www.dev.gci.exoret.com Open in urlscan Pro
190.115.18.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.dev.gci.exoret.com/
Effective URL:
https://www.dev.gci.exoret.com/
Submission: On May 17 via api (May 17th 2020, 6:54:26 pm UTC) from BE

Summary HTTP 4 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 190.115.18.50, located in Belize and belongs to DDOS-GUARD CORP., BZ. The main domain is www.dev.gci.exoret.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 1st 2020. Valid for: 3 months.

This is the only time www.dev.gci.exoret.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	190.115.18.50 190.115.18.50	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
2	185.129.100.100 185.129.100.100	57724 (DDOS-GUARD) (DDOS-GUARD)
4	3

3 190.115.18.50 (Belize) 1 redirects

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ltd-corporation.com

www.dev.gci.exoret.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.129.100.100 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

check.ddos-guard.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	exoret.com 1 redirects www.dev.gci.exoret.com	2 MB
2	ddos-guard.net check.ddos-guard.net	746 B
4	2

	Domain	Requested by
3	www.dev.gci.exoret.com	1 redirects www.dev.gci.exoret.com
2	check.ddos-guard.net	www.dev.gci.exoret.com
4	2

This site contains no links.

Subject Issuer	Validity	Valid
dev.gci.exoret.com Let's Encrypt Authority X3	`2020-05-01` - `2020-07-30`	3 months	crt.sh
*.ddos-guard.net Sectigo RSA Domain Validation Secure Server CA	`2019-07-03` - `2021-07-02`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.dev.gci.exoret.com/
Frame ID: 724855DB9A5249C370C87C5E996CCCE5
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.dev.gci.exoret.com/ HTTP 301
https://www.dev.gci.exoret.com/ Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

2032 kB
Transfer

3343 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.dev.gci.exoret.com/ HTTP 301
https://www.dev.gci.exoret.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.dev.gci.exoret.com/ Redirect Chain http://www.dev.gci.exoret.com/ https://www.dev.gci.exoret.com/	2 MB 2 MB	749ms 625ms	Document text/html	190.115.18.50 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Full URL https://www.dev.gci.exoret.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.18.50 , Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS ltd-corporation.com Software ddos-guard / Resource Hash `7f1c83ed32725481fafa0418bb97ccac9d592d62cfd18a4a7553faebf6b042af` Request headers :method GET :authority www.dev.gci.exoret.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US cookie __ddg1=9QudrIFkSxpa0TYTdxii Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 server ddos-guard set-cookie _csrf=XNZyFlH-G2G2DzJGSZUC3B-U; Path=/ XSRF-TOKEN=j34BKSJj-3YsV3dGHaNq3GBxHM3UpvwXu7lQ; Path=/ connect.sid=s%3A4DJxy7tTpAIsj8dBuniCrDYj_d0oEOWH.sSKW75M%2FaF0uksjw%2BGyv7p0qqSR1TNarkYph87tOoNM; Path=/; HttpOnly content-type text/html; charset=utf-8 etag W/"1f439e-CwChBquAA9IMBRNpjaQb5OhiXL0" date Sun, 17 May 2020 18:53:48 GMT vary Accept-Encoding Redirect headers Server ddos-guard Connection keep-alive Keep-Alive timeout=60 Set-Cookie __ddg1=9QudrIFkSxpa0TYTdxii; Domain=.exoret.com; HttpOnly; Path=/; Expires=Mon, 17-May-2021 18:53:48 GMT Location https://www.dev.gci.exoret.com/ Vary Accept, Accept-Encoding Content-Type text/html; charset=utf-8 Date Sun, 17 May 2020 18:53:48 GMT Content-Encoding gzip Transfer-Encoding chunked
GET H2	200	check.js Show response check.ddos-guard.net/	152 B 493 B	188ms 61ms	Script application/javascript	185.129.100.100 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://check.ddos-guard.net/check.js Requested by Host: www.dev.gci.exoret.com URL: https://www.dev.gci.exoret.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.100 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash `7c83d16635b94e3c33912089311d7abe8631bdc4f232af6d2b0d826e3de114ee` Request headers Referer https://www.dev.gci.exoret.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 17 May 2020 18:53:49 GMT last-modified Thu, 01 Jan 1970 00:00:00 GMT server ddos-guard etag Gr0xcCXqCHdShRMF p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" status 200 cache-control private, s-maxage=0, max-age=31536000 content-type application/javascript content-length 152 expires Mon, 17 May 2021 18:53:49 GMT
GET DATA	200 OK	truncated /	1 MB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `59df5c35e94f900a2b5862f1fe6ed86bca1613df1c03395077230aec8f593604` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	14 KB 14 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer Origin https://www.dev.gci.exoret.com Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	14 KB 14 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer Origin https://www.dev.gci.exoret.com Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	40 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `268c50b457910617a94119fb1af5d98cb132a2256aabbeba9f5feddfafd17fe9` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	50 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8641e2860cfc4ba8e44b23c36aafa44f61a00c65017bd679fb00926e3c915c17` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	7 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `28f78948e08cc1cc7ecced9d4cc35ad1d28bdacebeab73a1cfd00ffa3e68e1b6` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	20 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7a74454e91ed810ff12035698cd323fdc92d483f88848117fc3b2a7ca4de1e73` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	Gr0xcCXqCHdShRMF www.dev.gci.exoret.com/.well-known/ddos-guard/id/	68 B 238 B	60ms 59ms	Image image/png	190.115.18.50 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Show image Full URL https://www.dev.gci.exoret.com/.well-known/ddos-guard/id/Gr0xcCXqCHdShRMF Requested by Host: www.dev.gci.exoret.com URL: https://www.dev.gci.exoret.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.18.50 , Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS ltd-corporation.com Software ddos-guard / Resource Hash `f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710` Request headers Referer https://www.dev.gci.exoret.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Sun, 17 May 2020 18:53:49 GMT cache-control no-cache server ddos-guard content-type image/png content-length 68 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	Gr0xcCXqCHdShRMF check.ddos-guard.net/set/id/	68 B 253 B	63ms 62ms	Image image/png	185.129.100.100 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://check.ddos-guard.net/set/id/Gr0xcCXqCHdShRMF Requested by Host: www.dev.gci.exoret.com URL: https://www.dev.gci.exoret.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.100 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash `f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710` Request headers Referer https://www.dev.gci.exoret.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Sun, 17 May 2020 18:53:49 GMT server ddos-guard p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" status 200 cache-control no-cache content-type image/png content-length 68 expires Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.exoret.com/	1970-01-19 18:21:17	Name: __ddg2 Value: Gr0xcCXqCHdShRMF
www.dev.gci.exoret.com/	1969-12-31 23:59:59	Name: connect.sid Value: s%3A4DJxy7tTpAIsj8dBuniCrDYj_d0oEOWH.sSKW75M%2FaF0uksjw%2BGyv7p0qqSR1TNarkYph87tOoNM
www.dev.gci.exoret.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: j34BKSJj-3YsV3dGHaNq3GBxHM3UpvwXu7lQ
www.dev.gci.exoret.com/	1969-12-31 23:59:59	Name: _csrf Value: XNZyFlH-G2G2DzJGSZUC3B-U
.exoret.com/	1970-01-19 18:21:17	Name: __ddg1 Value: 9QudrIFkSxpa0TYTdxii

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

check.ddos-guard.net
www.dev.gci.exoret.com
185.129.100.100
190.115.18.50
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
268c50b457910617a94119fb1af5d98cb132a2256aabbeba9f5feddfafd17fe9
28f78948e08cc1cc7ecced9d4cc35ad1d28bdacebeab73a1cfd00ffa3e68e1b6
59df5c35e94f900a2b5862f1fe6ed86bca1613df1c03395077230aec8f593604
7a74454e91ed810ff12035698cd323fdc92d483f88848117fc3b2a7ca4de1e73
7c83d16635b94e3c33912089311d7abe8631bdc4f232af6d2b0d826e3de114ee
7f1c83ed32725481fafa0418bb97ccac9d592d62cfd18a4a7553faebf6b042af
8641e2860cfc4ba8e44b23c36aafa44f61a00c65017bd679fb00926e3c915c17
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

www.dev.gci.exoret.com Open in urlscan Pro 190.115.18.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

2032 kBTransfer

3343 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

5 Cookies

Indicators

www.dev.gci.exoret.com Open in urlscan Pro
190.115.18.50 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

2032 kB
Transfer

3343 kB
Size

5
Cookies

4 HTTP transactions
7 data transactions