clients.guwmi.com Open in urlscan Pro
192.185.169.239 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://clients.guwmi.com/
Submission: On February 15 via automatic, source certstream-suspicious (February 15th 2020, 1:03:05 am UTC)

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 192.185.169.239, located in Houston, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is clients.guwmi.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 14th 2020. Valid for: 3 months.

This is the only time clients.guwmi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
11	192.185.169.239 192.185.169.239		46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
12	2

11 192.185.169.239 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-185-169-239.unifiedlayer.com

clients.guwmi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.guwmi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	guwmi.com clients.guwmi.com www.guwmi.com	60 KB
0	googleapis.com Failed ajax.googleapis.com Failed
12	2

	Domain	Requested by
10	clients.guwmi.com	clients.guwmi.com
1	www.guwmi.com	clients.guwmi.com
0	ajax.googleapis.com Failed	clients.guwmi.com
12	3

This site contains no links.

Subject Issuer	Validity	Valid
guwmi.com Let's Encrypt Authority X3	`2020-02-14` - `2020-05-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://clients.guwmi.com/
Frame ID: 2851851F28BFF648736333403D77663C
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

12
Requests

83 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

60 kB
Transfer

91 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response clients.guwmi.com/	3 KB 1 KB	551ms 240ms	Document text/html	192.185.169.239 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://clients.guwmi.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.185.169.239 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-169-239.unifiedlayer.com Software Apache / Resource Hash `23e86365c78fc3542621957c7e42b8845fb97d7fcb293c36c1bf5f99e4df5c0c` Request headers :method GET :authority clients.guwmi.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 date Sat, 15 Feb 2020 01:02:49 GMT server Apache expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache set-cookie PHPSESSID=039334101bfcd95f9b249de36c2c6ea1; path=/ vary Accept-Encoding content-encoding gzip content-length 1055 content-type text/html
GET H2	200	basic.css clients.guwmi.com/application/views/css/	5 KB 2 KB	244ms 243ms	Stylesheet text/css	192.185.169.239 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://clients.guwmi.com/application/views/css/basic.css Requested by Host: clients.guwmi.com URL: https://clients.guwmi.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.185.169.239 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-169-239.unifiedlayer.com Software Apache / Resource Hash `2cfe630d9e7ae9ec1c25f4b4f12fb21e09b480990d0b29e4b9831c84643e07c0` Request headers Referer https://clients.guwmi.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Sat, 15 Feb 2020 01:02:49 GMT content-encoding gzip last-modified Tue, 23 Jul 2013 17:58:50 GMT server Apache vary Accept-Encoding content-type text/css status 200 accept-ranges bytes content-length 1897
GET H2	200	style.css clients.guwmi.com/application/views/css/	31 KB 9 KB	138ms 137ms	Stylesheet text/css	192.185.169.239 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://clients.guwmi.com/application/views/css/style.css Requested by Host: clients.guwmi.com URL: https://clients.guwmi.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.185.169.239 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-169-239.unifiedlayer.com Software Apache / Resource Hash `68b861e5329d9bcf7fce93152b70819aed7f42d500784ea6f20200f352f5f546` Request headers Referer https://clients.guwmi.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Sat, 15 Feb 2020 01:02:49 GMT content-encoding gzip last-modified Tue, 23 Jul 2013 18:36:54 GMT server Apache vary Accept-Encoding content-type text/css status 200 accept-ranges bytes content-length 9601
GET H2	200	main.js Show response clients.guwmi.com/application/views/js/	9 KB 3 KB	137ms 136ms	Script application/javascript	192.185.169.239 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://clients.guwmi.com/application/views/js/main.js Requested by Host: clients.guwmi.com URL: https://clients.guwmi.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.185.169.239 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-169-239.unifiedlayer.com Software Apache / Resource Hash `c90e7503cdf1d783b612f61826c5fbbef1e86d0d9e9dfdfcfccaeb4601f93f35` Request headers Referer https://clients.guwmi.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sat, 15 Feb 2020 01:02:49 GMT content-encoding gzip last-modified Tue, 23 Jul 2013 17:58:53 GMT server Apache vary Accept-Encoding content-type application/javascript status 200 accept-ranges bytes content-length 3044
GET H/1.1	200 OK	client-portal-logo-white.jpg www.guwmi.com/client-portal/application/views/images/	3 KB 4 KB	259ms 232ms	Image image/jpeg	192.185.169.239 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://www.guwmi.com/client-portal/application/views/images/client-portal-logo-white.jpg Requested by Host: clients.guwmi.com URL: https://clients.guwmi.com/ Protocol HTTP/1.1 Server 192.185.169.239 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-169-239.unifiedlayer.com Software Apache / Resource Hash `b746352c7992cd927837502e8d5117d6785e2969211241bee9e7cbc6a3ad1a83` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 15 Feb 2020 01:02:49 GMT Last-Modified Fri, 23 Jan 2015 20:36:47 GMT Server Apache Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/jpeg Keep-Alive timeout=5, max=75 Content-Length 3534
GET		jquery.min.js ajax.googleapis.com/ajax/libs/jquery/1.4.1/	0 0

GET H2	200	light-bgs.png clients.guwmi.com/application/views/images/	33 KB 33 KB	133ms 133ms	Image image/png	192.185.169.239 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://clients.guwmi.com/application/views/images/light-bgs.png Requested by Host: clients.guwmi.com URL: https://clients.guwmi.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.185.169.239 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-169-239.unifiedlayer.com Software Apache / Resource Hash `5ec7e3dfb6164bf85a0244177220938e8fbc7cb1bb45784d32830273aa51cb55` Request headers Referer https://clients.guwmi.com/application/views/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Sat, 15 Feb 2020 01:02:49 GMT last-modified Tue, 23 Jul 2013 17:58:51 GMT server Apache accept-ranges bytes content-length 33710 content-type image/png
GET H2	200	nav.png clients.guwmi.com/application/views/images/	3 KB 3 KB	144ms 144ms	Image image/png	192.185.169.239 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://clients.guwmi.com/application/views/images/nav.png Requested by Host: clients.guwmi.com URL: https://clients.guwmi.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.185.169.239 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-169-239.unifiedlayer.com Software Apache / Resource Hash `60690a750f2dc25c06e9fd7b404a60338ad13bfa76cdb59ff0ae250ee057283d` Request headers Referer https://clients.guwmi.com/application/views/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Sat, 15 Feb 2020 01:02:49 GMT last-modified Tue, 23 Jul 2013 17:58:52 GMT server Apache accept-ranges bytes content-length 2877 content-type image/png
GET H2	200	nav_divider.png clients.guwmi.com/application/views/images/	148 B 201 B	143ms 143ms	Image image/png	192.185.169.239 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://clients.guwmi.com/application/views/images/nav_divider.png Requested by Host: clients.guwmi.com URL: https://clients.guwmi.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.185.169.239 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-169-239.unifiedlayer.com Software Apache / Resource Hash `a59a3320f3a3099d3b6b90e010b677cf9a0141827ac83956e533ba6e88706810` Request headers Referer https://clients.guwmi.com/application/views/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Sat, 15 Feb 2020 01:02:49 GMT last-modified Tue, 23 Jul 2013 17:58:52 GMT server Apache accept-ranges bytes content-length 148 content-type image/png
GET H2	200	change_password.png clients.guwmi.com/application/views/images/	4 KB 4 KB	142ms 142ms	Image image/png	192.185.169.239 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://clients.guwmi.com/application/views/images/change_password.png Requested by Host: clients.guwmi.com URL: https://clients.guwmi.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.185.169.239 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-169-239.unifiedlayer.com Software Apache / Resource Hash `82a5568c710c301aa7f0d489a2c90710f9547a38ec18726a02dc804d35ab9ef9` Request headers Referer https://clients.guwmi.com/application/views/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Sat, 15 Feb 2020 01:02:49 GMT last-modified Tue, 23 Jul 2013 17:58:51 GMT server Apache accept-ranges bytes content-length 3671 content-type image/png
GET H2	200	info_bar_bg.png clients.guwmi.com/application/views/images/projects/	166 B 220 B	135ms 134ms	Image image/png	192.185.169.239 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://clients.guwmi.com/application/views/images/projects/info_bar_bg.png Requested by Host: clients.guwmi.com URL: https://clients.guwmi.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.185.169.239 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-169-239.unifiedlayer.com Software Apache / Resource Hash `86b2fdad6fbfb2749e0381d40ba35a5de0341567639f6e34c3d0f6b9f02fa976` Request headers Referer https://clients.guwmi.com/application/views/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Sat, 15 Feb 2020 01:02:49 GMT last-modified Tue, 23 Jul 2013 17:58:55 GMT server Apache accept-ranges bytes content-length 166 content-type image/png
GET H2	200	large-button-bg.png clients.guwmi.com/application/views/images/	186 B 216 B	144ms 144ms	Image image/png	192.185.169.239 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://clients.guwmi.com/application/views/images/large-button-bg.png Requested by Host: clients.guwmi.com URL: https://clients.guwmi.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.185.169.239 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-169-239.unifiedlayer.com Software Apache / Resource Hash `2570ff5968629f3055646a612b3bf350a18d553f97429326100a43963aa1e203` Request headers Referer https://clients.guwmi.com/application/views/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Sat, 15 Feb 2020 01:02:49 GMT last-modified Tue, 23 Jul 2013 17:58:51 GMT server Apache accept-ranges bytes content-length 186 content-type image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.4.1/jquery.min.js

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			clients.guwmi.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 039334101bfcd95f9b249de36c2c6ea1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
clients.guwmi.com
www.guwmi.com
ajax.googleapis.com
192.185.169.239
23e86365c78fc3542621957c7e42b8845fb97d7fcb293c36c1bf5f99e4df5c0c
2570ff5968629f3055646a612b3bf350a18d553f97429326100a43963aa1e203
2cfe630d9e7ae9ec1c25f4b4f12fb21e09b480990d0b29e4b9831c84643e07c0
5ec7e3dfb6164bf85a0244177220938e8fbc7cb1bb45784d32830273aa51cb55
60690a750f2dc25c06e9fd7b404a60338ad13bfa76cdb59ff0ae250ee057283d
68b861e5329d9bcf7fce93152b70819aed7f42d500784ea6f20200f352f5f546
82a5568c710c301aa7f0d489a2c90710f9547a38ec18726a02dc804d35ab9ef9
86b2fdad6fbfb2749e0381d40ba35a5de0341567639f6e34c3d0f6b9f02fa976
a59a3320f3a3099d3b6b90e010b677cf9a0141827ac83956e533ba6e88706810
b746352c7992cd927837502e8d5117d6785e2969211241bee9e7cbc6a3ad1a83
c90e7503cdf1d783b612f61826c5fbbef1e86d0d9e9dfdfcfccaeb4601f93f35

clients.guwmi.com Open in urlscan Pro 192.185.169.239 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

83 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

60 kBTransfer

91 kBSize

1 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

clients.guwmi.com Open in urlscan Pro
192.185.169.239 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

83 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

60 kB
Transfer

91 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions