urlscan.io logo urlscan.io
SecurityTrails logo

ef-api-uat.extrack.com Open in urlscan Pro
20.37.196.198  Public Scan

Go To Rescan Add Verdict Report
URL: https://ef-api-uat.extrack.com/
Submission: On January 13 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 9 HTTP transactions. The main IP is 20.37.196.198, located in Sydney, Australia and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is ef-api-uat.extrack.com.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on January 13th 2022. Valid for: 6 months.
This is the only time ef-api-uat.extrack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 20.37.196.198 8075 (MICROSOFT...)
1 2606:2800:233... 15133 (EDGECAST)
2 52.236.186.216 8075 (MICROSOFT...)
9 3
Apex Domain
Subdomains		 Transfer
6 extrack.com
ef-api-uat.extrack.com
218 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 814
303 B
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 1632
22 KB
9 3
Domain Requested by
6 ef-api-uat.extrack.com ef-api-uat.extrack.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
1 az416426.vo.msecnd.net ef-api-uat.extrack.com
9 3

This site contains no links.

Subject Issuer Validity Valid
ef-api-uat.extrack.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-01-13 -
2022-07-13		 6 months crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 01		 2021-07-22 -
2022-07-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ef-api-uat.extrack.com/
Frame ID: B8FB52ED609249950B5E1B5A63AA6528
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ExTrack API

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

241 kB
Transfer

791 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ef-api-uat.extrack.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ef-api-uat.extrack.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.37.196.198 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
50f4f3979982656245ef5bf44e087dfe3f9c4d0494c9c5555e52970c70fc6f96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Length
1332
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
Request-Context
appId=cid-v1:dfa633a0-06c9-40c8-b632-05c5e189cbb6
Access-Control-Expose-Headers
Request-Context
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
*
Strict-Transport-Security
max-age=31536000
Date
Thu, 13 Jan 2022 02:35:46 GMT
bootstrap.css
ef-api-uat.extrack.com/Content/ 		205 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ef-api-uat.extrack.com/Content/bootstrap.css
Requested by
Host: ef-api-uat.extrack.com
URL: https://ef-api-uat.extrack.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.37.196.198 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c057d37620f2fc7c9614d1d63a2428ba1258b4b86a284ca156d5ac7d7f40ef17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ef-api-uat.extrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
"6a28f1a4986d81:0"
Last-Modified
Tue, 11 Jan 2022 03:09:27 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE
Content-Type
text/css
Access-Control-Allow-Origin
*
Date
Thu, 13 Jan 2022 02:35:46 GMT
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
41770
X-XSS-Protection
1; mode=block
site.css
ef-api-uat.extrack.com/Content/ 		332 B
820 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ef-api-uat.extrack.com/Content/site.css
Requested by
Host: ef-api-uat.extrack.com
URL: https://ef-api-uat.extrack.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.37.196.198 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fd37ff9c377f4e81da733f1fa940957c5fae4f6af2705b2b12fcd8d49265da22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ef-api-uat.extrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
"7d3c83fa976d81:0"
Last-Modified
Tue, 11 Jan 2022 03:04:42 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE
Content-Type
text/css
Access-Control-Allow-Origin
*
Date
Thu, 13 Jan 2022 02:35:46 GMT
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
321
X-XSS-Protection
1; mode=block
modernizr-2.8.3.js
ef-api-uat.extrack.com/Scripts/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ef-api-uat.extrack.com/Scripts/modernizr-2.8.3.js
Requested by
Host: ef-api-uat.extrack.com
URL: https://ef-api-uat.extrack.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.37.196.198 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
012305fe18175b95942f96c5a5b89ef07e470b166679c6497712edb2dfb9e59a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ef-api-uat.extrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
"f19d98fa976d81:0"
Last-Modified
Tue, 11 Jan 2022 03:04:42 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Date
Thu, 13 Jan 2022 02:35:46 GMT
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
19878
X-XSS-Protection
1; mode=block
jquery-3.6.0.js
ef-api-uat.extrack.com/Scripts/ 		292 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ef-api-uat.extrack.com/Scripts/jquery-3.6.0.js
Requested by
Host: ef-api-uat.extrack.com
URL: https://ef-api-uat.extrack.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.37.196.198 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
29223fdf1c42ac27b10aea5dcd02513f507a22a83ed8d03e5f6bb7f1c41daaaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ef-api-uat.extrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
"cf9f97fa976d81:0"
Last-Modified
Tue, 11 Jan 2022 03:04:42 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
Transfer-Encoding
chunked
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Date
Thu, 13 Jan 2022 02:35:46 GMT
bootstrap.js
ef-api-uat.extrack.com/Scripts/ 		145 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ef-api-uat.extrack.com/Scripts/bootstrap.js
Requested by
Host: ef-api-uat.extrack.com
URL: https://ef-api-uat.extrack.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.37.196.198 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2f55c9accac2ff98ec6aa95dba70aaebe9ac6b86b2e92d1cadf309680b210e21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ef-api-uat.extrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
"9f2f2a5986d81:0"
Last-Modified
Tue, 11 Jan 2022 03:09:28 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Date
Thu, 13 Jan 2022 02:35:47 GMT
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
40817
X-XSS-Protection
1; mode=block
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: ef-api-uat.extrack.com
URL: https://ef-api-uat.extrack.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ef-api-uat.extrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 13 Jan 2022 02:35:47 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
237
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
395c5bfa-b01e-0032-5225-08e802000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Thu, 13 Jan 2022 03:05:47 GMT
track
dc.services.visualstudio.com/v2/ 		96 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.236.186.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e0c8e45310b3563a1f0468bdf2d71a18d015e577e900511007fa60155fde5f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ef-api-uat.extrack.com/
Accept-Language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
8C7E08B2-E806-4739-A552-DF0149EA1947
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Thu, 13 Jan 2022 02:35:49 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.236.186.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://ef-api-uat.extrack.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Thu, 13 Jan 2022 02:35:48 GMT
content-length
0

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange object| html5 object| Modernizr object| appInsights object| AI object| Microsoft function| __extends function| _endsWith function| $ function| jQuery object| bootstrap

4 Cookies

Domain/Path Name / Value
.ef-api-uat.extrack.com/ Name: ARRAffinity
Value: 58c9a510b8796acfbe8b7061b65e8369f081906785bdfa96964558f069f8744c
.ef-api-uat.extrack.com/ Name: ARRAffinitySameSite
Value: 58c9a510b8796acfbe8b7061b65e8369f081906785bdfa96964558f069f8744c
ef-api-uat.extrack.com/ Name: ai_user
Value: 3f2jF|2022-01-13T02:35:47.795Z
ef-api-uat.extrack.com/ Name: ai_session
Value: JgAZv|1642041348298.1|1642041348298.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block