urlscan.io logo urlscan.io
SecurityTrails logo

gcoreip.1239999.xyz Open in urlscan Pro
172.67.129.14  Public Scan

Go To Rescan Add Verdict Report
URL: https://gcoreip.1239999.xyz/
Submission: On June 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 172.67.129.14, located in United States and belongs to CLOUDFLARENET, US. The main domain is gcoreip.1239999.xyz.
TLS certificate: Issued by E5 on June 17th 2024. Valid for: 3 months.
This is the only time gcoreip.1239999.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.129.14 13335 (CLOUDFLAR...)
1 2a03:90c0:41:... 199524 (GCORE)
3 2
Apex Domain
Subdomains		 Transfer
2 1239999.xyz
gcoreip.1239999.xyz
4 KB
1 gcore.com
api.gcore.com
6 KB
3 2
Domain Requested by
2 gcoreip.1239999.xyz
1 api.gcore.com gcoreip.1239999.xyz
3 2

This site contains links to these domains. Also see Links.

Domain
api.gcore.com
Subject Issuer Validity Valid
1239999.xyz
E5		 2024-06-17 -
2024-09-15		 3 months crt.sh
*.gcore.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2023-08-07 -
2024-08-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://gcoreip.1239999.xyz/
Frame ID: 99A3BBA06D89A93718F95652DDEB047D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gcore全球CDN优选IP快速替换

Page Statistics

3
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

10 kB
Transfer

44 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gcoreip.1239999.xyz/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gcoreip.1239999.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f97e34823ab4ac77eecc124ec80b6f0b900aebba0f553464c4551120bfd7794

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
89633beb881b1e14-FRA
content-encoding
br
content-type
text/html
date
Wed, 19 Jun 2024 11:38:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bvSGO0uk1U2Pc50auVN1jpdwUffygxPQErjO1LWjw%2FKHLFKZpqbNn%2BM1FYZU0K8imI%2BOp0pyVeghok9WeA04HNpwd6TaENy6RHz2py6B5LLZKfEYm6oUUIhWnuJiQ%2Bp5KXdGrQmA"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
public-ip-list
api.gcore.com/cdn/ 		33 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.gcore.com/cdn/public-ip-list
Requested by
Host: gcoreip.1239999.xyz
URL: https://gcoreip.1239999.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8b9e76e6aa10ddecb6441b3c15cb4c36adc29c364c0dd69f1e219ef51fda48fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gcoreip.1239999.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc61
date
Wed, 19 Jun 2024 11:38:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-id-fe
fr5-hw-edge-gc61
content-length
5969
referrer-policy
same-origin
server
nginx
cross-origin-opener-policy
same-origin
traceparent
00-9037d8966f76222ccb94fac3905976d2-e35ce34514c92707-01
allow
OPTIONS, GET
x-frame-options
DENY
content-type
application/json
vary
Accept-Encoding, origin
access-control-allow-origin
*
cache-control
max-age=180
accept-ranges
bytes
expires
Wed, 19 Jun 2024 11:40:36 GMT
favicon.ico
gcoreip.1239999.xyz/ 		5 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gcoreip.1239999.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f97e34823ab4ac77eecc124ec80b6f0b900aebba0f553464c4551120bfd7794

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gcoreip.1239999.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 11:38:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mxMDYlnu3PYa%2B1kwNqPoheG4HbOCnCYGfm6OpOqJzQa%2BuVgqzd0lcTT8K7jPbU5sbr48u9enVVGz28CdeFlFtO1ms%2B46H7q2AW3hbCNfTUEHq6e1RY%2FT8GHMH69CJzZJs2%2FzP3Xi"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
89633becea5d1e14-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| submitLink function| copyAll function| copyRandom function| shuffleArray function| copyToClipboard

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.gcore.com
gcoreip.1239999.xyz
172.67.129.14
2a03:90c0:41:2801::62
4f97e34823ab4ac77eecc124ec80b6f0b900aebba0f553464c4551120bfd7794
8b9e76e6aa10ddecb6441b3c15cb4c36adc29c364c0dd69f1e219ef51fda48fa