gsamail.net - urlscan.io

Summary

This website contacted 4 IPs in 1 countries across 5 domains to perform 6 HTTP transactions. The main IP is 173.246.57.9, located in Pompano Beach, United States and belongs to BIZNESSHOSTING-DBA-VOLICO - VOLICO, US. The main domain is gsamail.net.

This is the only time gsamail.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	173.246.57.9 173.246.57.9	33724 (BIZNESSHO...) (BIZNESSHOSTING-DBA-VOLICO - VOLICO)
2 2	2606:4700:30:... 2606:4700:30::6812:27f8	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	134.209.141.174 134.209.141.174	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	13.224.197.38 13.224.197.38	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	4

3 173.246.57.9 (Pompano Beach, United States)

ASN33724 (BIZNESSHOSTING-DBA-VOLICO - VOLICO, US)
PTR: 9.57.246.173.in-addr.arpa

gsamail.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::6812:27f8 (United States) 2 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

vid-links.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 134.209.141.174 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

dubb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net

do.dubbcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.197.38 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-197-38.fra2.r.cloudfront.net

powered.phplist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	gsamail.net gsamail.net	4 KB
2	dubb.com 1 redirects dubb.com	2 KB
2	vid-links.com 2 redirects vid-links.com	1 KB
1	phplist.com powered.phplist.com	3 KB
1	dubbcdn.com do.dubbcdn.com	3 MB
6	5

	Domain	Requested by
3	gsamail.net	gsamail.net
2	dubb.com	1 redirects gsamail.net
2	vid-links.com	2 redirects
1	powered.phplist.com	gsamail.net
1	do.dubbcdn.com	gsamail.net
6	5

This site contains links to these domains. Also see Links.

Domain
vid-links.com
www.phplist.com

Subject Issuer	Validity	Valid
dubbcdn.com Let's Encrypt Authority X3	`2019-11-10` - `2020-02-08`	3 months	crt.sh
*.dubb.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-29` - `2021-11-28`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://gsamail.net/?m=48&uid=15e4836873085ef9bb141d3a9592ede5&p=view&pi=ViewBrowserPlugin
Frame ID: 22DD9A3D26A9CE3D2957DDA4A2B7414C
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

6
Requests

33 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

1
Countries

2781 kB
Transfer

2789 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://vid-links.com/v/97dy0A?from_email=1

Search URL Search Domain Scan URL

URL: https://www.phplist.com/poweredby?utm_source=pl3.4.8&utm_medium=poweredhostedimg&utm_campaign=phpList

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://vid-links.com/v/97dy0A/preview.gif HTTP 302
https://dubb.com/v/97dy0A/preview.gif HTTP 302
https://do.dubbcdn.com/videos/2019-11-24/b71bfc62e13e3d8214762792849e22ac/1574607318_gif.gif

Request Chain 2

https://vid-links.com/v/97dy0A/track-image.png?iat=1574608613&hash=%242y%2410%24Jaz5ZZKIF9XIEoAG94yyiuCWBoAMucDMy0%2F.CL51q7k6dIOmzokNO HTTP 301
https://dubb.com/v/97dy0A/track-image.png?iat=1574608613&hash=%242y%2410%24Jaz5ZZKIF9XIEoAG94yyiuCWBoAMucDMy0%2F.CL51q7k6dIOmzokNO

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
gsamail.net/ 15 KB
4 KB 297ms
163ms Document
text/html 173.246.57.9
VOLICO

General

Check archive.org

Show headers Download Go to

Full URL: http://gsamail.net/?m=48&uid=15e4836873085ef9bb141d3a9592ede5&p=view&pi=ViewBrowserPlugin
Protocol: HTTP/1.1
Server: 173.246.57.9 Pompano Beach, United States, ASN33724 (BIZNESSHOSTING-DBA-VOLICO - VOLICO, US),
Reverse DNS: 9.57.246.173.in-addr.arpa
Software: Apache /
Resource Hash: 9bace0040a2d084b254c277d918bd7eccee01ccebdc5e6ded344a0e510dd2c4f

Request headers

Host: gsamail.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Dec 2019 00:00:31 GMT
Server: Apache
Set-Cookie: PHPSESSID=njn0mg24t5lv403jun95kunhl0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: http://gsamail.net
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3460
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 404
Not Found MarketUS_logo_400x89.jpg
gsamail.net/images/image/ 196 B
196 B 118ms
118ms Image
text/html 173.246.57.9
VOLICO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gsamail.net/images/image/MarketUS_logo_400x89.jpg
Requested by: Host: gsamail.net
URL: http://gsamail.net/?m=48&uid=15e4836873085ef9bb141d3a9592ede5&p=view&pi=ViewBrowserPlugin
Protocol: HTTP/1.1
Server: 173.246.57.9 Pompano Beach, United States, ASN33724 (BIZNESSHOSTING-DBA-VOLICO - VOLICO, US),
Reverse DNS: 9.57.246.173.in-addr.arpa
Software: Apache /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Referer: http://gsamail.net/?m=48&uid=15e4836873085ef9bb141d3a9592ede5&p=view&pi=ViewBrowserPlugin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Dec 2019 00:00:31 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 196
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

1574607318_gif.gif
do.dubbcdn.com/videos/2019-11-24/b71bfc62e13e3d8214762792849e22ac/
Redirect Chain

https://vid-links.com/v/97dy0A/preview.gif
https://dubb.com/v/97dy0A/preview.gif
https://do.dubbcdn.com/videos/2019-11-24/b71bfc62e13e3d8214762792849e22ac/1574607318_gif.gif

3 MB
3 MB

114ms
16ms

Image
image/gif

205.185.216.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do.dubbcdn.com/videos/2019-11-24/b71bfc62e13e3d8214762792849e22ac/1574607318_gif.gif

Requested by

Host: gsamail.net
URL: http://gsamail.net/?m=48&uid=15e4836873085ef9bb141d3a9592ede5&p=view&pi=ViewBrowserPlugin

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),

Reverse DNS

map2.hwcdn.net

Software

/

Resource Hash

7a3cc63958c49b27091ada27e38fa338c5f908f0d91915c45faed192bbe0680b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: http://gsamail.net/?m=48&uid=15e4836873085ef9bb141d3a9592ede5&p=view&pi=ViewBrowserPlugin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Dec 2019 00:00:33 GMT
Last-Modified: Sun, 24 Nov 2019 14:55:18 GMT
x-amz-request-id: tx00000000000004aac817e-005de3f547-37cb64-sfo2a
ETag: "d49e34cb130c76c6917c3a9f255c1143"
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
X-HW: 1575504033.dop134.fr8.t,1575504033.cds060.fr8.shn,1575504033.dop134.fr8.t,1575504033.cds111.fr8.c
Content-Type: image/gif
Cache-Control: max-age=321318
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2838743

Redirect headers

Location: https://do.dubbcdn.com/videos/2019-11-24/b71bfc62e13e3d8214762792849e22ac/1574607318_gif.gif
Date: Thu, 05 Dec 2019 00:00:33 GMT
Cache-Control: no-cache, private
Server: nginx/1.16.1
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

track-image.png
dubb.com/v/97dy0A/
Redirect Chain

https://vid-links.com/v/97dy0A/track-image.png?iat=1574608613&hash=%242y%2410%24Jaz5ZZKIF9XIEoAG94yyiuCWBoAMucDMy0%2F.CL51q7k6dIOmzokNO
https://dubb.com/v/97dy0A/track-image.png?iat=1574608613&hash=%242y%2410%24Jaz5ZZKIF9XIEoAG94yyiuCWBoAMucDMy0%2F.CL51q7k6dIOmzokNO

95 B
1 KB

1775ms
1281ms

Image
image/png

134.209.141.174
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dubb.com/v/97dy0A/track-image.png?iat=1574608613&hash=%242y%2410%24Jaz5ZZKIF9XIEoAG94yyiuCWBoAMucDMy0%2F.CL51q7k6dIOmzokNO
Requested by: Host: gsamail.net
URL: http://gsamail.net/?m=48&uid=15e4836873085ef9bb141d3a9592ede5&p=view&pi=ViewBrowserPlugin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 134.209.141.174 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: http://gsamail.net/?m=48&uid=15e4836873085ef9bb141d3a9592ede5&p=view&pi=ViewBrowserPlugin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Dec 2019 00:00:32 GMT
Cache-Control: no-cache, private
X-RateLimit-Limit: 10
X-RateLimit-Remaining: 9
Transfer-Encoding: chunked
Server: nginx/1.16.1
Content-Type: png

Redirect headers

date: Thu, 05 Dec 2019 00:00:31 GMT
cf-cache-status: HIT
server: cloudflare
age: 132
location: https://dubb.com/v/97dy0A/track-image.png?iat=1574608613&hash=%242y%2410%24Jaz5ZZKIF9XIEoAG94yyiuCWBoAMucDMy0%2F.CL51q7k6dIOmzokNO
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 301
cache-control: max-age=14400
cf-ray: 5401bd8599d1cbb4-VIE

GET
H/1.1 200
OK power-phplist.png
powered.phplist.com/images/3.4.8/ 2 KB
3 KB 73ms
6ms Image
image/png 13.224.197.38
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://powered.phplist.com/images/3.4.8/power-phplist.png
Requested by: Host: gsamail.net
URL: http://gsamail.net/?m=48&uid=15e4836873085ef9bb141d3a9592ede5&p=view&pi=ViewBrowserPlugin
Protocol: HTTP/1.1
Server: 13.224.197.38 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-38.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e97007e78654d70bea69fd7e51047c1f4949b35d7ce26d49eb66c5ba42097f12

Request headers

Referer: http://gsamail.net/?m=48&uid=15e4836873085ef9bb141d3a9592ede5&p=view&pi=ViewBrowserPlugin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Dec 2019 05:59:46 GMT
Via: 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
Last-Modified: Mon, 11 Nov 2019 16:57:35 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1573491449/ctime:1573491435/gid:1000/gname:suela/md5:5021a64cdd02552a3eb08de5a9254fd6/mode:33188/mtime:1573491194/uid:1000/uname:suela
Age: 64846
ETag: "5021a64cdd02552a3eb08de5a9254fd6"
X-Cache: Hit from cloudfront
Content-Type: image/png
X-Amz-Cf-Pop: FRA2-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2135
X-Amz-Cf-Id: OqIUznKhW--rCAAii0xjq7SPinUH82MyddZeoxJjI3eoFT06F7Bz-Q==

GET
H/1.1 200
OK ut.php
gsamail.net/ 167 B
450 B 250ms
133ms Image
image/png 173.246.57.9
VOLICO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gsamail.net/ut.php?u=15e4836873085ef9bb141d3a9592ede5&m=48
Requested by: Host: gsamail.net
URL: http://gsamail.net/?m=48&uid=15e4836873085ef9bb141d3a9592ede5&p=view&pi=ViewBrowserPlugin
Protocol: HTTP/1.1
Server: 173.246.57.9 Pompano Beach, United States, ASN33724 (BIZNESSHOSTING-DBA-VOLICO - VOLICO, US),
Reverse DNS: 9.57.246.173.in-addr.arpa
Software: Apache /
Resource Hash: e740a722b56867f331b60884e30a97929c3c5397e76c8d0ebe9fae242e34d358

Request headers

Referer: http://gsamail.net/?m=48&uid=15e4836873085ef9bb141d3a9592ede5&p=view&pi=ViewBrowserPlugin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Dec 2019 00:00:31 GMT
Server: Apache
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 167
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gsamail.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: njn0mg24t5lv403jun95kunhl0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

do.dubbcdn.com
dubb.com
gsamail.net
powered.phplist.com
vid-links.com
13.224.197.38
134.209.141.174
173.246.57.9
205.185.216.42
2606:4700:30::6812:27f8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
7a3cc63958c49b27091ada27e38fa338c5f908f0d91915c45faed192bbe0680b
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
9bace0040a2d084b254c277d918bd7eccee01ccebdc5e6ded344a0e510dd2c4f
e740a722b56867f331b60884e30a97929c3c5397e76c8d0ebe9fae242e34d358
e97007e78654d70bea69fd7e51047c1f4949b35d7ce26d49eb66c5ba42097f12

gsamail.net Open in urlscan Pro 173.246.57.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

6 Requests

33 %HTTPS

20 %IPv6

5 Domains

5 Subdomains

4 IPs

1 Countries

2781 kBTransfer

2789 kBSize

1 Cookies

2 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

gsamail.net Open in urlscan Pro
173.246.57.9 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

33 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

1
Countries

2781 kB
Transfer

2789 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions