gs.im
Open in
urlscan Pro
202.87.33.173
Public Scan
Submitted URL: http://www.gs.im/s/?RjgByTBOMCU.
Effective URL: https://gs.im/n/404.php
Submission: On December 16 via manual from IN — Scanned from DE
Effective URL: https://gs.im/n/404.php
Submission: On December 16 via manual from IN — Scanned from DE
Summary
This website contacted 2 IPs
in 1 countries
across 1 domains to perform 3 HTTP transactions.
The main IP is 202.87.33.173, located in
India and
belongs to NETMAGIC-AP Netmagic Datacenter Mumbai, IN.
The main domain is gs.im.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 1st 2023. Valid for: a year.
This is the only time gs.im was scanned on urlscan.io!
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 1st 2023. Valid for: a year.
This is the only time gs.im was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 5 | 202.87.33.173 202.87.33.173 | 17439 (NETMAGIC-...) (NETMAGIC-AP Netmagic Datacenter Mumbai) | |
| 3 | 2 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.gs.im Sectigo RSA Domain Validation Secure Server CA |
2023-03-01 - 2024-03-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://gs.im/n/404.php
Frame ID: 848E6D0729AC469E965F54C85D543D02
Requests: 4 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://www.gs.im/s/?RjgByTBOMCU. Page URL
-
http://www.gs.im/s/redirect.php?position=&browser=Chrome-120.0.6099.109&os=Windows&device=%20...
HTTP 302
http://www.gs.im/l/RjgByTBOMCU. HTTP 301
https://gs.im/n/404.php Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://www.gs.im/s/?RjgByTBOMCU. Page URL
-
http://www.gs.im/s/redirect.php?position=&browser=Chrome-120.0.6099.109&os=Windows&device=%20-&ip=217.114.218.24&deviceType=desktop&gsURL=www.gs.im/s/?RjgByTBOMCU.&date=2023-12-16%2009:14:12
HTTP 302
http://www.gs.im/l/RjgByTBOMCU. HTTP 301
https://gs.im/n/404.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
www.gs.im/s/ |
1 KB 773 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-2.1.1.js
www.gs.im/s/js/ |
241 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
404.php
gs.im/n/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
454 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
gs.im
www.gs.im
202.87.33.173
430c1d5a777b922ab6d34a1843c83b4d4857fd277b1809673f468d19d9e51188
99c826dff71fcb1430cc5c7586c2ae44d80f492444b6b97f49be3cd6b11f9746
c6f615f534d7237c1e62c85d64fe3ca9529f1e6497e4f7c6d85f24ece6752adb
d8a342960b563b7ee387871905a52af9a731ecd3fba92e20e80143b1c72216bb