urlscan.io logo urlscan.io
SecurityTrails logo

r.srvtrck.com Open in urlscan Pro
2606:4700::6813:a860  Public Scan

Go To Rescan Add Verdict Report
URL: https://r.srvtrck.com/v2/go?ai=599fab41884b4ac99b128f31869abae1&eu=%2Ftdpe%3Aa%2Fteke-br%2Fds.teh&t=9t6p1%3A1%2F5w4.5i...
Submission Tags: falconsandbox
Submission: On August 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 2606:4700::6813:a860, located in United States and belongs to CLOUDFLARENET, US. The main domain is r.srvtrck.com. The Cisco Umbrella rank of the primary domain is 58911.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 23rd 2021. Valid for: a year.
This is the only time r.srvtrck.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2
Apex Domain
Subdomains		 Transfer
2 srvtrck.com
r.srvtrck.com — Cisco Umbrella Rank: 58911
5 KB
0 beek-trade.de Failed
beek-trade.de Failed
3 2
Domain Requested by
2 r.srvtrck.com r.srvtrck.com
0 beek-trade.de Failed r.srvtrck.com
3 2

This site contains links to these domains. Also see Links.

Domain
beek-trade.de
Subject Issuer Validity Valid
*.srvtrck.com
Go Daddy Secure Certificate Authority - G2		 2021-12-23 -
2023-01-24		 a year crt.sh

This page contains 2 frames:

Primary Page: https://r.srvtrck.com/v2/go?ai=599fab41884b4ac99b128f31869abae1&eu=%2Ftdpe%3Aa%2Fteke-br%2Fds.teh&t=9t6p1%3A1%2F5w4.5i9l8g5rbd5%2F6o3m2nem%3Adilesia_i3c7o6u1%3Fd%3Dd26Ka_2v4PaydababccY1b9Z3V080Q000a%3DCoj%265993h6t8O3cdY%26Ecjnu7_ofHc9jcV%2619_3g6o813pdbmxgCTwp3j3V09rfSIKdCf5Wfdl8bgDP0EgTqd5eGOrybFCk%26xiM%3D66D5w4g3x34mY%3DnN_beh4BgVmMqi3%3Di6i5V4y3_39l7gOvC3F4B081o0x0Z4VaM3y8ycddH2A1c20aH2pelfd3mc%2Fbps%2Fte_udo4%2F1o5m5c9e7.4e0i8labdwcwb%2F8s5teh&sct=0&ct=1643418304334&cu=14cab3b8dcad4221a26ad2de1f637c3b&w=4&e=1&ykuid=a7152a65c5504ab8a660329698d7df5d&sc=1&cs=0432bddf329a7455ddcca5467813f44f
Frame ID: 07C05A360D0E93F246E58B523CD33D92
Requests: 2 HTTP requests in this frame

Frame: https://beek-trade.de/produkt/a-microsoft-office-2016-professional-plus/?utm_source=Billiger.de&utm_campaign=Billiger2&utm_medium=cpc&utm_term=3027&soluteclid=a03badef37014c59bd6ef34282b95577
Frame ID: 5BA0AB0BF8ED2B88929704DDA8215D67
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bitte warten

Page Statistics

3
Requests

67 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

5 kB
Transfer

7 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://www.billiger.de/common/modules/api/cmodul?p=H20Kc_AvHPdyyayaMcVYZbxZoV88BQF0CaOC7j95_9yhVtiOic3YqEmjgu4_ef_cnjYV41x_ggwoD16pMbxxkCFwy3O3e0drTSEKPCg58fdlWbfDd0Igfq95VGjrpbTCg&mid=3685643393&mc=9NHboh7BnVcM&id=3685643393&log=v03040001309014cab3b8dcad4221a26ad2de1f637c3b_site_id:4e125356957b450889a5d4c5b18156e9 HTTP 302
  • https://beek-trade.de/produkt/a-microsoft-office-2016-professional-plus/?utm_source=Billiger.de&utm_campaign=Billiger2&utm_medium=cpc&utm_term=3027&soluteclid=a03badef37014c59bd6ef34282b95577

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request go
r.srvtrck.com/v2/ 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.srvtrck.com/v2/go?ai=599fab41884b4ac99b128f31869abae1&eu=%2Ftdpe%3Aa%2Fteke-br%2Fds.teh&t=9t6p1%3A1%2F5w4.5i9l8g5rbd5%2F6o3m2nem%3Adilesia_i3c7o6u1%3Fd%3Dd26Ka_2v4PaydababccY1b9Z3V080Q000a%3DCoj%265993h6t8O3cdY%26Ecjnu7_ofHc9jcV%2619_3g6o813pdbmxgCTwp3j3V09rfSIKdCf5Wfdl8bgDP0EgTqd5eGOrybFCk%26xiM%3D66D5w4g3x34mY%3DnN_beh4BgVmMqi3%3Di6i5V4y3_39l7gOvC3F4B081o0x0Z4VaM3y8ycddH2A1c20aH2pelfd3mc%2Fbps%2Fte_udo4%2F1o5m5c9e7.4e0i8labdwcwb%2F8s5teh&sct=0&ct=1643418304334&cu=14cab3b8dcad4221a26ad2de1f637c3b&w=4&e=1&ykuid=a7152a65c5504ab8a660329698d7df5d&sc=1&cs=0432bddf329a7455ddcca5467813f44f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e34409cf470378db2bb442df09fcd8c01273e5f63f5381d3bff962fb8932d3a7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
73a00574f9cf90fa-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Sat, 13 Aug 2022 08:18:39 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
ajax-loader.gif
r.srvtrck.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.srvtrck.com/ajax-loader.gif
Requested by
Host: r.srvtrck.com
URL: https://r.srvtrck.com/v2/go?ai=599fab41884b4ac99b128f31869abae1&eu=%2Ftdpe%3Aa%2Fteke-br%2Fds.teh&t=9t6p1%3A1%2F5w4.5i9l8g5rbd5%2F6o3m2nem%3Adilesia_i3c7o6u1%3Fd%3Dd26Ka_2v4PaydababccY1b9Z3V080Q000a%3DCoj%265993h6t8O3cdY%26Ecjnu7_ofHc9jcV%2619_3g6o813pdbmxgCTwp3j3V09rfSIKdCf5Wfdl8bgDP0EgTqd5eGOrybFCk%26xiM%3D66D5w4g3x34mY%3DnN_beh4BgVmMqi3%3Di6i5V4y3_39l7gOvC3F4B081o0x0Z4VaM3y8ycddH2A1c20aH2pelfd3mc%2Fbps%2Fte_udo4%2F1o5m5c9e7.4e0i8labdwcwb%2F8s5teh&sct=0&ct=1643418304334&cu=14cab3b8dcad4221a26ad2de1f637c3b&w=4&e=1&ykuid=a7152a65c5504ab8a660329698d7df5d&sc=1&cs=0432bddf329a7455ddcca5467813f44f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.srvtrck.com/v2/go?ai=599fab41884b4ac99b128f31869abae1&eu=%2Ftdpe%3Aa%2Fteke-br%2Fds.teh&t=9t6p1%3A1%2F5w4.5i9l8g5rbd5%2F6o3m2nem%3Adilesia_i3c7o6u1%3Fd%3Dd26Ka_2v4PaydababccY1b9Z3V080Q000a%3DCoj%265993h6t8O3cdY%26Ecjnu7_ofHc9jcV%2619_3g6o813pdbmxgCTwp3j3V09rfSIKdCf5Wfdl8bgDP0EgTqd5eGOrybFCk%26xiM%3D66D5w4g3x34mY%3DnN_beh4BgVmMqi3%3Di6i5V4y3_39l7gOvC3F4B081o0x0Z4VaM3y8ycddH2A1c20aH2pelfd3mc%2Fbps%2Fte_udo4%2F1o5m5c9e7.4e0i8labdwcwb%2F8s5teh&sct=0&ct=1643418304334&cu=14cab3b8dcad4221a26ad2de1f637c3b&w=4&e=1&ykuid=a7152a65c5504ab8a660329698d7df5d&sc=1&cs=0432bddf329a7455ddcca5467813f44f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 08:18:39 GMT
cf-cache-status
HIT
last-modified
Mon, 01 Aug 2022 09:15:32 GMT
server
cloudflare
age
6279
etag
W/"3208-1659345332000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
73a005753a2390fa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3208
expires
Sat, 13 Aug 2022 09:18:39 GMT
/
beek-trade.de/produkt/a-microsoft-office-2016-professional-plus/ Frame 5BA0
Redirect Chain
  • https://www.billiger.de/common/modules/api/cmodul?p=H20Kc_AvHPdyyayaMcVYZbxZoV88BQF0CaOC7j95_9yhVtiOic3YqEmjgu4_ef_cnjYV41x_ggwoD16pMbxxkCFwy3O3e0drTSEKPCg58fdlWbfDd0Igfq95VGjrpbTCg&mid=3685643393&...
  • https://beek-trade.de/produkt/a-microsoft-office-2016-professional-plus/?utm_source=Billiger.de&utm_campaign=Billiger2&utm_medium=cpc&utm_term=3027&soluteclid=a03badef37014c59bd6ef34282b95577
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
beek-trade.de
URL
https://beek-trade.de/produkt/a-microsoft-office-2016-professional-plus/?utm_source=Billiger.de&utm_campaign=Billiger2&utm_medium=cpc&utm_term=3027&soluteclid=a03badef37014c59bd6ef34282b95577

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

4 Cookies

Domain/Path Name / Value
www.billiger.de/ Name: billigerderevisit
Value: tag%3DNl2SGKs-JZbHUxu9W4YQVlKCU_SGkxVzi2u5TglB
www.billiger.de/ Name: cktk2VOb7GrMxztSr2AKkOW-2EUiPtILl8dCe_n0Wll1I22X7ncs8A
Value: h_ld_h-N_eufo17xg1zplfOjVwGcgJCtg
www.billiger.de/ Name: billiger_session
Value: 10bPsEpukc0Nl2SGKs-JZbHUxu9W4YQVlKCU_SGkxVzi2u5TglB
.billiger.de/ Name: __cf_bm
Value: 4bpYtDfFT1rPlu6cZOVVp2I12Ihs7.gPU52yC7d8rUk-1660378719-0-AW3HTHBtWm71V9SanY9HQi0mc6ZlHt6e7PC7kiyMfTT4uUDWzBDSJIwKr8uyNVarCBpQVfSryB1SpVP5QXKiDbUJroZe4YSeY8l5wWQfDR6p

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beek-trade.de
r.srvtrck.com
beek-trade.de
2606:4700::6813:a860
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
e34409cf470378db2bb442df09fcd8c01273e5f63f5381d3bff962fb8932d3a7