r2.lapid.de Open in urlscan Pro
94.199.93.190 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://r2.lapid.de/v1/img?t=eyJraWQiOiJ2MSIsInR5cCI6IkpXVCIsImFsZyI6IkhTMjU2In0.eyJzdWIiOiJtNGEyLm90IiwidmVyIjoxLCJ...
Submission: On July 03 via manual (July 3rd 2023, 6:24:36 am UTC) from NL — Scanned from DE

Summary HTTP 1 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 94.199.93.190, located in Germany and belongs to RETARUS-AS, DE. The main domain is r2.lapid.de.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on January 17th 2023. Valid for: a year.

This is the only time r2.lapid.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1	94.199.93.190 94.199.93.190		48328 (RETARUS-AS) (RETARUS-AS)
1	1

1 94.199.93.190 (Germany)

ASN48328 (RETARUS-AS, DE)
PTR: mail-de1.transactional-mail-a.com

r2.lapid.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	lapid.de r2.lapid.de	382 B
1	1

	Domain	Requested by
1	r2.lapid.de
1	1

This site contains no links.

Subject Issuer	Validity	Valid
r2.lapid.de AlphaSSL CA - SHA256 - G4	`2023-01-17` - `2024-02-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://r2.lapid.de/v1/img?t=eyJraWQiOiJ2MSIsInR5cCI6IkpXVCIsImFsZyI6IkhTMjU2In0.eyJzdWIiOiJtNGEyLm90IiwidmVyIjoxLCJkc3QiOiJodHRwOi8vaHR0cC10by1rYWZrYS5tNGEubXVjcmUxLnJldGxvYy9yZXN0L3YxL3RvcGljcy9ldmVudHMtdHJhY2tpbmciLCJleHAiOjE2OTA4ODIxMzIsImV0bCI6MTY4OTE1NDEzMiwiaWF0IjoxNjg4MjkwMTMyLCJqdGkiOiJHVFV2dGgiLCJjaWQiOiJmMjFmM2EzMC04NTJlLTQyMTItOWFlYS1mZjRkM2ZjOGQ1OTUjNTEwNzA0MGYjNjBmNjM0YWEifQ.1QbuMqk89rSJ7NP7KSlgqQkgNv-9oNOn2xVpb0X8YIk&d=eyJhbGciOiJBMTI4S1ciLCJ6aXAiOiJERUYiLCJraWQiOiJ2MSIsImVuYyI6IkExMjhDQkMtSFMyNTYifQ.TJzv_b6mw2c4CBKBKJblxNWcB-lWHDs31Qz0n_02WUqU2jORK_LLUw.8GA_YrcLWY2QoI7q-8vwVA.aR8dsvi9a3gQ2LcVguwOskTx8vY60QIDdkEvB0D_IRY8WL9-qrGKpVDB4dTEov8D5TL8RTPvWMQGJERmfrZkFLBwBmGXtm90FoZHkiIlTnbXYmd0Wi5fLP35ydz-jUhS-bUk6GIv-LP891VUuMxNjrIqui9VzeyoAVClmym1_1GAPIj1vVdAennwjsXU80wwG0snHWMPozZUNGRbkuVmaIZQaLOi_w_nCHzSEed9bKCaqW67aG6rO1RL4eQVLa_WGHmbGQ8sawizQBU9WWC8ARW9dloLaIsT3iuObK4ARLinmBI-A68fiyz5F7vINzWSaS6o3cz3NjeGAPBVVpeyYVO4ta6cHTPXOCCrxYkfpCzGhXGIfBhF8WuoRpi1H-45ztqjpy6r3wdMWMLIGBKty05xZEus85GqOzzeWT7VWOq6w8UnS8kxzYC_7ZV72o0nJRb2KzmlP_lfOnlCv3WvvhMq4O6SL_krtc1xlqwvFaUmQhC8R4GN4Zp7k7GBTzRglvKhe7pJ67CrQRPH67Uxg8x220Injafx6076zLWo6kFeZlQa2cQEWTksQ5AKVFCrNe8a4eA9U-X17zdKR7YztoTZvltHVQLJv0_en_icEeQ-k6_snduPKe7QdOEEb9GDtjkXatKgnzSLz7io906gHVkAHH0Pf8lglpfJTMUIO38.5PKAzcF8dbezossX_UTSdQ
Frame ID: 56E498FD5D62DE495DCDD35091474FFE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

img (1×1)

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request img Show response r2.lapid.de/v1/	42 B 382 B	201ms 11ms	Document image/gif	94.199.93.190 RETARUS-AS
General Check archive.org Show headers Download Go to Full URL https://r2.lapid.de/v1/img?t=eyJraWQiOiJ2MSIsInR5cCI6IkpXVCIsImFsZyI6IkhTMjU2In0.eyJzdWIiOiJtNGEyLm90IiwidmVyIjoxLCJkc3QiOiJodHRwOi8vaHR0cC10by1rYWZrYS5tNGEubXVjcmUxLnJldGxvYy9yZXN0L3YxL3RvcGljcy9ldmVudHMtdHJhY2tpbmciLCJleHAiOjE2OTA4ODIxMzIsImV0bCI6MTY4OTE1NDEzMiwiaWF0IjoxNjg4MjkwMTMyLCJqdGkiOiJHVFV2dGgiLCJjaWQiOiJmMjFmM2EzMC04NTJlLTQyMTItOWFlYS1mZjRkM2ZjOGQ1OTUjNTEwNzA0MGYjNjBmNjM0YWEifQ.1QbuMqk89rSJ7NP7KSlgqQkgNv-9oNOn2xVpb0X8YIk&d=eyJhbGciOiJBMTI4S1ciLCJ6aXAiOiJERUYiLCJraWQiOiJ2MSIsImVuYyI6IkExMjhDQkMtSFMyNTYifQ.TJzv_b6mw2c4CBKBKJblxNWcB-lWHDs31Qz0n_02WUqU2jORK_LLUw.8GA_YrcLWY2QoI7q-8vwVA.aR8dsvi9a3gQ2LcVguwOskTx8vY60QIDdkEvB0D_IRY8WL9-qrGKpVDB4dTEov8D5TL8RTPvWMQGJERmfrZkFLBwBmGXtm90FoZHkiIlTnbXYmd0Wi5fLP35ydz-jUhS-bUk6GIv-LP891VUuMxNjrIqui9VzeyoAVClmym1_1GAPIj1vVdAennwjsXU80wwG0snHWMPozZUNGRbkuVmaIZQaLOi_w_nCHzSEed9bKCaqW67aG6rO1RL4eQVLa_WGHmbGQ8sawizQBU9WWC8ARW9dloLaIsT3iuObK4ARLinmBI-A68fiyz5F7vINzWSaS6o3cz3NjeGAPBVVpeyYVO4ta6cHTPXOCCrxYkfpCzGhXGIfBhF8WuoRpi1H-45ztqjpy6r3wdMWMLIGBKty05xZEus85GqOzzeWT7VWOq6w8UnS8kxzYC_7ZV72o0nJRb2KzmlP_lfOnlCv3WvvhMq4O6SL_krtc1xlqwvFaUmQhC8R4GN4Zp7k7GBTzRglvKhe7pJ67CrQRPH67Uxg8x220Injafx6076zLWo6kFeZlQa2cQEWTksQ5AKVFCrNe8a4eA9U-X17zdKR7YztoTZvltHVQLJv0_en_icEeQ-k6_snduPKe7QdOEEb9GDtjkXatKgnzSLz7io906gHVkAHH0Pf8lglpfJTMUIO38.5PKAzcF8dbezossX_UTSdQ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 94.199.93.190 , Germany, ASN48328 (RETARUS-AS, DE), Reverse DNS mail-de1.transactional-mail-a.com Software TornadoServer/4.5.3 / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache=Set-Cookie, proxy-revalidate, max-age=0, post-check=0, pre-check=0 content-length 42 content-type image/gif date Mon, 03 Jul 2023 06:24:31 GMT etag "d5fceb6532643d0d84ffe09c40c481ecdf59e15a" expires Wed, 08 Dec 1976 17:60:39 GMT pragma no-cache server TornadoServer/4.5.3

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

r2.lapid.de
94.199.93.190
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

r2.lapid.de Open in urlscan Pro 94.199.93.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

1 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

0 kBTransfer

0 kBSize

0 Cookies

0 Outgoing links

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Indicators

r2.lapid.de Open in urlscan Pro
94.199.93.190 Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

1 HTTP transactions
0 data transactions