT cf-cache-status MISS last-modified Tue, 09 Sep 2014 19:16:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3010-502a6c6853a80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2Byu6SUmRrxTXTOat0zB%2FHQjR5iZK700N%2FLC8y5yLrvWhM%2BSxiD4otPOEhiw0k8IzkSSYzM0KoZ04Bj3FHn%2B76b4iXy59ukdnLEDNzIYe6iBoO%2Bn5nts%2FGKXf%2BkzTcO6jgynalyZbA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 7d80a22cfe96bb95-FRA alt-svc h3=":443"; ma=86400 content-length 12304
GET H/1.1	200 OK	c4.png secure.wlxrs.com/$live.controls.images/h/	3 KB 3 KB	74ms 74ms	Image image/png	23.32.242.5 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://secure.wlxrs.com/$live.controls.images/h/c4.png Requested by Host: gtarp.be URL: https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/index.php?email=karstenconstruction%40live.com Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.32.242.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-32-242-5.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash `d71fb752bc1ddebdc8753fa4706280f90e0f03191e610cf65428c34804365e1b` Request headers accept-language de-DE,de;q=0.9 Referer https://gtarp.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Fri, 16 Jun 2023 05:25:40 GMT Last-Modified Wed, 05 Mar 2014 23:11:12 GMT Server AkamaiNetStorage Connection keep-alive Accept-Ranges bytes Content-Length 2987 Content-Type image/png
GET H3	200	Primary Request default.php gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/	10 KB 0	2408ms 2408ms	Document text/html	2606:4700:3036::6815:387 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/default.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:387 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash Request headers Referer https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/index.php?email=karstenconstruction%40live.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d80a24e18181cbb-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 16 Jun 2023 05:25:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hx4VhJGA8KUDsWjZd2KNku57PON6v6eqWoFeHGT%2Bd2mQ4bSg7NNk69ptaIvGVqxfJVjuu54jPAiPmDZ%2BL9b%2BrUAvz2muGNbz4bTWjC%2FPB8OxBFFiXO7JVRyb9%2B4KHdE3hJUuyvbK4w%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding,User-Agent x-powered-by PHP/7.4.33
GET		jquery.js www.w3schools.com/jquery/	0 0

GET		SpryValidationTextField.js gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/SpryAssets/	0 0

GET		R3WinLive1033.css gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/login_files/	0 0

GET		SpryValidationTextField.css gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/SpryAssets/	0 0

GET		untitled.png gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/	0 0

GET		email-decode.min.js gtarp.be/cdn-cgi/scripts/5c5dd728/cloudflare-static/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.w3schools.com
URL: https://www.w3schools.com/jquery/jquery.js

Domain: gtarp.be
URL: https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/SpryAssets/SpryValidationTextField.js

Domain: gtarp.be
URL: https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/login_files/R3WinLive1033.css

Domain: gtarp.be
URL: https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/SpryAssets/SpryValidationTextField.css

Domain: gtarp.be
URL: https://gtarp.be/000000000000009qwueyfgrey8edfvbdcv/MCROOUT/outlk/November/untitled.png

Domain: gtarp.be
URL: https://gtarp.be/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gtarp.be
secure.wlxrs.com
www.w3schools.com
gtarp.be
www.w3schools.com
23.32.242.5
2606:4700:3036::6815:387
18e28e47c05afb12b66054c5160974415e9967757f1f57419e15b933b86f0a42
4b0e6a62b21d3b6aeeada5430d4a2b9dc9cb9176c984b26ff92aefcffd71ed4b
cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c
d71fb752bc1ddebdc8753fa4706280f90e0f03191e610cf65428c34804365e1b
dfbfc72e2b282d309847621829b78cc68d8dc1e7e1a79899e7846935c18c1969

gtarp.be Open in urlscan Pro 2606:4700:3036::6815:387 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

25 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

39 kBTransfer

136 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Indicators

gtarp.be Open in urlscan Pro
2606:4700:3036::6815:387 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

25 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

39 kB
Transfer

136 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions