gocast2.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3030::ac43:a45f, located in United States and belongs to CLOUDFLARENET, US. The main domain is gocast2.com. The Cisco Umbrella rank of the primary domain is 680420.
TLS certificate: Issued by E1 on October 7th 2022. Valid for: 3 months.

This is the only time gocast2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3030::ac43:a45f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	178.162.196.156 178.162.196.156	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
4	2

1 2606:4700:3030::ac43:a45f (United States)

ASN13335 (CLOUDFLARENET, US)

gocast2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.162.196.156 (Germany) 1 redirects

ASN28753 (LEASEWEB-DE-FRA-10, DE)

vmuid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
origunix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tartator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	vmuid.com vmuid.com — Cisco Umbrella Rank: 149899	11 KB
1	tartator.com tartator.com — Cisco Umbrella Rank: 26779	135 KB
1	origunix.com 1 redirects origunix.com — Cisco Umbrella Rank: 404101	373 B
1	gocast2.com gocast2.com — Cisco Umbrella Rank: 680420	658 B
4	4

	Domain	Requested by
2	vmuid.com	gocast2.com vmuid.com
1	tartator.com	gocast2.com
1	origunix.com	1 redirects
1	gocast2.com
4	4

This site contains no links.

Subject Issuer	Validity	Valid
*.gocast2.com E1	`2022-10-07` - `2023-01-05`	3 months	crt.sh
vmuid.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gocast2.com/
Frame ID: 853A7128DC0C8DC4EB26FCAB3F12798F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

4
Requests

75 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

146 kB
Transfer

145 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://origunix.com/sdk.js?sid=dc396fbe-f9a8-4ac3-9085-abac58fd3539 HTTP 302
https://tartator.com/sdk.js?sid=dc396fbe-f9a8-4ac3-9085-abac58fd3539

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response gocast2.com/	315 B 658 B	183ms 120ms	Document text/html	2606:4700:3030::ac43:a45f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gocast2.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:a45f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.40 Resource Hash `34a2de318daf2f004c590e0896f6d3350492e7d57cf5da55807403f28aed5e45` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7676ee696d256949-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 09 Nov 2022 13:35:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1eHpp91B3NVxa7zHkdBGT0gk2HW2sZRLC%2FgzTFw6C7rc%2FN1bofxZhyKuGyiZhZmGCsJQs6G7artYMtmE%2BKXGNQryQJVb8qaIT%2FkzNglrq7rVWDSBxqYK7eZHRwtoswEnxLDcm6dy6BbOw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/5.6.40
GET H/1.1	200 OK	script.js Show response vmuid.com/	10 KB 10 KB	228ms 29ms	Script text/javascript	178.162.196.156 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://vmuid.com/script.js?sid=dc396fbe-f9a8-4ac3-9085-abac58fd3539 Requested by Host: gocast2.com URL: https://gocast2.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 178.162.196.156 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS Software nginx/1.14.1 / Resource Hash `6f2d139be44a6dc85d842a753f4e3ebafdb63a0babcb64f741310076aaa29a7f` Request headers accept-language de-DE,de;q=0.9 Referer https://gocast2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Wed, 09 Nov 2022 13:35:23 GMT Server nginx/1.14.1 Accept-Ch Sec-CH-UA-Platform-Version X-Cache-Status MISS Content-Type text/javascript Cache-Control no-store, max-age=0 Connection keep-alive Content-Length 10176
GET H/1.1	200 OK	sdk.js Show response tartator.com/ Redirect Chain https://origunix.com/sdk.js?sid=dc396fbe-f9a8-4ac3-9085-abac58fd3539 https://tartator.com/sdk.js?sid=dc396fbe-f9a8-4ac3-9085-abac58fd3539	134 KB 135 KB	131ms 58ms	Script text/javascript	178.162.196.156 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://tartator.com/sdk.js?sid=dc396fbe-f9a8-4ac3-9085-abac58fd3539 Requested by Host: gocast2.com URL: https://gocast2.com/ Protocol HTTP/1.1 Server 178.162.196.156 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS Software nginx/1.14.1 / Resource Hash `a1525fc9a1650b2263b0984b2014b93bdabe75b2d3ca46e9993af2f812dad1f2` Request headers accept-language de-DE,de;q=0.9 Referer https://gocast2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Wed, 09 Nov 2022 13:35:23 GMT Server nginx/1.14.1 Accept-Ch Sec-CH-UA-Platform-Version X-Cache-Status MISS Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control no-store, max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 137681 Redirect headers Date Wed, 09 Nov 2022 13:35:23 GMT Server nginx/1.14.1 Accept-Ch Sec-CH-UA-Platform-Version X-Cache-Status MISS Access-Control-Allow-Origin * Location https://tartator.com/sdk.js?sid=dc396fbe-f9a8-4ac3-9085-abac58fd3539 Cache-Control no-store, max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
POST H/1.1	200 OK	send Show response vmuid.com/uid/	65 B 698 B	31ms 29ms	Fetch application/json	178.162.196.156 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://vmuid.com/uid/send Requested by Host: vmuid.com URL: https://vmuid.com/script.js?sid=dc396fbe-f9a8-4ac3-9085-abac58fd3539 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 178.162.196.156 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS Software nginx/1.14.1 / Resource Hash `708b4b3ebefad35abae69a9324e9d910e5a2fef14f04de4e375bb9e846dd018e` Request headers Accept application/json Referer https://gocast2.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundary0AHZuSwhNVPJBEWH Response headers Date Wed, 09 Nov 2022 13:35:23 GMT Server nginx/1.14.1 Accept-Ch Sec-CH-UA-Platform-Version Content-Type application/json Access-Control-Allow-Origin https://gocast2.com Cache-Control no-store, max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie Content-Length 65

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.vmuid.com/	1970-01-20 16:56:00	Name: guid Value: 13a8a083-f182-464f-8732-abd8395d8bc8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gocast2.com
origunix.com
tartator.com
vmuid.com
178.162.196.156
2606:4700:3030::ac43:a45f
34a2de318daf2f004c590e0896f6d3350492e7d57cf5da55807403f28aed5e45
6f2d139be44a6dc85d842a753f4e3ebafdb63a0babcb64f741310076aaa29a7f
708b4b3ebefad35abae69a9324e9d910e5a2fef14f04de4e375bb9e846dd018e
a1525fc9a1650b2263b0984b2014b93bdabe75b2d3ca46e9993af2f812dad1f2

gocast2.com Open in urlscan Pro 2606:4700:3030::ac43:a45f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

4 Requests

75 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

2 IPs

2 Countries

146 kBTransfer

145 kBSize

1 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

1 Cookies

Indicators

gocast2.com Open in urlscan Pro
2606:4700:3030::ac43:a45f Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

75 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

146 kB
Transfer

145 kB
Size

1
Cookies

4 HTTP transactions
0 data transactions