colortrek.vandenmars.com

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 2a00:1450:4001:827::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is colortrek.vandenmars.com.

This is the only time colortrek.vandenmars.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	64.98.145.30 64.98.145.30	32491 (TUCOWS-3) (TUCOWS-3)
3	2a00:1450:400... 2a00:1450:4001:827::2013	15169 (GOOGLE) (GOOGLE)
4	2

1 64.98.145.30 (Canada) 1 redirects

ASN32491 (TUCOWS-3, CA)
PTR: url.hover.com

qr2.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

colortrek.vandenmars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	vandenmars.com colortrek.vandenmars.com	142 KB
1	qr2.li 1 redirects qr2.li	578 B
4	2

	Domain	Requested by
3	colortrek.vandenmars.com	colortrek.vandenmars.com
1	qr2.li	1 redirects
4	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://colortrek.vandenmars.com/
Frame ID: 6972E28ED4A54E3B63F5206F85006130
Requests: 2 HTTP requests in this frame

Frame: http://colortrek.vandenmars.com/colortrek/FB85A929B80DC7F4DDAE15F97364BBF2.cache.html
Frame ID: EE706C44F949B26448BA0F6370CA637A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://qr2.li/ HTTP 303
http://colortrek.vandenmars.com/ Page URL

Detected technologies

Google App Engine (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /Google Frontend/i

Page Statistics

4
Requests

0 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

142 kB
Transfer

381 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://qr2.li/ HTTP 303
http://colortrek.vandenmars.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
-1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response colortrek.vandenmars.com/ Redirect Chain http://qr2.li/ http://colortrek.vandenmars.com/	2 KB 2 KB	4118ms 3990ms	Document text/html	2a00:1450:4001:827::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://colortrek.vandenmars.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash `ab747be7beae89eb196c68d5a30a0d3cf71fcf47dc4fd05fe7bb788c75650a21` Request headers Host colortrek.vandenmars.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-Cloud-Trace-Context 2ba3c5f4cfd50168218f7b2a0a9a2a73;o=1 Date Mon, 22 Feb 2021 20:15:07 GMT Content-Type text/html Server Google Frontend Content-Length 2188 Redirect headers Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Status 303 See Other X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff Location http://colortrek.vandenmars.com Cache-Control no-cache X-Request-Id dd471dd8-3d9c-419f-8b7e-185a759e1287 X-Runtime 0.005550 X-Powered-By Phusion Passenger 4.0.53 Date Mon, 22 Feb 2021 20:16:48 GMT Server nginx/1.6.2 + Phusion Passenger 4.0.53 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H/1.1	200 OK	colortrek.nocache.js Show response colortrek.vandenmars.com/colortrek/	5 KB 3 KB	152ms 151ms	Script application/x-javascript	2a00:1450:4001:827::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://colortrek.vandenmars.com/colortrek/colortrek.nocache.js Requested by Host: colortrek.vandenmars.com URL: http://colortrek.vandenmars.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash `670125063c74522665256f1f4ddd9bfc4ce9d1984615c3cb2895834b21e92716` Request headers Referer http://colortrek.vandenmars.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 22 Feb 2021 20:15:07 GMT Content-Encoding gzip Server Google Frontend ETag "Cx5M0w" Transfer-Encoding chunked Content-Type application/x-javascript X-Cloud-Trace-Context e376a0d8d99eba14710532a4d22a1e41;o=1 Cache-Control no-cache, must-revalidate Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	FB85A929B80DC7F4DDAE15F97364BBF2.cache.html Show response colortrek.vandenmars.com/colortrek/ Frame EE70	373 KB 137 KB	176ms 176ms	Document text/html	2a00:1450:4001:827::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://colortrek.vandenmars.com/colortrek/FB85A929B80DC7F4DDAE15F97364BBF2.cache.html Requested by Host: colortrek.vandenmars.com URL: http://colortrek.vandenmars.com/colortrek/colortrek.nocache.js Protocol HTTP/1.1 Server 2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash `2166c1f7cce9c2c0513c0835732d78b8d4995fdf656a7eed34b237d785e0c595` Request headers Host colortrek.vandenmars.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://colortrek.vandenmars.com/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://colortrek.vandenmars.com/ Response headers Date Mon, 22 Feb 2021 20:15:08 GMT Expires Tue, 22 Feb 2022 20:15:08 GMT Cache-Control public, max-age=31536000 ETag "Cx5M0w" X-Cloud-Trace-Context 750d0dc6ae222c95b129f2878fdad230 Content-Type text/html Content-Encoding gzip Server Google Frontend Transfer-Encoding chunked

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

colortrek.vandenmars.com
qr2.li
2a00:1450:4001:827::2013
64.98.145.30
2166c1f7cce9c2c0513c0835732d78b8d4995fdf656a7eed34b237d785e0c595
670125063c74522665256f1f4ddd9bfc4ce9d1984615c3cb2895834b21e92716
ab747be7beae89eb196c68d5a30a0d3cf71fcf47dc4fd05fe7bb788c75650a21
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

colortrek.vandenmars.com Open in urlscan Pro 2a00:1450:4001:827::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

0 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

142 kBTransfer

381 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

Indicators

colortrek.vandenmars.com Open in urlscan Pro
2a00:1450:4001:827::2013 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

0 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

142 kB
Transfer

381 kB
Size

0
Cookies

4 HTTP transactions
-1 data transactions