is.gmsseguridad.com Open in urlscan Pro
44.240.227.220 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://byt.one/895SPV
Effective URL:
https://is.gmsseguridad.com/ingsocial/redirect.aspx?kPYLlN5fq93Ho9bU5iBWDExLtABQTYX1FqFMAdeevLMdDaLcS0nHHVxgZ/SqPnqkGglnlrdH...
Submission: On January 19 via manual (January 19th 2023, 7:18:10 pm UTC) from EC — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 44.240.227.220, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is is.gmsseguridad.com.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on February 18th 2022. Valid for: a year.

This is the only time is.gmsseguridad.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	52.27.8.180 52.27.8.180	16509 (AMAZON-02) (AMAZON-02)
1	44.240.227.220 44.240.227.220	16509 (AMAZON-02) (AMAZON-02)
9	2

8 52.27.8.180 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-8-180.us-west-2.compute.amazonaws.com

byt.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.227.220 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-227-220.us-west-2.compute.amazonaws.com

is.gmsseguridad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	byt.one byt.one	245 KB
1	gmsseguridad.com is.gmsseguridad.com	591 B
9	2

	Domain	Requested by
8	byt.one	byt.one
1	is.gmsseguridad.com	byt.one
9	2

This site contains no links.

Subject Issuer	Validity	Valid
*.gmsseguridad.com GlobalSign GCC R3 DV TLS CA 2020	`2022-02-18` - `2023-03-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://is.gmsseguridad.com/ingsocial/redirect.aspx?kPYLlN5fq93Ho9bU5iBWDExLtABQTYX1FqFMAdeevLMdDaLcS0nHHVxgZ/SqPnqkGglnlrdHDWsBTqsM/p+/DA==
Frame ID: 6391F139F9B1311E179EDF57F1D4EF5F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

http://byt.one/895SPV Page URL
https://is.gmsseguridad.com/ingsocial/redirect.aspx?kPYLlN5fq93Ho9bU5iBWDExLtABQTYX1FqFMAdeevLMdDaLcS0nH... Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

11 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

246 kB
Transfer

641 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://byt.one/895SPV Page URL
https://is.gmsseguridad.com/ingsocial/redirect.aspx?kPYLlN5fq93Ho9bU5iBWDExLtABQTYX1FqFMAdeevLMdDaLcS0nHHVxgZ/SqPnqkGglnlrdHDWsBTqsM/p+/DA== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	895SPV Show response byt.one/	2 KB 2 KB	534ms 185ms	Document text/html	52.27.8.180 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://byt.one/895SPV Protocol HTTP/1.1 Server 52.27.8.180 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-27-8-180.us-west-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `48651e99c8f0640f6f38486ffccc3a8db96e458d5985cfeff0dd477965037c2e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Headers Content-Type, Authorization Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Access-Control-Allow-Origin * Cache-Control private Content-Encoding gzip Content-Length 1151 Content-Type text/html; charset=utf-8 Date Thu, 19 Jan 2023 19:18:01 GMT Expires Thu, 19 Jan 2023 19:18:01 GMT Last-Modified Thu, 19 Jan 2023 19:18:01 GMT Pragma no-cache Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET
GET H/1.1	200 OK	GeneXusXEv2.css byt.one/Resources/Spanish/	53 KB 11 KB	206ms 205ms	Stylesheet text/css	52.27.8.180 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://byt.one/Resources/Spanish/GeneXusXEv2.css?15321668 Requested by Host: byt.one URL: http://byt.one/895SPV Protocol HTTP/1.1 Server 52.27.8.180 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-27-8-180.us-west-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `14b6455229d79c2266077dd0dd8e53c33a07bf7e98c40f06d96978344fa8171b` Request headers accept-language de-DE,de;q=0.9 Referer http://byt.one/895SPV User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Thu, 19 Jan 2023 19:18:01 GMT Content-Encoding gzip Last-Modified Wed, 26 Feb 2020 20:32:16 GMT Server Microsoft-IIS/10.0 ETag "d218dad5e3ecd51:0" X-Powered-By ASP.NET Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type text/css Access-Control-Allow-Origin * Cache-Control public, max-age=129600 Accept-Ranges bytes Access-Control-Allow-Headers Content-Type, Authorization Content-Length 10621
GET H/1.1	200 OK	jquery.js Show response byt.one/	90 KB 41 KB	374ms 198ms	Script application/javascript	52.27.8.180 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://byt.one/jquery.js?103830 Requested by Host: byt.one URL: http://byt.one/895SPV Protocol HTTP/1.1 Server 52.27.8.180 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-27-8-180.us-west-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4` Request headers accept-language de-DE,de;q=0.9 Referer http://byt.one/895SPV User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Thu, 19 Jan 2023 19:18:01 GMT Content-Encoding gzip Last-Modified Tue, 05 Jul 2016 11:32:10 GMT Server Microsoft-IIS/10.0 ETag "0d924deb0d6d11:0" X-Powered-By ASP.NET Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=129600 Accept-Ranges bytes Access-Control-Allow-Headers Content-Type, Authorization Content-Length 41473
GET H/1.1	200 OK	gxtimezone.js Show response byt.one/	12 KB 6 KB	1293ms 1116ms	Script application/javascript	52.27.8.180 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://byt.one/gxtimezone.js?103830 Requested by Host: byt.one URL: http://byt.one/895SPV Protocol HTTP/1.1 Server 52.27.8.180 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-27-8-180.us-west-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `ff691932db6526f2b12c1fe1e031acb183a69bcad4571b05b1a8d75b133c5ae4` Request headers accept-language de-DE,de;q=0.9 Referer http://byt.one/895SPV User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Thu, 19 Jan 2023 19:18:01 GMT Content-Encoding gzip Last-Modified Tue, 05 Jul 2016 16:14:04 GMT Server Microsoft-IIS/10.0 ETag "06eac3fd8d6d11:0" X-Powered-By ASP.NET Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=129600 Accept-Ranges bytes Access-Control-Allow-Headers Content-Type, Authorization Content-Length 5220
GET H/1.1	200 OK	gxgral.js Show response byt.one/	453 KB 172 KB	395ms 216ms	Script application/javascript	52.27.8.180 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://byt.one/gxgral.js?103830 Requested by Host: byt.one URL: http://byt.one/895SPV Protocol HTTP/1.1 Server 52.27.8.180 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-27-8-180.us-west-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `ad09b36ee4bb964bd2518945a1f1fc4f7081710d242f970830f8889de7f79303` Request headers accept-language de-DE,de;q=0.9 Referer http://byt.one/895SPV User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Thu, 19 Jan 2023 19:18:01 GMT Content-Encoding gzip Last-Modified Mon, 11 Jul 2016 18:02:04 GMT Server Microsoft-IIS/10.0 ETag "07688549edbd11:0" X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Cache-Control public, max-age=129600 Accept-Ranges bytes Access-Control-Allow-Headers Content-Type, Authorization
GET H/1.1	200 OK	gxcfg.js Show response byt.one/	979 B 1 KB	829ms 650ms	Script application/javascript	52.27.8.180 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://byt.one/gxcfg.js?20206211582782 Requested by Host: byt.one URL: http://byt.one/895SPV Protocol HTTP/1.1 Server 52.27.8.180 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-27-8-180.us-west-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `86f395c74adfd15ad5bba922a8f384a83f47266b1b9634b64e6f6437a6cc7573` Request headers accept-language de-DE,de;q=0.9 Referer http://byt.one/895SPV User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Thu, 19 Jan 2023 19:18:01 GMT Content-Encoding gzip Last-Modified Tue, 02 Jun 2020 16:58:29 GMT Server Microsoft-IIS/10.0 ETag "aa2119aff38d61:0" X-Powered-By ASP.NET Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=129600 Accept-Ranges bytes Access-Control-Allow-Headers Content-Type, Authorization Content-Length 658
GET H/1.1	200 OK	messages.spa.js Show response byt.one/	28 KB 11 KB	389ms 184ms	Script application/javascript	52.27.8.180 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://byt.one/messages.spa.js?103830 Requested by Host: byt.one URL: http://byt.one/895SPV Protocol HTTP/1.1 Server 52.27.8.180 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-27-8-180.us-west-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `c37e4f4ce4740a33f2700c489b68b8ffc33112af5f080f87a1729858e0050df6` Request headers accept-language de-DE,de;q=0.9 Referer http://byt.one/895SPV User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Thu, 19 Jan 2023 19:18:01 GMT Content-Encoding gzip Last-Modified Fri, 28 Feb 2020 20:16:02 GMT Server Microsoft-IIS/10.0 ETag "6bdedce573eed51:0" X-Powered-By ASP.NET Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=129600 Accept-Ranges bytes Access-Control-Allow-Headers Content-Type, Authorization Content-Length 10832
GET H/1.1	200 OK	redirect.js Show response byt.one/	861 B 1 KB	1006ms 177ms	Script application/javascript	52.27.8.180 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://byt.one/redirect.js?20206211582785 Requested by Host: byt.one URL: http://byt.one/895SPV Protocol HTTP/1.1 Server 52.27.8.180 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-27-8-180.us-west-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `e2168c3009ec904cc2b8158f200ec71699089cd095ad69d31cd6301a68a1937b` Request headers accept-language de-DE,de;q=0.9 Referer http://byt.one/895SPV User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Thu, 19 Jan 2023 19:18:02 GMT Content-Encoding gzip Last-Modified Tue, 02 Jun 2020 16:58:29 GMT Server Microsoft-IIS/10.0 ETag "d8b21caff38d61:0" X-Powered-By ASP.NET Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=129600 Accept-Ranges bytes Access-Control-Allow-Headers Content-Type, Authorization Content-Length 633
GET H2	403	Primary Request redirect.aspx Show response is.gmsseguridad.com/ingsocial/	520 B 591 B	1259ms 181ms	Document text/html	44.240.227.220 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://is.gmsseguridad.com/ingsocial/redirect.aspx?kPYLlN5fq93Ho9bU5iBWDExLtABQTYX1FqFMAdeevLMdDaLcS0nHHVxgZ/SqPnqkGglnlrdHDWsBTqsM/p+/DA== Requested by Host: byt.one URL: http://byt.one/895SPV Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.240.227.220 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-240-227-220.us-west-2.compute.amazonaws.com Software awselb/2.0 / Resource Hash `8b73b6ccd7091d6d9d23adaab2baae3c4abf6de06df8efdd03215ee9376fa035` Request headers Referer http://byt.one/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-length 520 content-type text/html date Thu, 19 Jan 2023 19:18:05 GMT server awselb/2.0

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			byt.one/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: imgemvz32wqnwetsyqbswyek
			byt.one/	1969-12-31 23:59:59	Name: GX_SESSION_ID Value: GjxBJoaoYREuEGs1nhGXbaY1xiw7GLyORYGDiw4DjYY%3d

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://is.gmsseguridad.com/ingsocial/redirect.aspx?kPYLlN5fq93Ho9bU5iBWDExLtABQTYX1FqFMAdeevLMdDaLcS0nHHVxgZ/SqPnqkGglnlrdHDWsBTqsM/p+/DA== Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

byt.one
is.gmsseguridad.com
44.240.227.220
52.27.8.180
14b6455229d79c2266077dd0dd8e53c33a07bf7e98c40f06d96978344fa8171b
48651e99c8f0640f6f38486ffccc3a8db96e458d5985cfeff0dd477965037c2e
86f395c74adfd15ad5bba922a8f384a83f47266b1b9634b64e6f6437a6cc7573
8b73b6ccd7091d6d9d23adaab2baae3c4abf6de06df8efdd03215ee9376fa035
ad09b36ee4bb964bd2518945a1f1fc4f7081710d242f970830f8889de7f79303
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c37e4f4ce4740a33f2700c489b68b8ffc33112af5f080f87a1729858e0050df6
e2168c3009ec904cc2b8158f200ec71699089cd095ad69d31cd6301a68a1937b
ff691932db6526f2b12c1fe1e031acb183a69bcad4571b05b1a8d75b133c5ae4

is.gmsseguridad.com Open in urlscan Pro 44.240.227.220 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

11 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

246 kBTransfer

641 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

is.gmsseguridad.com Open in urlscan Pro
44.240.227.220 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

11 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

246 kB
Transfer

641 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions