urlscan.io logo urlscan.io
SecurityTrails logo

drtrkers.com Open in urlscan Pro
3.64.65.230  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rebrand.ly/9vngxq7?id=3b423b423e3a3d3b3e423a
Effective URL: https://drtrkers.com/redirect?target=BASE64aHR0cHM6Ly93d3cuam9ib3guc2l0ZS8yODg4OVFMNy84TFQyQkgxLz9zdWIzPXdzdDNnMzdodH...
Submission Tags: falconsandbox
Submission: On March 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 3 HTTP transactions. The main IP is 3.64.65.230, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is drtrkers.com.
TLS certificate: Issued by R3 on February 9th 2024. Valid for: 3 months.
This is the only time drtrkers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 15.197.137.111 16509 (AMAZON-02)
2 3.64.65.230 16509 (AMAZON-02)
1 2 35.190.50.251 15169 (GOOGLE)
3 2
Apex Domain
Subdomains		 Transfer
2 drtrkers.com
drtrkers.com
1 KB
1 cshhtrk.com
www.cshhtrk.com
1 jobox.site
www.jobox.site
461 B
1 rebrand.ly
rebrand.ly — Cisco Umbrella Rank: 62114
230 B
3 4
Domain Requested by
2 drtrkers.com
1 www.cshhtrk.com
1 www.jobox.site 1 redirects
1 rebrand.ly 1 redirects
3 4

This site contains no links.

Subject Issuer Validity Valid
drtrkers.com
R3		 2024-02-09 -
2024-05-09		 3 months crt.sh
cshhtrk.com
Starfield Secure Certificate Authority - G2		 2023-12-22 -
2025-01-22		 a year crt.sh

This page contains 1 frames:

Frame: https://www.cshhtrk.com/28889QL7/5WLLH9S/?__rpt=0&__po=4312&__ptid=02d2d356edce403391a23ebdd79a46c3&__rpa=1&__rc=1&sub1=&sub2=&sub3=wst3g37htvslp4kvirt7ig0s&sub4=&sub5=&source_id=&__pcd=9
Frame ID: 7330E8D3F39E3972FC0D7EFEBB07FB09
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://rebrand.ly/9vngxq7?id=3b423b423e3a3d3b3e423a HTTP 301
    https://drtrkers.com/b3d6013c-742f-43ae-8842-c7ef25edadb5?var1=2023-12-07&var3=1&var4=11&var7=1&i... Page URL
  2. https://drtrkers.com/redirect?target=BASE64aHR0cHM6Ly93d3cuam9ib3guc2l0ZS8yODg4OVFMNy84TFQyQkgxLz... Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

1 kB
Transfer

1 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rebrand.ly/9vngxq7?id=3b423b423e3a3d3b3e423a HTTP 301
    https://drtrkers.com/b3d6013c-742f-43ae-8842-c7ef25edadb5?var1=2023-12-07&var3=1&var4=11&var7=1&id=3b423b423e3a3d3b3e423a Page URL
  2. https://drtrkers.com/redirect?target=BASE64aHR0cHM6Ly93d3cuam9ib3guc2l0ZS8yODg4OVFMNy84TFQyQkgxLz9zdWIzPXdzdDNnMzdodHZzbHA0a3ZpcnQ3aWcwcw&ts=1709527482960&hash=kzJLy8kdaFKf5-VmrPQxY0MUT1Vp4aJF-tXA47SMQ9o&rm=D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://rebrand.ly/9vngxq7?id=3b423b423e3a3d3b3e423a HTTP 301
  • https://drtrkers.com/b3d6013c-742f-43ae-8842-c7ef25edadb5?var1=2023-12-07&var3=1&var4=11&var7=1&id=3b423b423e3a3d3b3e423a
Request Chain 1
  • https://www.jobox.site/28889QL7/8LT2BH1/?sub3=wst3g37htvslp4kvirt7ig0s HTTP 302
  • https://www.cshhtrk.com/28889QL7/5WLLH9S/?__rpt=0&__po=4312&__ptid=02d2d356edce403391a23ebdd79a46c3&__rpa=1&__rc=1&sub1=&sub2=&sub3=wst3g37htvslp4kvirt7ig0s&sub4=&sub5=&source_id=&__pcd=9

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
b3d6013c-742f-43ae-8842-c7ef25edadb5
drtrkers.com/
Redirect Chain
  • https://rebrand.ly/9vngxq7?id=3b423b423e3a3d3b3e423a
  • https://drtrkers.com/b3d6013c-742f-43ae-8842-c7ef25edadb5?var1=2023-12-07&var3=1&var4=11&var7=1&id=3b423b423e3a3d3b3e423a
470 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://drtrkers.com/b3d6013c-742f-43ae-8842-c7ef25edadb5?var1=2023-12-07&var3=1&var4=11&var7=1&id=3b423b423e3a3d3b3e423a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.64.65.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-65-230.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
998baeaa8e8e247251818c2f61785da6937331a6f0f6d7f5a572b63c935c035f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Mon, 04 Mar 2024 04:44:42 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx

Redirect headers

cache-control
no-cache, no-store
content-length
0
date
Mon, 04 Mar 2024 04:44:42 GMT
engine
Rebrandly.redirect, version 2.1
expires
-1
location
https://drtrkers.com/b3d6013c-742f-43ae-8842-c7ef25edadb5?var1=2023-12-07&var3=1&var4=11&var7=1&id=3b423b423e3a3d3b3e423a
strict-transport-security
max-age=15552000
Primary Request redirect
drtrkers.com/ 		328 B
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://drtrkers.com/redirect?target=BASE64aHR0cHM6Ly93d3cuam9ib3guc2l0ZS8yODg4OVFMNy84TFQyQkgxLz9zdWIzPXdzdDNnMzdodHZzbHA0a3ZpcnQ3aWcwcw&ts=1709527482960&hash=kzJLy8kdaFKf5-VmrPQxY0MUT1Vp4aJF-tXA47SMQ9o&rm=D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.64.65.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-65-230.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f62c568b28430f71018c0660a1b31daa54d1ddf4d2ee165324ad71f8863f8fb9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Mon, 04 Mar 2024 04:44:43 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
/
www.cshhtrk.com/28889QL7/5WLLH9S/
Redirect Chain
  • https://www.jobox.site/28889QL7/8LT2BH1/?sub3=wst3g37htvslp4kvirt7ig0s
  • https://www.cshhtrk.com/28889QL7/5WLLH9S/?__rpt=0&__po=4312&__ptid=02d2d356edce403391a23ebdd79a46c3&__rpa=1&__rc=1&sub1=&sub2=&sub3=wst3g37htvslp4kvirt7ig0s&sub4=&sub5=&source_id=&__pcd=9
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cshhtrk.com/28889QL7/5WLLH9S/?__rpt=0&__po=4312&__ptid=02d2d356edce403391a23ebdd79a46c3&__rpa=1&__rc=1&sub1=&sub2=&sub3=wst3g37htvslp4kvirt7ig0s&sub4=&sub5=&source_id=&__pcd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.50.251 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
251.50.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
https://drtrkers.com/redirect?target=BASE64aHR0cHM6Ly93d3cuam9ib3guc2l0ZS8yODg4OVFMNy84TFQyQkgxLz9zdWIzPXdzdDNnMzdodHZzbHA0a3ZpcnQ3aWcwcw&ts=1709527482960&hash=kzJLy8kdaFKf5-VmrPQxY0MUT1Vp4aJF-tXA47SMQ9o&rm=D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Mar 2024 04:44:43 GMT
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
22ec77db-c978-4da6-b1ed-475811a786e2

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
254
content-type
text/html; charset=utf-8
date
Mon, 04 Mar 2024 04:44:43 GMT
location
https://www.cshhtrk.com/28889QL7/5WLLH9S/?__rpt=0&__po=4312&__ptid=02d2d356edce403391a23ebdd79a46c3&__rpa=1&__rc=1&sub1=&sub2=&sub3=wst3g37htvslp4kvirt7ig0s&sub4=&sub5=&source_id=&__pcd=9
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
f3ad14d1-fbfc-4016-afc4-99e1584350d8

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
.drtrkers.com/ Name: b3d6013c-742f-43ae-8842-c7ef25edadb5-v4
Value: GEq2Mor4Ws1PE1Cva1Vf-OO1ty1J_9XuIQ5swHgGGBg
.drtrkers.com/ Name: cc-v4
Value: VV7LOrQ%2FfMEekNSHPDxek0zYf2eACqWzCr4QR4rDaAPeSOFl72rw0a%2BuGq3flc0Y0ER1Anuw5cc2SrQGnvlM3M7%2BDLrse%2FFN5rq2c72qZm%2BLp7nRl%2Ft3Rp%2BV9LVd6wFPToJygwhnCH%2FqGmJUWuqnfQ%3D%3D
www.jobox.site/ Name: uniqueClick_8LT2BH1
Value: abe3f4e3-0c59-41ab-9f88-8088018327d1:1709527483

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

drtrkers.com
rebrand.ly
www.cshhtrk.com
www.jobox.site
15.197.137.111
3.64.65.230
35.190.50.251
998baeaa8e8e247251818c2f61785da6937331a6f0f6d7f5a572b63c935c035f
f62c568b28430f71018c0660a1b31daa54d1ddf4d2ee165324ad71f8863f8fb9