URL: https://www.gcmsconfirmation.com/
Submission: On September 03 via automatic, source certstream-suspicious

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 204.93.183.55, located in United States and belongs to SERVERCENTRAL, US. The main domain is www.gcmsconfirmation.com.
TLS certificate: Issued by R3 on September 3rd 2021. Valid for: 3 months.
This is the only time www.gcmsconfirmation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 204.93.183.55 23352 (SERVERCEN...)
2 50.62.168.4 26496 (AS-26496-...)
2 2a00:1450:400... 15169 (GOOGLE)
20 3
Domain Requested by
11 www.gcmsconfirmation.com www.gcmsconfirmation.com
5 www.drugsimages.com www.gcmsconfirmation.com
2 ssl.google-analytics.com www.gcmsconfirmation.com
2 www.uatests.com www.gcmsconfirmation.com
20 4

This site contains links to these domains. Also see Links.

Domain
e-z-cup.com
drug-test-store.com
www.uatests.com
Subject Issuer Validity Valid
gcmsconfirmation.com
R3
2021-09-03 -
2021-12-02
3 months crt.sh
drugsimages.com
R3
2021-09-03 -
2021-12-02
3 months crt.sh
uatests.com
Starfield Secure Certificate Authority - G2
2021-01-25 -
2022-01-25
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-08-16 -
2021-11-08
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.gcmsconfirmation.com/
Frame ID: 5D14735C1C0B15A870B0C1B64E5638CD
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

GC-MS Confirmation - GCMS Laboratory Services - GC-MS-MS, MRO

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

20
Requests

100 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

332 kB
Transfer

433 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.gcmsconfirmation.com/
34 KB
12 KB
Document
General
Full URL
https://www.gcmsconfirmation.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
204.93.183.55 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sc511.whpservers.com
Software
Apache/2 /
Resource Hash
ea1efc6da3881b559b202da5b0cb254217621cd2548c7b3a6aca21c2d658c736

Request headers

:method
GET
:authority
www.gcmsconfirmation.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:02:06 GMT
server
Apache/2
last-modified
Tue, 02 May 2017 21:12:21 GMT
etag
"8930-54e90fed23740-gzip"
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
11793
content-type
text/html
style.css
www.gcmsconfirmation.com/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://www.gcmsconfirmation.com/css/style.css
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
204.93.183.55 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sc511.whpservers.com
Software
Apache/2 /
Resource Hash
01b9db3b27129802a0e7b9a32ee1feecca3d8d282c9ade393fb52a7e8cfdd829

Request headers

:path
/css/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.gcmsconfirmation.com
referer
https://www.gcmsconfirmation.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gcmsconfirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:02:06 GMT
content-encoding
gzip
last-modified
Mon, 03 Oct 2016 21:31:52 GMT
server
Apache/2
etag
"1718-53dfcac1a2200-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
1573
jquery.min.js
www.gcmsconfirmation.com/js/
76 KB
26 KB
Script
General
Full URL
https://www.gcmsconfirmation.com/js/jquery.min.js
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
204.93.183.55 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sc511.whpservers.com
Software
Apache/2 /
Resource Hash
1d369719ee39cd798d4b1e57b504bdc09608d63d6190c0847437600eb3c0b827

Request headers

:path
/js/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gcmsconfirmation.com
referer
https://www.gcmsconfirmation.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gcmsconfirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:02:06 GMT
content-encoding
gzip
last-modified
Mon, 03 Oct 2016 21:31:55 GMT
server
Apache/2
etag
"13058-53dfcac47e8c0-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
26829
back-to-top.js
www.gcmsconfirmation.com/js/
484 B
372 B
Script
General
Full URL
https://www.gcmsconfirmation.com/js/back-to-top.js
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
204.93.183.55 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sc511.whpservers.com
Software
Apache/2 /
Resource Hash
f47e9810847f98ec32b2068e0418a7d12e37c7bfab2a89b20fa9dc16c8fb5d3e

Request headers

:path
/js/back-to-top.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gcmsconfirmation.com
referer
https://www.gcmsconfirmation.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gcmsconfirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:02:06 GMT
content-encoding
gzip
last-modified
Mon, 03 Oct 2016 21:31:55 GMT
server
Apache/2
etag
"1e4-53dfcac47e8c0-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
279
lab-services.jpg
www.drugsimages.com/img/
22 KB
22 KB
Image
General
Full URL
https://www.drugsimages.com/img/lab-services.jpg
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
204.93.183.55 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sc511.whpservers.com
Software
Apache/2 /
Resource Hash
d72b8680b47f918cf94d66d2d2744a60b12389ce273ba740f93ad1c9cfa5f4b5

Request headers

Referer
https://www.gcmsconfirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:02:07 GMT
last-modified
Wed, 22 Jun 2016 16:48:59 GMT
server
Apache/2
accept-ranges
bytes
etag
"57a7-535e0b6c714c0"
content-length
22439
content-type
image/jpeg
Best_Guarantee.jpg
www.uatests.com/img/
25 KB
26 KB
Image
General
Full URL
https://www.uatests.com/img/Best_Guarantee.jpg
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
50.62.168.4 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
p3nwvpweb124.shr.prod.phx3.secureserver.net
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
0a504e08585d902c0fabf7962db927f85fe3a63425a4fd69956de9fa1393bb91

Request headers

Referer
https://www.gcmsconfirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Fri, 03 Sep 2021 19:02:07 GMT
Last-Modified
Thu, 25 Jun 2020 12:28:39 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"d36ab427ec4ad61:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
25980
MRO-Medical-Review-Officer-Services.jpg
www.drugsimages.com/img/
15 KB
15 KB
Image
General
Full URL
https://www.drugsimages.com/img/MRO-Medical-Review-Officer-Services.jpg
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
204.93.183.55 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sc511.whpservers.com
Software
Apache/2 /
Resource Hash
1f603d229abc2124ac47b2c7ab729947560d6afc3759cec28310c84dd8afdb32

Request headers

Referer
https://www.gcmsconfirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:02:07 GMT
last-modified
Wed, 22 Jun 2016 16:49:05 GMT
server
Apache/2
accept-ranges
bytes
etag
"3a1a-535e0b722a240"
content-length
14874
content-type
image/jpeg
gcms-machine.jpg
www.drugsimages.com/img/
12 KB
13 KB
Image
General
Full URL
https://www.drugsimages.com/img/gcms-machine.jpg
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
204.93.183.55 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sc511.whpservers.com
Software
Apache/2 /
Resource Hash
4b5fb77b2a425d556d63d4b73fee17b81e0917d891d9669b092323a477c6259e

Request headers

Referer
https://www.gcmsconfirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:02:07 GMT
last-modified
Wed, 22 Jun 2016 16:48:46 GMT
server
Apache/2
accept-ranges
bytes
etag
"319a-535e0b600b780"
content-length
12698
content-type
image/jpeg
gcms-machine-interior.jpg
www.drugsimages.com/img/
15 KB
15 KB
Image
General
Full URL
https://www.drugsimages.com/img/gcms-machine-interior.jpg
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
204.93.183.55 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sc511.whpservers.com
Software
Apache/2 /
Resource Hash
6dcaed5f32f8ed89a012d57fb3ca90942bb4c1fe7789b395cf49e274837c5ec7

Request headers

Referer
https://www.gcmsconfirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:02:07 GMT
last-modified
Wed, 22 Jun 2016 16:48:46 GMT
server
Apache/2
accept-ranges
bytes
etag
"3a24-535e0b600b780"
content-length
14884
content-type
image/jpeg
gcms-works-flowchart.gif
www.drugsimages.com/img/
18 KB
18 KB
Image
General
Full URL
https://www.drugsimages.com/img/gcms-works-flowchart.gif
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
204.93.183.55 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sc511.whpservers.com
Software
Apache/2 /
Resource Hash
b670c5befe2f96e5ffa4866c2467290be97045698664bd1083686d57f805efa4

Request headers

Referer
https://www.gcmsconfirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:02:07 GMT
last-modified
Wed, 22 Jun 2016 16:48:46 GMT
server
Apache/2
accept-ranges
bytes
etag
"4742-535e0b600b780"
content-length
18242
content-type
image/gif
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gcmsconfirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
891
date
Fri, 03 Sep 2021 18:47:15 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Fri, 03 Sep 2021 20:47:15 GMT
base_bg.png
www.gcmsconfirmation.com/images/
2 KB
2 KB
Image
General
Full URL
https://www.gcmsconfirmation.com/images/base_bg.png
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
204.93.183.55 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sc511.whpservers.com
Software
Apache/2 /
Resource Hash
9f45301df74200db3cd6e40d1102b42b1182aa81865fd4db6400b54fe1e32bdf

Request headers

:path
/images/base_bg.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gcmsconfirmation.com
referer
https://www.gcmsconfirmation.com/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gcmsconfirmation.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:02:06 GMT
last-modified
Mon, 03 Oct 2016 21:31:52 GMT
server
Apache/2
accept-ranges
bytes
etag
"6c5-53dfcac1a2200"
content-length
1733
content-type
image/png
header_bg.png
www.gcmsconfirmation.com/images/
12 KB
12 KB
Image
General
Full URL
https://www.gcmsconfirmation.com/images/header_bg.png
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
204.93.183.55 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sc511.whpservers.com
Software
Apache/2 /
Resource Hash
3b957305b2c1e54c09fb0de60dccb0ea5237c237bca342be96125efc6236e029

Request headers

:path
/images/header_bg.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gcmsconfirmation.com
referer
https://www.gcmsconfirmation.com/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gcmsconfirmation.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:02:06 GMT
last-modified
Mon, 03 Oct 2016 21:31:53 GMT
server
Apache/2
accept-ranges
bytes
etag
"312c-53dfcac296440"
content-length
12588
content-type
image/png
logo.png
www.gcmsconfirmation.com/images/
2 KB
2 KB
Image
General
Full URL
https://www.gcmsconfirmation.com/images/logo.png
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
204.93.183.55 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sc511.whpservers.com
Software
Apache/2 /
Resource Hash
ab3e2d9524ef40be28843163a240474352b1e4bc7cf743dff474779d18b8b772

Request headers

:path
/images/logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gcmsconfirmation.com
referer
https://www.gcmsconfirmation.com/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gcmsconfirmation.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:02:06 GMT
last-modified
Mon, 03 Oct 2016 21:31:53 GMT
server
Apache/2
accept-ranges
bytes
etag
"75e-53dfcac296440"
content-length
1886
content-type
image/png
img01.png
www.gcmsconfirmation.com/images/
145 KB
146 KB
Image
General
Full URL
https://www.gcmsconfirmation.com/images/img01.png
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
204.93.183.55 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sc511.whpservers.com
Software
Apache/2 /
Resource Hash
dcba6d637fd810c098ea0e2405f66bd90b9b9b815805514505e3a6fa6aef0945

Request headers

:path
/images/img01.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gcmsconfirmation.com
referer
https://www.gcmsconfirmation.com/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gcmsconfirmation.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:02:06 GMT
last-modified
Mon, 03 Oct 2016 21:31:53 GMT
server
Apache/2
accept-ranges
bytes
etag
"24547-53dfcac296440"
content-length
148807
content-type
image/png
INDTEXTB.JPG
www.uatests.com/img/
959 B
1 KB
Image
General
Full URL
https://www.uatests.com/img/INDTEXTB.JPG
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
50.62.168.4 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
p3nwvpweb124.shr.prod.phx3.secureserver.net
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
97b956c8b212e03cef834871858b508957e560e82bf4d1640b642b7e4932d237

Request headers

Referer
https://www.gcmsconfirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Fri, 03 Sep 2021 19:02:07 GMT
Last-Modified
Thu, 25 Jun 2020 12:28:45 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"f55ac2bec4ad61:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
959
INDTEXTB.JPG
www.gcmsconfirmation.com/img/
315 B
315 B
Image
General
Full URL
https://www.gcmsconfirmation.com/img/INDTEXTB.JPG
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
204.93.183.55 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sc511.whpservers.com
Software
Apache/2 /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

:path
/img/INDTEXTB.JPG
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gcmsconfirmation.com
referer
https://www.gcmsconfirmation.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gcmsconfirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:02:06 GMT
server
Apache/2
content-length
315
content-type
text/html; charset=iso-8859-1
__utm.gif
ssl.google-analytics.com/r/
35 B
54 B
Image
General
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=162636359&utmhn=www.gcmsconfirmation.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=GC-MS%20Confirmation%20-%20GCMS%20Laboratory%20Services%20-%20GC-MS-MS%2C%20MRO&utmhid=2083581771&utmr=-&utmp=%2F&utmht=1630695727104&utmac=UA-11375694-26&utmcc=__utma%3D113403537.1559114742.1630695727.1630695727.1630695727.1%3B%2B__utmz%3D113403537.1630695727.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1458222577&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gcmsconfirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Sep 2021 19:02:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
footer_bg.png
www.gcmsconfirmation.com/images/
1 KB
1 KB
Image
General
Full URL
https://www.gcmsconfirmation.com/images/footer_bg.png
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
204.93.183.55 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sc511.whpservers.com
Software
Apache/2 /
Resource Hash
622551ad65b7a5e90c2f41a9b1bd827cb5bf6c341d78b380d3de26b8351cb09c

Request headers

:path
/images/footer_bg.png
pragma
no-cache
cookie
__utma=113403537.1559114742.1630695727.1630695727.1630695727.1; __utmc=113403537; __utmz=113403537.1630695727.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=113403537.1.10.1630695727
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gcmsconfirmation.com
referer
https://www.gcmsconfirmation.com/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gcmsconfirmation.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:02:07 GMT
last-modified
Mon, 03 Oct 2016 21:31:53 GMT
server
Apache/2
accept-ranges
bytes
etag
"4df-53dfcac296440"
content-length
1247
content-type
image/png
up-arrow.png
www.gcmsconfirmation.com/images/
1 KB
1 KB
Image
General
Full URL
https://www.gcmsconfirmation.com/images/up-arrow.png
Requested by
Host: www.gcmsconfirmation.com
URL: https://www.gcmsconfirmation.com/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
204.93.183.55 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sc511.whpservers.com
Software
Apache/2 /
Resource Hash
2f87ade04caae49e3741abc12e6f7cb83392c42436f2981d94addd901d86deb3

Request headers

:path
/images/up-arrow.png
pragma
no-cache
cookie
__utma=113403537.1559114742.1630695727.1630695727.1630695727.1; __utmc=113403537; __utmz=113403537.1630695727.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=113403537.1.10.1630695727
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gcmsconfirmation.com
referer
https://www.gcmsconfirmation.com/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gcmsconfirmation.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:02:07 GMT
last-modified
Mon, 03 Oct 2016 21:31:54 GMT
server
Apache/2
accept-ranges
bytes
etag
"566-53dfcac38a680"
content-length
1382
content-type
image/png

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery string| gaJsHost object| _gat object| _gaq object| pageTracker object| gaGlobal

5 Cookies

Domain/Path Name / Value
.gcmsconfirmation.com/ Name: __utmb
Value: 113403537.1.10.1630695727
.gcmsconfirmation.com/ Name: __utmt
Value: 1
.gcmsconfirmation.com/ Name: __utmz
Value: 113403537.1630695727.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.gcmsconfirmation.com/ Name: __utmc
Value: 113403537
.gcmsconfirmation.com/ Name: __utma
Value: 113403537.1559114742.1630695727.1630695727.1630695727.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ssl.google-analytics.com
www.drugsimages.com
www.gcmsconfirmation.com
www.uatests.com
204.93.183.55
2a00:1450:4001:82f::2008
50.62.168.4
01b9db3b27129802a0e7b9a32ee1feecca3d8d282c9ade393fb52a7e8cfdd829
0a504e08585d902c0fabf7962db927f85fe3a63425a4fd69956de9fa1393bb91
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1d369719ee39cd798d4b1e57b504bdc09608d63d6190c0847437600eb3c0b827
1f603d229abc2124ac47b2c7ab729947560d6afc3759cec28310c84dd8afdb32
2f87ade04caae49e3741abc12e6f7cb83392c42436f2981d94addd901d86deb3
3b957305b2c1e54c09fb0de60dccb0ea5237c237bca342be96125efc6236e029
4b5fb77b2a425d556d63d4b73fee17b81e0917d891d9669b092323a477c6259e
622551ad65b7a5e90c2f41a9b1bd827cb5bf6c341d78b380d3de26b8351cb09c
6dcaed5f32f8ed89a012d57fb3ca90942bb4c1fe7789b395cf49e274837c5ec7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
97b956c8b212e03cef834871858b508957e560e82bf4d1640b642b7e4932d237
9f45301df74200db3cd6e40d1102b42b1182aa81865fd4db6400b54fe1e32bdf
ab3e2d9524ef40be28843163a240474352b1e4bc7cf743dff474779d18b8b772
b670c5befe2f96e5ffa4866c2467290be97045698664bd1083686d57f805efa4
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d72b8680b47f918cf94d66d2d2744a60b12389ce273ba740f93ad1c9cfa5f4b5
dcba6d637fd810c098ea0e2405f66bd90b9b9b815805514505e3a6fa6aef0945
ea1efc6da3881b559b202da5b0cb254217621cd2548c7b3a6aca21c2d658c736
f47e9810847f98ec32b2068e0418a7d12e37c7bfab2a89b20fa9dc16c8fb5d3e