urlscan.io logo urlscan.io
SecurityTrails logo

api.orange.sixt.com Open in urlscan Pro
2606:4700::6812:b53  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://m.exactag.com/cl.aspx?extProvApi=sixt-crm_transaction&extProvId=313&extPu=nl_rac_com&extLi=126649&extSi=nl_rac...
Effective URL: https://api.orange.sixt.com/v1/rentalreservations/confirmation/9703538517/0c403b3d0d?c1=nl_rac_com&c2=Prod%20NEXT%20Reservat...
Submission: On July 07 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 1 HTTP transactions. The main IP is 2606:4700::6812:b53, located in United States and belongs to CLOUDFLARENET, US. The main domain is api.orange.sixt.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 15th 2023. Valid for: a year.
This is the only time api.orange.sixt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

0c403b3d0d.pdf 13 KB application/pdf
MIME: PDF document, version 1.3
Size: 13 KB (13036 bytes, 100% done)
Downloaded from: https://api.orange.sixt.com/v1/rentalreservations/confirmation/9703538517/0c403b3d0d?c1=nl_rac_com&c2=Prod%20NEXT%20Reservation%20Confirmation_US&c3=126649&fir=1&utm_source=nl_rac_com_2307_US&utm_medium=email&utm_campaign=Prod%20NEXT%20Reservation%20Confirmation_US&utm_content=nl_rac_com&utm_term=126649&j=126649&sfmc_sub=124141890&l=157_HTML&u=&mid=100022017&jb=52379&exactag_campaign=1751&exactag_uk=c9cb72b8b0d549b7b29a45a05b193a1c&exactag_uk=c9cb72b8b0d549b7b29a45a05b193a1c

Domain & IP information

IP Address AS Autonomous System
1 1 213.202.235.10 24961 (MYLOC-AS ...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1
Apex Domain
Subdomains		 Transfer
1 sixt.com
api.orange.sixt.com
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11731
2 KB
1 2
Domain Requested by
1 api.orange.sixt.com
1 m.exactag.com 1 redirects
1 2

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-15 -
2024-05-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://api.orange.sixt.com/v1/rentalreservations/confirmation/9703538517/0c403b3d0d?c1=nl_rac_com&c2=Prod%20NEXT%20Reservation%20Confirmation_US&c3=126649&fir=1&utm_source=nl_rac_com_2307_US&utm_medium=email&utm_campaign=Prod%20NEXT%20Reservation%20Confirmation_US&utm_content=nl_rac_com&utm_term=126649&j=126649&sfmc_sub=124141890&l=157_HTML&u=&mid=100022017&jb=52379&exactag_campaign=1751&exactag_uk=c9cb72b8b0d549b7b29a45a05b193a1c&exactag_uk=c9cb72b8b0d549b7b29a45a05b193a1c
Frame ID: 50154DC6B174DCE65FF5DDE95A4728BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

Page Statistics

1
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0c403b3d0d
api.orange.sixt.com/v1/rentalreservations/confirmation/9703538517/
Redirect Chain
  • https://m.exactag.com/cl.aspx?extProvApi=sixt-crm_transaction&extProvId=313&extPu=nl_rac_com&extLi=126649&extSi=nl_rac_com_2307_US&url=https%3a%2f%2fapi.orange.sixt.com%2fv1%2frentalreservations%2f...
  • https://api.orange.sixt.com/v1/rentalreservations/confirmation/9703538517/0c403b3d0d?c1=nl_rac_com&c2=Prod%20NEXT%20Reservation%20Confirmation_US&c3=126649&fir=1&utm_source=nl_rac_com_2307_US&utm_m...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.orange.sixt.com/v1/rentalreservations/confirmation/9703538517/0c403b3d0d?c1=nl_rac_com&c2=Prod%20NEXT%20Reservation%20Confirmation_US&c3=126649&fir=1&utm_source=nl_rac_com_2307_US&utm_medium=email&utm_campaign=Prod%20NEXT%20Reservation%20Confirmation_US&utm_content=nl_rac_com&utm_term=126649&j=126649&sfmc_sub=124141890&l=157_HTML&u=&mid=100022017&jb=52379&exactag_campaign=1751&exactag_uk=c9cb72b8b0d549b7b29a45a05b193a1c&exactag_uk=c9cb72b8b0d549b7b29a45a05b193a1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7e2fceec6bc38ffa-FRA
content-encoding
gzip
content-type
application/pdf
date
Fri, 07 Jul 2023 11:39:41 GMT
server
cloudflare
server-timing
intid;desc=1de2745129d993c8, intid;desc=44b5248c1818826f intid;desc=2b25e200f45a4161
traceparent
00-000000000000000044b5248c1818826f-44b5248c1818826f-01 00-00000000000000002b25e200f45a4161-2b25e200f45a4161-01
tracestate
in=44b5248c1818826f;44b5248c1818826f in=2b25e200f45a4161;2b25e200f45a4161
vary
Origin, Accept-Encoding
x-correlation-id
9e8d91b1-f36a-4d72-bf9f-0096d9ed4486
x-instana-l
1 1
x-instana-s
44b5248c1818826f 2b25e200f45a4161
x-instana-t
44b5248c1818826f 2b25e200f45a4161

Redirect headers

Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1000
Cache-Control
private
Connection
close
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 07 Jul 2023 11:39:40 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Fr, 07 Jul 2023 11:39:40 GMT
Location
https://api.orange.sixt.com/v1/rentalreservations/confirmation/9703538517/0c403b3d0d?c1=nl_rac_com&c2=Prod NEXT Reservation Confirmation_US&c3=126649&fir=1&utm_source=nl_rac_com_2307_US&utm_medium=email&utm_campaign=Prod NEXT Reservation Confirmation_US&utm_content=nl_rac_com&utm_term=126649&j=126649&sfmc_sub=124141890&l=157_HTML&u=&mid=100022017&jb=52379&exactag_campaign=1751&exactag_uk=c9cb72b8b0d549b7b29a45a05b193a1c&exactag_uk=c9cb72b8b0d549b7b29a45a05b193a1c
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-ET-Camp
1751
X-ET-Code
0
X-ET-Monitoring
1
X-Xss-Protection
0
cross-origin-resource-policy
cross-origin

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

5 Cookies

Domain/Path Name / Value
m.exactag.com/ Name: exactag_new_gk
Value: d37ba643810c4723b84d3e333be22196%7c05.09.2023+11%3a39%3a40
m.exactag.com/ Name: exactag_new_uk
Value: c9cb72b8b0d549b7b29a45a05b193a1c%7c
m.exactag.com/ Name: exactag_new_user
Value: 1751%7c1%7ce211e004be40dedb173473f361a32379%7c01.01.0001+00%3a00%3a00%7c01.01.0001+00%3a00%3a00%7c%7c3368595%7c74694%7cFalse
m.exactag.com/ Name: session_session
Value: 4071d921d7d344c098e73043
m.exactag.com/ Name: exactag_new_cpv
Value: 1751%7ca3b7ce873db8bcb080e54b304a8b8dbb%7c126649%7c%7c%7c07.07.2023+11%3a39%3a40%7cFalse%7cFalse

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.orange.sixt.com
m.exactag.com
213.202.235.10
2606:4700::6812:b53