urlscan.io logo urlscan.io
SecurityTrails logo

t.sidekickopen71.com Open in urlscan Pro
2606:4700:4400::6812:270a  Public Scan

Go To Rescan Add Verdict Report
URL: https://t.sidekickopen71.com/Ctc/DP*23284/d2S6r304/Jks2-6qcW69sMD-6lZ3pmW6TX5CS6TtL9KW2-L0YS1JcQgrW2qfcXz5fYB4fW3ND9K61VPm2vW...
Submission: On September 28 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 2606:4700:4400::6812:270a, located in United States and belongs to CLOUDFLARENET, US. The main domain is t.sidekickopen71.com. The Cisco Umbrella rank of the primary domain is 449081.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 1st 2023. Valid for: a year.
This is the only time t.sidekickopen71.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2 23.67.140.91 16625 (AKAMAI-AS)
2 2
Apex Domain
Subdomains		 Transfer
2 cat.com
parts.cat.com — Cisco Umbrella Rank: 291468
2 KB
2 sidekickopen71.com
t.sidekickopen71.com — Cisco Umbrella Rank: 449081
3 KB
2 2
Domain Requested by
2 parts.cat.com 1 redirects t.sidekickopen71.com
2 t.sidekickopen71.com 1 redirects
2 2

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-01 -
2024-04-30		 a year crt.sh
*.cat.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh

This page contains 1 frames:

Frame: https://parts.cat.com/de/catcorpon
Frame ID: 5CA6311F0C811FD5B7F5A733D5102461
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

2
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

4 kB
Transfer

8 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://t.sidekickopen71.com/events/public/v1/encoded/track/tc/DP*23284/d2S6r304/Jks2-6qcW69sMD-6lZ3pmW6TX5CS6TtL9KW2-L0YS1JcQgrW2qfcXz5fYB4fW3ND9K61VPm2vW6bfYCP4gjY_qW1bFpNs2q9hlSW2fnpCc4wKWHDW2YvGYy6CLq8vW90Zsh86SvSl9W18qJ_V62bs9DW494kXd8W_XGFVCxhWV6gXBvGW2-xBKC1shnpDW3f_SZ68FQv6gW8PCksp4QXHFLW5QYTXg6rBJmQW7X7qZK3jCYNSVx8VzR6YlJ9_W7Bpl155HNnY_W3S_2HX8rrhc3f7hcxGq04?_ud=6235fca3-243f-4d5a-9da2-45ffa105e632&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
  • https://parts.cat.com/en/catcorpon HTTP 302
  • https://parts.cat.com/de/catcorpon

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Jks2-6qcW69sMD-6lZ3pmW6TX5CS6TtL9KW2-L0YS1JcQgrW2qfcXz5fYB4fW3ND9K61VPm2vW6bfYCP4gjY_qW1bFpNs2q9hlSW2fnpCc4wKWHDW2YvGYy6CLq8vW90Zsh86SvSl9W18qJ_V62bs9DW494kXd8W_XGFVCxhWV6gXBvGW2-xBKC1shnpDW3f_SZ68...
t.sidekickopen71.com/Ctc/DP*23284/d2S6r304/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sidekickopen71.com/Ctc/DP*23284/d2S6r304/Jks2-6qcW69sMD-6lZ3pmW6TX5CS6TtL9KW2-L0YS1JcQgrW2qfcXz5fYB4fW3ND9K61VPm2vW6bfYCP4gjY_qW1bFpNs2q9hlSW2fnpCc4wKWHDW2YvGYy6CLq8vW90Zsh86SvSl9W18qJ_V62bs9DW494kXd8W_XGFVCxhWV6gXBvGW2-xBKC1shnpDW3f_SZ68FQv6gW8PCksp4QXHFLW5QYTXg6rBJmQW7X7qZK3jCYNSVx8VzR6YlJ9_W7Bpl155HNnY_W3S_2HX8rrhc3f7hcxGq04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:270a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
80dd30147a764d5a-FRA
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 28 Sep 2023 15:58:26 GMT
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-content-type-options
nosniff
x-envoy-upstream-service-time
14
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-5cd547747b-dwnwx
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
5072a891-cb2e-4240-8ccc-ec6b382e0156
x-request-id
5072a891-cb2e-4240-8ccc-ec6b382e0156
x-robots-tag
none
catcorpon
parts.cat.com/de/
Redirect Chain
  • https://t.sidekickopen71.com/events/public/v1/encoded/track/tc/DP*23284/d2S6r304/Jks2-6qcW69sMD-6lZ3pmW6TX5CS6TtL9KW2-L0YS1JcQgrW2qfcXz5fYB4fW3ND9K61VPm2vW6bfYCP4gjY_qW1bFpNs2q9hlSW2fnpCc4wKWHDW2Yv...
  • https://parts.cat.com/en/catcorpon
  • https://parts.cat.com/de/catcorpon
0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://parts.cat.com/de/catcorpon
Requested by
Host: t.sidekickopen71.com
URL: https://t.sidekickopen71.com/Ctc/DP*23284/d2S6r304/Jks2-6qcW69sMD-6lZ3pmW6TX5CS6TtL9KW2-L0YS1JcQgrW2qfcXz5fYB4fW3ND9K61VPm2vW6bfYCP4gjY_qW1bFpNs2q9hlSW2fnpCc4wKWHDW2YvGYy6CLq8vW90Zsh86SvSl9W18qJ_V62bs9DW494kXd8W_XGFVCxhWV6gXBvGW2-xBKC1shnpDW3f_SZ68FQv6gW8PCksp4QXHFLW5QYTXg6rBJmQW7X7qZK3jCYNSVx8VzR6YlJ9_W7Bpl155HNnY_W3S_2HX8rrhc3f7hcxGq04
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.140.91 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-140-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' t.contentsquare.net 'unsafe-eval' *; upgrade-insecure-requests; frame-ancestors 'self'
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://t.sidekickopen71.com/Ctc/DP*23284/d2S6r304/Jks2-6qcW69sMD-6lZ3pmW6TX5CS6TtL9KW2-L0YS1JcQgrW2qfcXz5fYB4fW3ND9K61VPm2vW6bfYCP4gjY_qW1bFpNs2q9hlSW2fnpCc4wKWHDW2YvGYy6CLq8vW90Zsh86SvSl9W18qJ_V62bs9DW494kXd8W_XGFVCxhWV6gXBvGW2-xBKC1shnpDW3f_SZ68FQv6gW8PCksp4QXHFLW5QYTXg6rBJmQW7X7qZK3jCYNSVx8VzR6YlJ9_W7Bpl155HNnY_W3S_2HX8rrhc3f7hcxGq04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache,no-store,max-age=0
content-language
de-DE
content-length
0
content-security-policy
script-src 'self' 'unsafe-inline' t.contentsquare.net 'unsafe-eval' *; upgrade-insecure-requests; frame-ancestors 'self'
date
Thu, 28 Sep 2023 15:58:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
link
<https://fast.fonts.net>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://cdn.cookielaw.org>;rel="preconnect",<https://www.googleoptimize.com>;rel="preconnect",<https://www.google-analytics.com>;rel="preconnect",<https://snap.licdn.com>;rel="preconnect",<https://unpkg.com>;rel="preconnect",<https://bat.bing.com>;rel="preconnect",<https://connect.facebook.net>;rel="preconnect"
pragma
No-cache
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-rule
POST_A
x-ua-compatible
IE=Edge
x-xss-protection
1; mode=block

Redirect headers

content-length
0
date
Thu, 28 Sep 2023 15:58:26 GMT
location
https://parts.cat.com/de/catcorpon
server
AkamaiGHost
x-rule
POST_A

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

9 Cookies

Domain/Path Name / Value
parts.cat.com/ Name: changeLang
Value: en|de|auto|false
.cat.com/ Name: _abck
Value: 673C8F938F469AFA52C8DD107D428A53~-1~YAAQMihDF75DN8uKAQAAXEyD3Ao734IJQkEX1UgAT9pcGHK1autSyWHKpDMPcGd1wEnnIoEaPBeFGoYhQgbH0oqvhNbmzilnLXWl99fT9HNPzJ8A82Uy8vntXSRAzSVnApZZ24PI0lJAIvc4M9NjaYOc2TKsYVu7E2BZ17ydAY4ea2a3YkHhoJvkWxuu7RRa5YADXNFodZN6uWKvvADoKkrvPmmk4fXflxnqE6L33hPpsZTLCnpMS5zmDsk/ctH6DK1OC+QYVLnw0fiTgM7n+CsyZwoj7U95e087mFqo6iVA9SGO4RXmaqu5YcIx9fNIFgeEOwhDBdRLVkeuWgnvG9ZdKUe7Br+mmoATabtniTrRZvUgHNOD1fQ=~-1~-1~-1
.cat.com/ Name: bm_sz
Value: 7FCBE03F4915F884D8C03052D9C3E893~YAAQMihDF79DN8uKAQAAXEyD3BUDkM2OprhZ5IpaM5G1ipZX92VZBlMyYlC2q1z5lKGAymzTBSsYootyQb/6tCrjltDUBVNTCVINZ0yMYLH141YmzB2X7+WwQMpEQDg8SnUcLlYI0RDaM0rbQ/530wc7r5ie9PAoqM9KdJKD6vC+SBB+bQtqI17khEOlUdi3iYN8e9faf50dNGHeSA4ThL1knvrZ4SrpagmnBjU2BF3Ehby9PwgriFD2QPrJmfF7FroUzXqBelImDwLahpkY2L7Seq+Oslb9y+J8P8ZSoKc=~3749937~3291444
parts.cat.com/ Name: ADRUM_BTa
Value: R:0|g:5cbed1b8-ae95-4b10-8476-a1cfb165c1ca|n:cat-prod_f7d9caec-f2b7-4921-8d3b-1d2bc2552176
parts.cat.com/ Name: SameSite
Value: None
parts.cat.com/ Name: JSESSIONID
Value: 0000ni7YpaQK2UCAMBSI7K8AT1M:-1
.cat.com/ Name: WC_PERSISTENT
Value: gzhk4ma1YogCwSPaAe6%2BANaoFMwmvHC3porxbK30PxE%3D%3B2023-09-28+10%3A58%3A27.039_1695916707039-3027567_0
parts.cat.com/ Name: ADRUM_BT1
Value: R:0|i:1130895|e:3|d:19
.cat.com/ Name: AKA_A2
Value: A

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

parts.cat.com
t.sidekickopen71.com
23.67.140.91
2606:4700:4400::6812:270a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855