exception.gfs-express.com Open in urlscan Pro
75.2.88.22 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://exception.gfs-express.com/
Submission: On February 19 via api (February 19th 2024, 1:12:08 pm UTC) from US — Scanned from US

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 75.2.88.22, located in United States and belongs to . The main domain is exception.gfs-express.com.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on May 9th 2023. Valid for: a year.

This is the only time exception.gfs-express.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	75.2.88.22 75.2.88.22	() ()
9	104.18.24.201 104.18.24.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:a66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:b66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	5

1 75.2.88.22 (United States)

ASN- ()
PTR: a46100f87fcd03295.awsglobalaccelerator.com

exception.gfs-express.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.24.201 (None, )

ASN13335 (CLOUDFLARENET, US)

s4.forcloudcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3.forcloudcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:a66 (United States)

ASN13335 (CLOUDFLARENET, US)

gw.gfs-express.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
client-metrics.gfs-express.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:b66 (United States)

ASN13335 (CLOUDFLARENET, US)

client-metrics.gfs-express.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	forcloudcdn.com s4.forcloudcdn.com — Cisco Umbrella Rank: 528057 s3.forcloudcdn.com — Cisco Umbrella Rank: 459101	355 KB
4	gfs-express.com exception.gfs-express.com gw.gfs-express.com client-metrics.gfs-express.com	3 KB
0	duolainc.com Failed altest.duolainc.com Failed
15	3

	Domain	Requested by
8	s4.forcloudcdn.com	exception.gfs-express.com s4.forcloudcdn.com
2	client-metrics.gfs-express.com	s4.forcloudcdn.com
1	gw.gfs-express.com	s4.forcloudcdn.com
1	s3.forcloudcdn.com	exception.gfs-express.com
1	exception.gfs-express.com
0	altest.duolainc.com Failed	exception.gfs-express.com
15	6

This site contains no links.

Subject Issuer	Validity	Valid
*.gfs-express.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-05-09` - `2024-05-10`	a year	crt.sh
forcloudcdn.com Cloudflare Inc ECC CA-3	`2023-05-06` - `2024-05-05`	a year	crt.sh
gfs-express.com E1	`2024-01-11` - `2024-04-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://exception.gfs-express.com/
Frame ID: 794824C44655FC42C90DEB4F9E62CC63
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Detected technologies

Element UI (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<(?:div|button) class="el-(?:table-column|table-filter|popper|pagination|pager|select-group|form|form-item|color-predefine|color-hue-slider|color-svpanel|color-alpha-slider|color-dropdown|color-picker|badge|tree|tree-node|select|message|dialog|checkbox|checkbox-button|checkbox-group|container|steps|carousel|menu|menu-item|submenu|menu-item-group|button|button-group|card|table|select-dropdown|row|tabs|notification|radio|progress|progress-bar|tag|popover|tooltip|cascader|cascader-menus|cascader-menu|time-spinner|spinner|spinner-inner|transfer|transfer-panel|rate|slider|dropdown|dropdown-menu|textarea|input|input-group|popup-parent|radio-group|main|breadcrumb|time-range-picker|date-range-picker|year-table|date-editor|range-editor|time-spinner|date-picker|time-panel|date-table|month-table|picker-panel|collapse|collapse-item|alert|select-dropdown|select-dropdown__empty|select-dropdown__wrap|select-dropdown__list|scrollbar|switch|carousel|upload|upload-dragger|upload-list|upload-cover|aside|input-number|header|message-box|footer|radio-button|step|autocomplete|autocomplete-suggestion|loading-parent|loading-mask|loading-spinner|)

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-
(?:/([\d.]+))?/vue(?:\.min)?\.js

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Page Statistics

15
Requests

87 %
HTTPS

50 %
IPv6

3
Domains

6
Subdomains

5
IPs

2
Countries

358 kB
Transfer

1336 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
exception.gfs-express.com/ 2 KB
1 KB 435ms
130ms Document
text/html 75.2.88.22

General

Check archive.org

Show headers Download Go to

Full URL: https://exception.gfs-express.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.88.22 , United States, ASN (),
Reverse DNS: a46100f87fcd03295.awsglobalaccelerator.com
Software: openresty /
Resource Hash: f753b67953fb5ec25f8c79ff9a9b13b1a12277fa8e8c0162a631c76768085132

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 19 Feb 2024 13:12:02 GMT
etag: W/"5bad90e61be2a4211d984a09dbd82dd5"
last-modified: Mon, 30 Oct 2023 13:58:11 GMT
server: openresty
vary: Accept-Encoding
x-amz-id-2: 5Y87RXQR+Pv5AYaq98oclCwyWGq5zG1QueyqUmvbvT9AWU2uC5O43A/pTmCNU4NcDU6warnOOmE=
x-amz-meta-v: 1.6.3
x-amz-request-id: 8H79QAR1AGWE6BJP
x-amz-server-side-encryption: AES256
x-amz-version-id: sNjGwGO_uQRDkBiTiFnfyJU6fH3FzbV_

GET
H2 200 app.css
s4.forcloudcdn.com/assets/inner-exception/1.6.3/ 15 KB
4 KB 357ms
167ms Stylesheet
text/css 104.18.24.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.forcloudcdn.com/assets/inner-exception/1.6.3/app.css
Requested by: Host: exception.gfs-express.com
URL: https://exception.gfs-express.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 875292a7c6d4a2cd018fa412cf8f19a8fb851f18624a5734c03ff050e77d1516

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exception.gfs-express.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:12:03 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1GZECZSVYEATF5MD
cf-polished: origSize=15457
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: nqwtvuxhMHG/aYYMLSS15PRVpbJGNddnV8yV+5iEHkTSVXnv/NhgYKwxHZ2lBnGoZ769h8qtcA4=
cf-bgj: minify
last-modified: Mon, 30 Oct 2023 13:58:03 GMT
server: cloudflare
etag: W/"9ea4ef22cbd553dd5889660121c67e3f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 857ec25bcd4536a8-YYZ
expires: Tue, 18 Feb 2025 13:12:03 GMT

GET
H2 200 index.css
s4.forcloudcdn.com/libs/element-ui/2.13.1/lib/theme-chalk/ 227 KB
36 KB 301ms
112ms Stylesheet
text/css 104.18.24.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.forcloudcdn.com/libs/element-ui/2.13.1/lib/theme-chalk/index.css
Requested by: Host: exception.gfs-express.com
URL: https://exception.gfs-express.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59d8828203b03a24edaeb466e18cd1ff89ff5b29709a161fed09899daf8711f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exception.gfs-express.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:12:03 GMT
x-amz-version-id: EtCSS3k59vo6bwYshmG5P7dICHbunnR0
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: EFMH9P9MQRWDWHS3
cf-polished: origSize=232432
alt-svc: h3=":443"; ma=86400
x-amz-id-2: QslsuACyEFYs3tlt/rd/fXQAgxJGyQH58RL5l/xUdNR8CA5jmu/7Si9jnsCHQB/VCZFh/+jP6qk=
cf-bgj: minify
last-modified: Tue, 08 Dec 2020 04:17:57 GMT
server: cloudflare
etag: W/"9d9dd9d2dfcefdbd3958adac7b229de3"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 857ec25bcd4436a8-YYZ
expires: Tue, 18 Feb 2025 13:12:03 GMT

GET
H2 200 vue.min.js Show response
s4.forcloudcdn.com/-/libs/js-cookie/2.2.0/src/js.cookie.js,libs/axios/0.18.0/axios.min.js,libs/vue/2.6.9/ 108 KB
40 KB 363ms
174ms Script
application/javascript 104.18.24.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.forcloudcdn.com/-/libs/js-cookie/2.2.0/src/js.cookie.js,libs/axios/0.18.0/axios.min.js,libs/vue/2.6.9/vue.min.js?v=1
Requested by: Host: exception.gfs-express.com
URL: https://exception.gfs-express.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92fb586d0d7692c4c860660b89f6fd45112f81e308e0435825c4c22917979985

Request headers

Referer: https://exception.gfs-express.com/
Origin: https://exception.gfs-express.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:12:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Mar 2020 02:40:08 GMT
server: cloudflare
etag: W/"1af3f-x3hjKTyc0yLP3EUhcWSc4HIulic"
x-cache-status: MISS
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
web: aws-ir1-front-cdnsrc-prod-028094
cf-ray: 857ec25bc85736b5-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 13:12:03 GMT

GET
H2 200 tracker.js Show response
s4.forcloudcdn.com/-/libs/fd-polyfill/1.0.1/polyfill.js,libs/fd-f/3.3.0/f.js,libs/fd-image/1.4.1/image.js,libs/fd-dwp/1.6.1/dwp.js,libs/fd-logger/1.6.17/logger.js,libs/fd-tracker/1.8.10/ 105 KB
32 KB 360ms
171ms Script
application/javascript 104.18.24.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.forcloudcdn.com/-/libs/fd-polyfill/1.0.1/polyfill.js,libs/fd-f/3.3.0/f.js,libs/fd-image/1.4.1/image.js,libs/fd-dwp/1.6.1/dwp.js,libs/fd-logger/1.6.17/logger.js,libs/fd-tracker/1.8.10/tracker.js?v=1
Requested by: Host: exception.gfs-express.com
URL: https://exception.gfs-express.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1973f35435616dc9b7bbcefbaab691844040b8b5701ed288c97be3bb5b3aaeb6

Request headers

Referer: https://exception.gfs-express.com/
Origin: https://exception.gfs-express.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:12:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Jul 2020 08:55:45 GMT
server: cloudflare
etag: W/"1a5da-blx5RHXAaNZ5ocGs3HxEQyZMYKk"
x-cache-status: MISS
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
web: aws-ir1-front-cdnsrc-prod-026130
cf-ray: 857ec25bc85836b5-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 13:12:03 GMT

GET
H2 200 vue-i18n.js Show response
s3.forcloudcdn.com/libs/vue-i18n/8.14.0/ 55 KB
13 KB 251ms
53ms Script
application/javascript 104.18.24.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.forcloudcdn.com/libs/vue-i18n/8.14.0/vue-i18n.js
Requested by: Host: exception.gfs-express.com
URL: https://exception.gfs-express.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8c75a78b2c7555a9bcba391bdd6580aede986fb957405185914e686f9d19f4a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exception.gfs-express.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:12:03 GMT
x-amz-version-id: FEqg3Jz2iX4vKcHX9bQ9ZFshe3K13wB6
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Mar 2020 02:39:03 GMT
server: cloudflare
x-amz-request-id: BY6ERD5S2AEJ568Z
etag: W/"7f7b54fe52f783390d07c5aaf8f28c6f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 857ec25bdd5336a8-YYZ
alt-svc: h3=":443"; ma=86400
x-amz-id-2: kV/llas72Isbb6XoxqvQ3YwpHjoooyYMp2UJ5ZfGE+J9lyicfwxPhIe+vV0lw3Z0tTYGm2UGigM=
expires: Tue, 18 Feb 2025 13:12:03 GMT

GET
H2 200 zh-CN.js Show response
s4.forcloudcdn.com/-/libs/element-ui/2.13.1/lib/index.js,libs/element-ui/2.13.1/lib/umd/locale/ar.js,libs/element-ui/2.13.1/lib/umd/locale/en.js,libs/element-ui/2.13.1/lib/umd/locale/ 565 KB
144 KB 277ms
91ms Script
application/javascript 104.18.24.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.forcloudcdn.com/-/libs/element-ui/2.13.1/lib/index.js,libs/element-ui/2.13.1/lib/umd/locale/ar.js,libs/element-ui/2.13.1/lib/umd/locale/en.js,libs/element-ui/2.13.1/lib/umd/locale/zh-CN.js
Requested by: Host: exception.gfs-express.com
URL: https://exception.gfs-express.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 373cd549b8104b75a99d125c7e499253e6d50bc74694648f9b149e47afbffc8a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exception.gfs-express.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:12:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Dec 2020 04:18:10 GMT
server: cloudflare
etag: W/"8d27a-HmyB+2VDu/qW0bkmeJgjmJwZjT0"
x-cache-status: MISS
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
web: aws-ir1-front-cdnsrc-prod-028094
cf-ray: 857ec25bcd4836a8-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 13:12:03 GMT

GET
H2 200 app.js Show response
s4.forcloudcdn.com/assets/inner-exception/1.6.3/ 251 KB
83 KB 344ms
157ms Script
application/javascript 104.18.24.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.forcloudcdn.com/assets/inner-exception/1.6.3/app.js
Requested by: Host: exception.gfs-express.com
URL: https://exception.gfs-express.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f95d70ed88ebe828bb7ba99c3a44cf36b8c804e89eab34c1cfcc3e5c27a7cb79

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exception.gfs-express.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:12:03 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1GZ3QBSRMQBJH8PP
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: jxLD9frVTlZ3TwDBn9ADkvzC60mD5u5ILXGnXzLu2QYOJ9IY1eVEwvKlsCC1cYJZrf9dVO+97Tw=
last-modified: Mon, 30 Oct 2023 13:58:03 GMT
server: cloudflare
etag: W/"6beadbc75e4a916bad3fe05cb2a74dda"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 857ec25bcd4736a8-YYZ
expires: Tue, 18 Feb 2025 13:12:03 GMT

GET
H2 200 12.css
s4.forcloudcdn.com/assets/inner-exception/1.6.3/ 4 KB
1 KB 150ms
148ms Stylesheet
text/css 104.18.24.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.forcloudcdn.com/assets/inner-exception/1.6.3/12.css
Requested by: Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/assets/inner-exception/1.6.3/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c66bc429aa96994cf58619005584740c3e647a86b4310659b694889d20842d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exception.gfs-express.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:12:03 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: TDTFCA6VTE86W0KH
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RzObGqAn62rD316afJIAQy1B8jWF8zmRt4LIozGslE9G6Y3PhLUr47Mc4A/6Sbq0N/lq2KojAfE=
cf-bgj: minify
last-modified: Mon, 30 Oct 2023 13:57:32 GMT
server: cloudflare
etag: W/"39b262161266414a2546aecec6c31b32"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 857ec25e3f6136a8-YYZ
expires: Tue, 18 Feb 2025 13:12:03 GMT

GET
H2 200 12.556d4798.js Show response
s4.forcloudcdn.com/assets/inner-exception/1.6.3/ 3 KB
2 KB 155ms
155ms Script
application/javascript 104.18.24.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.forcloudcdn.com/assets/inner-exception/1.6.3/12.556d4798.js
Requested by: Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/assets/inner-exception/1.6.3/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fad64d60769727bd2060dacd3763b099073ac96a8762897ec2621ae98a02ce1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exception.gfs-express.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:12:03 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: TDT3E88TAMR9BTFW
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: a9C9BZpq6OSMYNZo6Vy5tfEtm7krZgVq0noEPuYlDR82mWFmGTJPbOjoWR/tYYRB2xBC+XCqS98=
last-modified: Mon, 30 Oct 2023 13:57:31 GMT
server: cloudflare
etag: W/"1e8f747c8c82c268b2f459fdd3883eee"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 857ec25e3f6436a8-YYZ
expires: Tue, 18 Feb 2025 13:12:03 GMT

GET
H2 200 1 Show response
gw.gfs-express.com/gw/dwp.horizon.currentRegion/ 162 B
1 KB 313ms
137ms XHR
application/json 2606:4700::6812:a66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gw.gfs-express.com/gw/dwp.horizon.currentRegion/1?data=&gw_ver=1&ct=1708348323529&plat=h5&appname=fordeal&sign=d73a4ff57b0019d98aea3d9b00fdbb0b

Requested by

Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/js-cookie/2.2.0/src/js.cookie.js,libs/axios/0.18.0/axios.min.js,libs/vue/2.6.9/vue.min.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ee6520215f9e993478b686a9356356479edcfa4a575c6f292fb1d35887d843f

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.snapchat.com

Request headers

Accept: application/json, text/plain, */*
Referer: https://exception.gfs-express.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

gw-trace-sampling: 0
date: Mon, 19 Feb 2024 13:12:03 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
gw-code: 1001
s_timestamp: 1708348323
server: cloudflare
front-end-https: on
x-frame-options: ALLOW-FROM https://www.snapchat.com
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://exception.gfs-express.com
gw-rt: 1
access-control-expose-headers: GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id,gw-trace-sampling
cache-control: no-cache
access-control-allow-credentials: true
access-control-max-age: 3600
gw-st: 1708348323812
timing-allow-origin: https://exception.gfs-express.com
access-control-allow-headers: Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict,x-session-id,x-fragment-id,x-locale-lan,x-client-id
gw-trace-id: 0.web_a2b28c35d55a43a6996615486e4ee492.549.17083483238118696
cf-ray: 857ec25f7c204bc3-BUF

GET fail.wav
altest.duolainc.com/voice/ 0
0

GET suc.wav
altest.duolainc.com/voice/ 0
0

OPTIONS
H2 204 dotMets
client-metrics.gfs-express.com/api/ 0
0 265ms
171ms Preflight 2606:4700::6812:b66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://client-metrics.gfs-express.com/api/dotMets
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://exception.gfs-express.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://exception.gfs-express.com
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cf-cache-status: DYNAMIC
cf-ray: 857ec26bbbeb4bc6-BUF
date: Mon, 19 Feb 2024 13:12:05 GMT
front-end-https: on
server: cloudflare
x-envoy-upstream-service-time: 2

POST
H2 200 dotMets Show response
client-metrics.gfs-express.com/api/ 32 B
288 B 149ms
147ms XHR
application/json 2606:4700::6812:a66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://client-metrics.gfs-express.com/api/dotMets
Requested by: Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/js-cookie/2.2.0/src/js.cookie.js,libs/axios/0.18.0/axios.min.js,libs/vue/2.6.9/vue.min.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept: application/json, text/plain, */*
Referer: https://exception.gfs-express.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Feb 2024 13:12:06 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: accept-encoding
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://exception.gfs-express.com
content-type: application/json;charset=UTF-8
front-end-https: on
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
cf-ray: 857ec26ccc794bc3-BUF
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: altest.duolainc.com
URL: https://altest.duolainc.com/voice/fail.wav

Domain: altest.duolainc.com
URL: https://altest.duolainc.com/voice/suc.wav

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gfs-express.com/	1970-01-21 04:08:28	Name: gw-did Value: web_a2b28c35d55a43a6996615486e4ee492
.gfs-express.com/	1970-01-21 04:08:28	Name: cur Value: USD
.gfs-express.com/	1970-01-21 04:08:28	Name: system Value: h5
.gfs-express.com/	1970-01-21 04:08:28	Name: has_uuid Value: true
.gfs-express.com/	1970-01-21 04:08:28	Name: timezone Value: +3
.gfs-express.com/	1970-01-21 04:08:28	Name: lan Value: en
.gfs-express.com/	1970-01-21 04:08:28	Name: region Value: US
.gfs-express.com/	1970-01-21 04:08:28	Name: uuid Value: web_h5_884a139642b848af80be96e63e6bd031

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://exception.gfs-express.com/#/(Line 29) Message: Mixed Content: The page at 'https://exception.gfs-express.com/#/' was loaded over HTTPS, but requested an insecure element 'http://altest.duolainc.com/voice/fail.wav'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://exception.gfs-express.com/#/(Line 29) Message: Mixed Content: The page at 'https://exception.gfs-express.com/#/' was loaded over HTTPS, but requested an insecure element 'http://altest.duolainc.com/voice/suc.wav'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
network	error	URL: https://altest.duolainc.com/voice/fail.wav Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://altest.duolainc.com/voice/suc.wav Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

altest.duolainc.com
client-metrics.gfs-express.com
exception.gfs-express.com
gw.gfs-express.com
s3.forcloudcdn.com
s4.forcloudcdn.com
altest.duolainc.com
104.18.24.201
2606:4700::6812:a66
2606:4700::6812:b66
75.2.88.22
1973f35435616dc9b7bbcefbaab691844040b8b5701ed288c97be3bb5b3aaeb6
1fad64d60769727bd2060dacd3763b099073ac96a8762897ec2621ae98a02ce1
373cd549b8104b75a99d125c7e499253e6d50bc74694648f9b149e47afbffc8a
4c66bc429aa96994cf58619005584740c3e647a86b4310659b694889d20842d0
59d8828203b03a24edaeb466e18cd1ff89ff5b29709a161fed09899daf8711f3
5ee6520215f9e993478b686a9356356479edcfa4a575c6f292fb1d35887d843f
875292a7c6d4a2cd018fa412cf8f19a8fb851f18624a5734c03ff050e77d1516
92fb586d0d7692c4c860660b89f6fd45112f81e308e0435825c4c22917979985
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618
f753b67953fb5ec25f8c79ff9a9b13b1a12277fa8e8c0162a631c76768085132
f8c75a78b2c7555a9bcba391bdd6580aede986fb957405185914e686f9d19f4a
f95d70ed88ebe828bb7ba99c3a44cf36b8c804e89eab34c1cfcc3e5c27a7cb79

exception.gfs-express.com Open in urlscan Pro 75.2.88.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

87 %HTTPS

50 %IPv6

3 Domains

6 Subdomains

5 IPs

2 Countries

358 kBTransfer

1336 kBSize

8 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

8 Cookies

5 Console Messages

Indicators

exception.gfs-express.com Open in urlscan Pro
75.2.88.22 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

87 %
HTTPS

50 %
IPv6

3
Domains

6
Subdomains

5
IPs

2
Countries

358 kB
Transfer

1336 kB
Size

8
Cookies

15 HTTP transactions
0 data transactions