xn--margas-gardinentrume-rzb.de

Summary

This website contacted 5 IPs in 4 countries across 8 domains to perform 10 HTTP transactions. The main IP is 2a01:238:20a:202:1067::, located in Germany and belongs to STRATO STRATO AG, DE. The main domain is xn--margas-gardinentrume-rzb.de.

This is the only time xn--margas-gardinentrume-rzb.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a01:238:20a:... 2a01:238:20a:202:1067::	6724 (STRATO ST...) (STRATO STRATO AG)
1	81.169.145.150 81.169.145.150	6724 (STRATO ST...) (STRATO STRATO AG)
1 1	99.83.153.108 99.83.153.108	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:598::1771	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	103.224.182.246 103.224.182.246	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1	199.191.50.82 199.191.50.82	() ()
10	5

1 2a01:238:20a:202:1067:: (Germany)

ASN6724 (STRATO STRATO AG, DE)

xn--margas-gardinentrume-rzb.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.169.145.150 (Soehrewald, Germany)

ASN6724 (STRATO STRATO AG, DE)
PTR: w96.rzone.de

www.webmailer.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.153.108 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6b5b419953ac02a6.awsglobalaccelerator.com

seastats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:598::1771 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.godaddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.224.182.246 (Australia) 2 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-246.above.com

bali-planet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.191.50.82 (None, )

ASN- ()

ww17.bali-planet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	bali-planet.com 2 redirects bali-planet.com ww17.bali-planet.com	1 KB
1	godaddy.com www.godaddy.com — Cisco Umbrella Rank: 25091
1	seastats.com 1 redirects seastats.com	326 B
1	webmailer.de www.webmailer.de	57 KB
1	xn--margas-gardinentrume-rzb.de xn--margas-gardinentrume-rzb.de	5 KB
0	visions7.net Failed visions7.net Failed
0	zxstats.com Failed zxstats.com Failed
0	stxstats.com Failed stxstats.com Failed
10	8

	Domain	Requested by
2	bali-planet.com	2 redirects
1	ww17.bali-planet.com	xn--margas-gardinentrume-rzb.de
1	www.godaddy.com	xn--margas-gardinentrume-rzb.de
1	seastats.com	1 redirects
1	www.webmailer.de	xn--margas-gardinentrume-rzb.de
1	xn--margas-gardinentrume-rzb.de
0	visions7.net Failed	xn--margas-gardinentrume-rzb.de
0	zxstats.com Failed	xn--margas-gardinentrume-rzb.de
0	stxstats.com Failed	xn--margas-gardinentrume-rzb.de
10	9

This site contains no links.

Subject Issuer	Validity	Valid
*.godaddy.com Go Daddy Secure Certificate Authority - G2	`2021-09-17` - `2022-10-19`	a year	crt.sh

This page contains 6 frames:

Primary Page: http://xn--margas-gardinentrume-rzb.de/
Frame ID: DFC9BD55B544441C24FD7E0D937482D1
Requests: 2 HTTP requests in this frame

Frame: https://www.godaddy.com/forsale/seastats.com?utm_source=TDFS_BINNS&utm_medium=BINNS&utm_campaign=TDFS_BINNS&traffic_type=TDFS_BINNS&traffic_id=binns&
Frame ID: CC011CBA75D4C48A67729EBCC92E3EE8
Requests: 1 HTTP requests in this frame

Frame: http://stxstats.com/
Frame ID: EC33FDF8EFB8BC2A0B194C31DB369316
Requests: 1 HTTP requests in this frame

Frame: http://zxstats.com/
Frame ID: C8782E65CE7D7C2137A9EB5FF9D5DC13
Requests: 1 HTTP requests in this frame

Frame: http://ww17.bali-planet.com/
Frame ID: 79801107A03A3694DE6231AF895290B5
Requests: 1 HTTP requests in this frame

Frame: http://visions7.net/1
Frame ID: EFE23182A7B93CC971D5A583C10589CB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

STRATO

Page Statistics

10
Requests

10 %
HTTPS

33 %
IPv6

8
Domains

9
Subdomains

5
IPs

4
Countries

63 kB
Transfer

62 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://seastats.com/ HTTP 302
https://www.godaddy.com/forsale/seastats.com?utm_source=TDFS_BINNS&utm_medium=BINNS&utm_campaign=TDFS_BINNS&traffic_type=TDFS_BINNS&traffic_id=binns&

Request Chain 4

http://bali-planet.com/ HTTP 302
https://bali-planet.com/ HTTP 302
http://ww17.bali-planet.com/

Request Chain 5

http://visions7.net/ HTTP 302
http://visions7.net/1 HTTP 302
http://visions7.net/1

10 HTTP transactions
-3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
xn--margas-gardinentrume-rzb.de/ 5 KB
5 KB 99ms
25ms Document
text/html 2a01:238:20a:202:1067::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--margas-gardinentrume-rzb.de/
Protocol: HTTP/1.1
Server: 2a01:238:20a:202:1067:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.54 (Unix) /
Resource Hash: 3b5483cdf7dceaecd6e68631b51eac8ba31df65da51572f399c50f04a2578837

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 4638
Content-Type: text/html
Date: Mon, 18 Jul 2022 12:47:14 GMT
ETag: "121e-49bea3a2505c0"
Keep-Alive: timeout=3, max=100
Last-Modified: Thu, 10 Feb 2011 09:30:07 GMT
Server: Apache/2.4.54 (Unix)

GET
H/1.1 200
OK setup.jpg
www.webmailer.de/setup/setup5/ 57 KB
57 KB 57ms
24ms Image
image/jpeg 81.169.145.150
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.webmailer.de/setup/setup5/setup.jpg
Requested by: Host: xn--margas-gardinentrume-rzb.de
URL: http://xn--margas-gardinentrume-rzb.de/
Protocol: HTTP/1.1
Server: 81.169.145.150 Soehrewald, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: w96.rzone.de
Software: Apache/2.4.54 (Unix) /
Resource Hash: 70f12d4b4f5ca1d0dc0da44a4e6d9bd22962c64144718f1f92f29afa8ff68bf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://xn--margas-gardinentrume-rzb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 12:47:14 GMT
Last-Modified: Fri, 01 Jul 2011 16:12:18 GMT
Server: Apache/2.4.54 (Unix)
ETag: "e48c-4a7044816bc80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 58508

GET
H2

200

seastats.com
www.godaddy.com/forsale/ Frame CC01
Redirect Chain

http://seastats.com/
https://www.godaddy.com/forsale/seastats.com?utm_source=TDFS_BINNS&utm_medium=BINNS&utm_campaign=TDFS_BINNS&traffic_type=TDFS_BINNS&traffic_id=binns&

0
0

261ms
176ms

Document
text/html

2a02:26f0:3500:598::1771
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.godaddy.com/forsale/seastats.com?utm_source=TDFS_BINNS&utm_medium=BINNS&utm_campaign=TDFS_BINNS&traffic_type=TDFS_BINNS&traffic_id=binns&

Requested by

Host: xn--margas-gardinentrume-rzb.de
URL: http://xn--margas-gardinentrume-rzb.de/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:598::1771 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	0

Request headers

Referer: http://xn--margas-gardinentrume-rzb.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-security-policy-report-only: default-src 'self' www.google.com www.gstatic.com img6.wsimg.com *.secureserver.net collect.tealiumiq.com *.akamaihd.net c.go-mpulse.net *.akstat.io www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net googletagmanager.com *.godaddy.com data:;font-src * data: blob:;style-src 'self' 'unsafe-inline' img6.wsimg.com www.gstatic.com;script-src * data: blob: 'unsafe-inline' 'unsafe-eval';img-src * data: blob:;connect-src * data: blob:;frame-src * data: blob:;report-uri /forsale/api/csp-reports
content-type: text/html; charset=utf-8
date: Mon, 18 Jul 2022 12:47:15 GMT
etag: "166a9-MWP6888RRgAgHSMkhMM+ked2TfU"
expect-ct: max-age=0
expires: Mon, 18 Jul 2022 12:47:15 GMT
pragma: no-cache
referrer-policy: no-referrer
server: envoy
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mTOE,1
x-arc: 2 6
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 106
x-frame-options: SAMEORIGIN DENY
x-permitted-cross-domain-policies: none
x-xss-protection: 0

Redirect headers

Connection: keep-alive
Content-Length: 110
Content-Type: text/html
Date: Mon, 18 Jul 2022 12:47:15 GMT
Location: https://www.godaddy.com:443/forsale/seastats.com?utm_source=TDFS_BINNS&utm_medium=BINNS&utm_campaign=TDFS_BINNS&traffic_type=TDFS_BINNS&traffic_id=binns&
Server: awselb/2.0

GET /
stxstats.com/ Frame EC33 0
0

GET /
zxstats.com/ Frame C878 0
0

GET
H/1.1

200
OK

/ Show response
ww17.bali-planet.com/ Frame 7980
Redirect Chain

http://bali-planet.com/
https://bali-planet.com/
http://ww17.bali-planet.com/

272 B
460 B

1535ms
352ms

Document
text/html

199.191.50.82

General

Check archive.org

Show headers Download Go to

Full URL: http://ww17.bali-planet.com/
Requested by: Host: xn--margas-gardinentrume-rzb.de
URL: http://xn--margas-gardinentrume-rzb.de/
Protocol: HTTP/1.1
Server: 199.191.50.82 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: a9ef11bdf098b181c9cbb75b272531793991c287d15d2477af07edeac69672a8

Request headers

Referer: http://xn--margas-gardinentrume-rzb.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 195
Content-Type: text/html; charset=UTF-8
Date: Mon, 18 Jul 2022 12:47:18 GMT
Keep-Alive: timeout=5, max=128
Server: Apache
ntCoent-Length: 272

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 18 Jul 2022 12:47:17 GMT
Location: http://ww17.bali-planet.com/
Server: Apache/2.4.38 (Debian)

GET

1
visions7.net/ Frame EFE2
Redirect Chain

http://visions7.net/
http://visions7.net/1
http://visions7.net/1

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stxstats.com
URL: http://stxstats.com/

Domain: zxstats.com
URL: http://zxstats.com/

Domain: visions7.net
URL: http://visions7.net/1

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.godaddy.com/' in a frame because it set multiple 'X-Frame-Options' headers with conflicting values ('SAMEORIGIN, DENY'). Falling back to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bali-planet.com
seastats.com
stxstats.com
visions7.net
ww17.bali-planet.com
www.godaddy.com
www.webmailer.de
xn--margas-gardinentrume-rzb.de
zxstats.com
stxstats.com
visions7.net
zxstats.com
103.224.182.246
199.191.50.82
2a01:238:20a:202:1067::
2a02:26f0:3500:598::1771
81.169.145.150
99.83.153.108
3b5483cdf7dceaecd6e68631b51eac8ba31df65da51572f399c50f04a2578837
70f12d4b4f5ca1d0dc0da44a4e6d9bd22962c64144718f1f92f29afa8ff68bf5
a9ef11bdf098b181c9cbb75b272531793991c287d15d2477af07edeac69672a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

xn--margas-gardinentrume-rzb.de Open in urlscan Pro Puny margas-gardinenträume.de IDN 2a01:238:20a:202:1067:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

10 %HTTPS

33 %IPv6

8 Domains

9 Subdomains

5 IPs

4 Countries

63 kBTransfer

62 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

xn--margas-gardinentrume-rzb.de Open in urlscan Pro Puny
margas-gardinenträume.de IDN
2a01:238:20a:202:1067:: Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

10 %
HTTPS

33 %
IPv6

8
Domains

9
Subdomains

5
IPs

4
Countries

63 kB
Transfer

62 kB
Size

0
Cookies

10 HTTP transactions
-3 data transactions