gkdhre.tmstesting.xyz Open in urlscan Pro
173.231.22.251 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hqsvn.intercom-interactive.com/?aND4Ssn+Vs6zl8wJ60sxZR5nX0ZmFQm8a5PX8ezfPc09i6BGH7FipfzaMZbO+7SPE+uhbQuQx+8eYONH3PIaO3ANY7UeZeY...
Effective URL:
https://gkdhre.tmstesting.xyz/
Submission: On November 07 via api (November 7th 2023, 10:48:39 am UTC) from BE — Scanned from DE

Summary HTTP 1 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 5 domains to perform 1 HTTP transactions. The main IP is 173.231.22.251, located in United States and belongs to WEBNX, US. The main domain is gkdhre.tmstesting.xyz.
TLS certificate: Issued by R3 on October 17th 2023. Valid for: 3 months.

This is the only time gkdhre.tmstesting.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	5.161.187.121 5.161.187.121	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
1 1	52.5.195.119 52.5.195.119	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.247.235.145 34.247.235.145	16509 (AMAZON-02) (AMAZON-02)
1	173.231.22.251 173.231.22.251	18450 (WEBNX) (WEBNX)
1	1

1 5.161.187.121 (Ashburn, United States) 1 redirects

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.121.187.161.5.clients.your-server.de

hqsvn.intercom-interactive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.195.119 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-195-119.compute-1.amazonaws.com

www.tower-houses.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fashionstrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.235.145 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-235-145.eu-west-1.compute.amazonaws.com

vkmarketing2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.22.251 (United States)

ASN18450 (WEBNX, US)
PTR: hosting.mainvps.pro

gkdhre.tmstesting.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	tmstesting.xyz gkdhre.tmstesting.xyz	187 B
1	vkmarketing2.com 1 redirects vkmarketing2.com	602 B
1	fashionstrack.com 1 redirects fashionstrack.com	510 B
1	tower-houses.com 1 redirects www.tower-houses.com	537 B
1	intercom-interactive.com 1 redirects hqsvn.intercom-interactive.com	573 B
1	5

	Domain	Requested by
1	gkdhre.tmstesting.xyz
1	vkmarketing2.com	1 redirects
1	fashionstrack.com	1 redirects
1	www.tower-houses.com	1 redirects
1	hqsvn.intercom-interactive.com	1 redirects
1	5

This site contains no links.

Subject Issuer	Validity	Valid
www.gkdhre.tmstesting.xyz R3	`2023-10-17` - `2024-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gkdhre.tmstesting.xyz/
Frame ID: A80DD026AAA4E6111471875B85B66E1C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

Page Statistics

1
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response gkdhre.tmstesting.xyz/ Redirect Chain http://hqsvn.intercom-interactive.com/?aND4Ssn+Vs6zl8wJ60sxZR5nX0ZmFQm8a5PX8ezfPc09i6BGH7FipfzaMZbO+7SPE+uhbQuQx+8eYONH3PIaO3ANY7UeZeYRMhLc2BwF9S0gtjdQzX3aCb7Ujl/d4mio8OM4vSN20B+JMjtSCWWmNzFuDY9m9n... https://www.tower-houses.com/?13fe9d84310e77f13a6d184dbf1232f3&sid2=587335e67977fd6473eefdba72be35d5&campaignid=ho_qmx0lhn1ayg5r&clickid=&cid=hot_gdjx0qtsamy85 https://fashionstrack.com/13fe9d84310e77f13a6d184dbf1232f3?sid2=587335e67977fd6473eefdba72be35d5&campaignid=ho_qmx0lhn1ayg5r&clickid=&cid=hot_gdjx0qtsamy85 https://vkmarketing2.com/?E=cjDIq7PYDX01D5yFhRVGEeu3CRwIuonb&s1=LD&s2=hot_gdjx0qtsamy85&s3=ho_qmx0lhn1ayg5r https://gkdhre.tmstesting.xyz/	0 187 B	1235ms 166ms	Document text/html	173.231.22.251 WEBNX
General Check archive.org Show headers Download Go to Full URL https://gkdhre.tmstesting.xyz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.22.251 , United States, ASN18450 (WEBNX, US), Reverse DNS hosting.mainvps.pro Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Tue, 07 Nov 2023 10:48:31 GMT Keep-Alive timeout=5, max=100 Server Apache Redirect headers Cache-Control private Connection close Content-Length 147 Content-Type text/html; charset=utf-8 Date Tue, 07 Nov 2023 10:48:31 GMT Location https://gkdhre.tmstesting.xyz/ P3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hqsvn.intercom-interactive.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1csivd7p16md3dkenskmdo52b1
www.tower-houses.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3t7obgqoknce38upv7d0gecusa
.vkmarketing2.com/	1969-12-31 23:59:59	Name: sid Value: eMVDtdnDj2SNmaBByg1lgsRaM2+hFDY7ExbWgAro/LuMoyzD32fubw==
.vkmarketing2.com/	1970-01-21 01:38:34	Name: trk Value: G6SVrrBAB3eNmaBByg1lgsRaM2+hFDY7ExbWgAro/LuMoyzD32fubw==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fashionstrack.com
gkdhre.tmstesting.xyz
hqsvn.intercom-interactive.com
vkmarketing2.com
www.tower-houses.com
173.231.22.251
2a06:98c1:3121::3
34.247.235.145
5.161.187.121
52.5.195.119
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

gkdhre.tmstesting.xyz Open in urlscan Pro 173.231.22.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

1 Requests

100 %HTTPS

20 %IPv6

5 Domains

5 Subdomains

1 IPs

2 Countries

0 kBTransfer

0 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

4 Cookies

Indicators

gkdhre.tmstesting.xyz Open in urlscan Pro
173.231.22.251 Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

4
Cookies

1 HTTP transactions
0 data transactions