Submitted URL: https://geesetracckinggs.com/3d1623eb-0791-4720-8971-4b60f1b180c2
Effective URL: https://samewaygoesyou.com/teleserviceplus/de?dom=geesetracckinggs.com&cep=UgGOTQlspe_ZJQ4r77gvLEVvIvjde5LQx4FlHp7PHqjS1qgE...
Submission: On September 27 via manual from HU — Scanned from DE

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 1 HTTP transactions. The main IP is 77.83.117.242, located in Russian Federation and belongs to TECHNOX PRIVATE NETWORK, TR. The main domain is samewaygoesyou.com.
TLS certificate: Issued by mail9141.em3.tractorsupply.com on September 20th 2021. Valid for: a year.
This is the only time samewaygoesyou.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.195.174.160 16509 (AMAZON-02)
1 77.83.117.242 209371 (TECHNOX P...)
1 1
Apex Domain
Subdomains
Transfer
1 samewaygoesyou.com
samewaygoesyou.com
384 B
1 geesetracckinggs.com
geesetracckinggs.com
1 KB
1 2
Domain Requested by
1 samewaygoesyou.com
1 geesetracckinggs.com 1 redirects
1 2

This site contains no links.

Subject Issuer Validity Valid
mail9141.em3.tractorsupply.com
mail9141.em3.tractorsupply.com
2021-09-20 -
2022-09-20
a year crt.sh

This page contains 1 frames:

Primary Page: https://samewaygoesyou.com/teleserviceplus/de?dom=geesetracckinggs.com&cep=UgGOTQlspe_ZJQ4r77gvLEVvIvjde5LQx4FlHp7PHqjS1qgEJEWP9M1jMI9gvKjJPbY9YkjjOMQhfu55vt326slVgqNyqL9C0UlhTVznEYFwGHKRPDWSWsi-H5caP2K6T62BzeZ23f4c95R5kpUmo_sWCyQL6Rum0P6r-fh02Z-WANpJf8D_c6AuPRklGyCCAGzo_twpqDqAUluDo8GZm_-L5EQT4ybDgUBlFWgD4TyV3I4VMYGKVTnr66bowhlIkkb73lmEkHUCq1heWaQxO3gWnKXgck9VBzqYvSFTxWa4v8tmUh_vUPiQ0JR9T2Ww3X4dQgDHoaZ43UE7Tpu5G2cBaQWc_SOtkN-hR_4jZngE9xSpRVCnlG99OtKSRugW&lptoken=16bc32e1745280c13688
Frame ID: BB7325DEA3B9348CA9ED5B86135074CA
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

403 Forbidden

Page URL History Show full URLs

  1. https://geesetracckinggs.com/3d1623eb-0791-4720-8971-4b60f1b180c2 HTTP 302
    https://samewaygoesyou.com/teleserviceplus/de?dom=geesetracckinggs.com&cep=UgGOTQlspe_ZJQ4r77gvLEVvIvjd... Page URL

Page Statistics

1
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://geesetracckinggs.com/3d1623eb-0791-4720-8971-4b60f1b180c2 HTTP 302
    https://samewaygoesyou.com/teleserviceplus/de?dom=geesetracckinggs.com&cep=UgGOTQlspe_ZJQ4r77gvLEVvIvjde5LQx4FlHp7PHqjS1qgEJEWP9M1jMI9gvKjJPbY9YkjjOMQhfu55vt326slVgqNyqL9C0UlhTVznEYFwGHKRPDWSWsi-H5caP2K6T62BzeZ23f4c95R5kpUmo_sWCyQL6Rum0P6r-fh02Z-WANpJf8D_c6AuPRklGyCCAGzo_twpqDqAUluDo8GZm_-L5EQT4ybDgUBlFWgD4TyV3I4VMYGKVTnr66bowhlIkkb73lmEkHUCq1heWaQxO3gWnKXgck9VBzqYvSFTxWa4v8tmUh_vUPiQ0JR9T2Ww3X4dQgDHoaZ43UE7Tpu5G2cBaQWc_SOtkN-hR_4jZngE9xSpRVCnlG99OtKSRugW&lptoken=16bc32e1745280c13688 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request de
samewaygoesyou.com/teleserviceplus/
Redirect Chain
  • https://geesetracckinggs.com/3d1623eb-0791-4720-8971-4b60f1b180c2
  • https://samewaygoesyou.com/teleserviceplus/de?dom=geesetracckinggs.com&cep=UgGOTQlspe_ZJQ4r77gvLEVvIvjde5LQx4FlHp7PHqjS1qgEJEWP9M1jMI9gvKjJPbY9YkjjOMQhfu55vt326slVgqNyqL9C0UlhTVznEYFwGHKRPDWSWsi-H5...
220 B
384 B
Document
General
Full URL
https://samewaygoesyou.com/teleserviceplus/de?dom=geesetracckinggs.com&cep=UgGOTQlspe_ZJQ4r77gvLEVvIvjde5LQx4FlHp7PHqjS1qgEJEWP9M1jMI9gvKjJPbY9YkjjOMQhfu55vt326slVgqNyqL9C0UlhTVznEYFwGHKRPDWSWsi-H5caP2K6T62BzeZ23f4c95R5kpUmo_sWCyQL6Rum0P6r-fh02Z-WANpJf8D_c6AuPRklGyCCAGzo_twpqDqAUluDo8GZm_-L5EQT4ybDgUBlFWgD4TyV3I4VMYGKVTnr66bowhlIkkb73lmEkHUCq1heWaQxO3gWnKXgck9VBzqYvSFTxWa4v8tmUh_vUPiQ0JR9T2Ww3X4dQgDHoaZ43UE7Tpu5G2cBaQWc_SOtkN-hR_4jZngE9xSpRVCnlG99OtKSRugW&lptoken=16bc32e1745280c13688
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.83.117.242 , Russian Federation, ASN209371 (TECHNOX PRIVATE NETWORK, TR),
Reverse DNS
mail5313.affinitygaming.mkt5911.com
Software
Apache /
Resource Hash
b443c2598a4c6e7a84152da61919100da0fbdbf3f9d8007d9dc65d5a8f9b26a8

Request headers

Host
samewaygoesyou.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 27 Sep 2021 12:37:16 GMT
Server
Apache
Content-Length
220
Connection
close
Content-Type
text/html; charset=iso-8859-1

Redirect headers

Server
nginx
Date
Mon, 27 Sep 2021 12:37:16 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://samewaygoesyou.com/teleserviceplus/de?dom=geesetracckinggs.com&cep=UgGOTQlspe_ZJQ4r77gvLEVvIvjde5LQx4FlHp7PHqjS1qgEJEWP9M1jMI9gvKjJPbY9YkjjOMQhfu55vt326slVgqNyqL9C0UlhTVznEYFwGHKRPDWSWsi-H5caP2K6T62BzeZ23f4c95R5kpUmo_sWCyQL6Rum0P6r-fh02Z-WANpJf8D_c6AuPRklGyCCAGzo_twpqDqAUluDo8GZm_-L5EQT4ybDgUBlFWgD4TyV3I4VMYGKVTnr66bowhlIkkb73lmEkHUCq1heWaQxO3gWnKXgck9VBzqYvSFTxWa4v8tmUh_vUPiQ0JR9T2Ww3X4dQgDHoaZ43UE7Tpu5G2cBaQWc_SOtkN-hR_4jZngE9xSpRVCnlG99OtKSRugW&lptoken=16bc32e1745280c13688
Pragma
no-cache
Set-Cookie
3d1623eb-0791-4720-8971-4b60f1b180c2-v4=llrKQLB6JKW93IzC1OLADxlaIgKHKK4ZVbh_FP8hBbg; Max-Age=86400; Expires=Tue, 28-Sep-2021 12:37:16 GMT; Domain=geesetracckinggs.com; Path=/; Secure; HttpOnly;SameSite=None cep-v4=0CSdo-1OD57Ss2MUvcEJyAoXNojB-H4QGca6dTUY8zPmSyKekHGmdvnxQkJq3dcpci18XkDpYrDIZKzaBsX2NvRu9P5AZrLHphYHq4fh964G8H0ZfHtkUVsTRrMapIpCtRighfgkXhu4XkKcI2hqYZ4oq2TRnFikTk_M6Gp7XdyKnFYrtzNDA4FLVpnT62K1a_sFgWX1o2FJ5n-Ar8OACtkue6JS9_xrYWX1rFZ9GFt76IkoZJsIGel3kFloQhY0xK1IlLoUoJHaf-1DKR7oiF7sgDpPDL1u8RO2hfzAdNMHSVqyGZidRS0kjvTmLZjTzLSF6mN4VX7QLq1jmiErSq1zRZ5bZkSwP3PJxADrAjXlJYQrYRWFKGApi_yNRac-; Max-Age=86400; Expires=Tue, 28-Sep-2021 12:37:16 GMT; Domain=geesetracckinggs.com; Path=/; Secure; HttpOnly;SameSite=None

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

2 Cookies

Domain/Path Name / Value
.geesetracckinggs.com/ Name: 3d1623eb-0791-4720-8971-4b60f1b180c2-v4
Value: llrKQLB6JKW93IzC1OLADxlaIgKHKK4ZVbh_FP8hBbg
.geesetracckinggs.com/ Name: cep-v4
Value: 0CSdo-1OD57Ss2MUvcEJyAoXNojB-H4QGca6dTUY8zPmSyKekHGmdvnxQkJq3dcpci18XkDpYrDIZKzaBsX2NvRu9P5AZrLHphYHq4fh964G8H0ZfHtkUVsTRrMapIpCtRighfgkXhu4XkKcI2hqYZ4oq2TRnFikTk_M6Gp7XdyKnFYrtzNDA4FLVpnT62K1a_sFgWX1o2FJ5n-Ar8OACtkue6JS9_xrYWX1rFZ9GFt76IkoZJsIGel3kFloQhY0xK1IlLoUoJHaf-1DKR7oiF7sgDpPDL1u8RO2hfzAdNMHSVqyGZidRS0kjvTmLZjTzLSF6mN4VX7QLq1jmiErSq1zRZ5bZkSwP3PJxADrAjXlJYQrYRWFKGApi_yNRac-

1 Console Messages

Source Level URL
Text
network error URL: https://samewaygoesyou.com/teleserviceplus/de?dom=geesetracckinggs.com&cep=UgGOTQlspe_ZJQ4r77gvLEVvIvjde5LQx4FlHp7PHqjS1qgEJEWP9M1jMI9gvKjJPbY9YkjjOMQhfu55vt326slVgqNyqL9C0UlhTVznEYFwGHKRPDWSWsi-H5caP2K6T62BzeZ23f4c95R5kpUmo_sWCyQL6Rum0P6r-fh02Z-WANpJf8D_c6AuPRklGyCCAGzo_twpqDqAUluDo8GZm_-L5EQT4ybDgUBlFWgD4TyV3I4VMYGKVTnr66bowhlIkkb73lmEkHUCq1heWaQxO3gWnKXgck9VBzqYvSFTxWa4v8tmUh_vUPiQ0JR9T2Ww3X4dQgDHoaZ43UE7Tpu5G2cBaQWc_SOtkN-hR_4jZngE9xSpRVCnlG99OtKSRugW&lptoken=16bc32e1745280c13688
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

geesetracckinggs.com
samewaygoesyou.com
18.195.174.160
77.83.117.242
b443c2598a4c6e7a84152da61919100da0fbdbf3f9d8007d9dc65d5a8f9b26a8