proxysitex.officeupdate.workers.dev Open in urlscan Pro
2606:4700:3031::ac43:8af2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://proxysitex.officeupdate.workers.dev/
Submission: On March 15 via api (March 15th 2024, 8:37:48 am UTC) from US — Scanned from US

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3031::ac43:8af2, located in United States and belongs to CLOUDFLARENET, US. The main domain is proxysitex.officeupdate.workers.dev.
TLS certificate: Issued by GTS CA 1P5 on January 25th 2024. Valid for: 3 months.

This is the only time proxysitex.officeupdate.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3031::ac43:8af2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	47.242.116.177 47.242.116.177	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
8	2

6 2606:4700:3031::ac43:8af2 (United States)

ASN13335 (CLOUDFLARENET, US)

proxysitex.officeupdate.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.242.116.177 (Hong Kong, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

a1icdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	workers.dev proxysitex.officeupdate.workers.dev	255 KB
2	a1icdn.net a1icdn.net	18 KB
8	2

	Domain	Requested by
6	proxysitex.officeupdate.workers.dev	proxysitex.officeupdate.workers.dev
2	a1icdn.net	proxysitex.officeupdate.workers.dev a1icdn.net
8	2

This site contains no links.

Subject Issuer	Validity	Valid
officeupdate.workers.dev GTS CA 1P5	`2024-01-25` - `2024-04-24`	3 months	crt.sh
a1icdn.net R3	`2024-02-20` - `2024-05-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://proxysitex.officeupdate.workers.dev/
Frame ID: 63C64A8084519B099ED69AFFDDDDBA0B
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ant Design (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

273 kB
Transfer

1125 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response proxysitex.officeupdate.workers.dev/	698 B 817 B	848ms 796ms	Document text/html	2606:4700:3031::ac43:8af2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://proxysitex.officeupdate.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8af2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0033bf0da1b6ff9998b95ee613a0a6c03f23c52183e4b9b08b1c0b2a463ddcb5` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 864b2ed0fb8542c0-EWR content-encoding br content-type text/html date Fri, 15 Mar 2024 08:37:41 GMT last-modified Sat, 12 Oct 2019 10:09:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mLpR94ZMOwnb7SIhjrTlpixlK4LDSrq%2B%2Bngbncr5H3qa71aO11YrYkAlKORw42CNmNb4SCfN7rfsFf20OVYNv9JwAq8y49pC9%2BYr5KGZk0zjp7nNldJwm74jPUDCCRDCa%2Fxc0F8MEQb9sriBkLZS9ejgRAHScnlBrhZkrFSrovpF6Q%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	index.css proxysitex.officeupdate.workers.dev/app/	258 KB 39 KB	971ms 969ms	Stylesheet text/css	2606:4700:3031::ac43:8af2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://proxysitex.officeupdate.workers.dev/app/index.css?version=2.4.47.dev&build=1570874555 Requested by Host: proxysitex.officeupdate.workers.dev URL: https://proxysitex.officeupdate.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8af2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `87e8ae498fac073857add27852d1098490644e68197f28b6c4da2751d92e29d8` Request headers accept-language en-US,en;q=0.9 Referer https://proxysitex.officeupdate.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 08:37:42 GMT content-encoding br cf-cache-status MISS last-modified Sat, 12 Oct 2019 10:09:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1YA7ILzzt56CnSMO%2BP2TAyDMIZxLGy2FkIg%2BBKb6aqte5%2F0ooP98KtRMfn7Ixxo7OaoGYYNVot5AeTc3qTSf%2F1n18zGUa2YciEr8XYcu4HX48aFJzfWRTlK3v9SPb0PXPSvaLPLH2kklIVffruhrW4d5kDkl%2FCiscsEFuNGqai9OQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cf-ray 864b2ed69eaf42c0-EWR alt-svc h3=":443"; ma=86400
GET H2	200	common.js Show response proxysitex.officeupdate.workers.dev/app/	3 KB 2 KB	824ms 823ms	Script application/javascript	2606:4700:3031::ac43:8af2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://proxysitex.officeupdate.workers.dev/app/common.js?version=2.4.47.dev&build=1570874555 Requested by Host: proxysitex.officeupdate.workers.dev URL: https://proxysitex.officeupdate.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8af2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bccd67180fe6352d057e4518bb7fc5d7eb462cf1f2dff49b9bebc6b1e67934b0` Request headers accept-language en-US,en;q=0.9 Referer https://proxysitex.officeupdate.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 08:37:42 GMT content-encoding br cf-cache-status MISS last-modified Tue, 12 Mar 2024 08:46:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65f01678-ab3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DhWiwUFF3P0gum9T4WY8EczNImtOeUCMA8ZGIvbx4o1ygjYjNsC1QGdoVUzKdD9vd4yN39e6%2Bo8Tc7iffjzIvu2sJOzDUjnXORdXmTzHlKc1d9wPhd19kwuth6ugRJIxNNfVMgEqqsUASE6fuAe%2FdSCCx6xQDLfPEfsrKkimuNK7MA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 864b2ed69eb142c0-EWR alt-svc h3=":443"; ma=86400
GET H2	200	index.js Show response proxysitex.officeupdate.workers.dev/app/	846 KB 212 KB	987ms 986ms	Script application/javascript	2606:4700:3031::ac43:8af2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://proxysitex.officeupdate.workers.dev/app/index.js?version=2.4.47.dev&build=1570874555 Requested by Host: proxysitex.officeupdate.workers.dev URL: https://proxysitex.officeupdate.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8af2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e346ed4b1e213695737284d424339d3847b8a318f67eb6a5768ce4e752c242cb` Request headers accept-language en-US,en;q=0.9 Referer https://proxysitex.officeupdate.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 08:37:42 GMT content-encoding br cf-cache-status MISS last-modified Sat, 12 Oct 2019 10:09:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T9IoMLHzOBiMtP7vFkKGaHQGG1bDHa1CaewW9JrZdCuvkLwkr6NlVjeDl%2BY8fMw8ZlZQ13PSPh5Hqp4JYjxfLX3jfnmkvo58YC78s26AeWa0fBzca%2BrcUq3JwGzBCBW8AknUJM7x%2FNTw6SVTe%2BJUYC9Erjk9U0TQS%2BT0AO%2BTvWK3Qg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 864b2ed69eb242c0-EWR alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	3hxe4rtqxkrvg0gwaxqvaey65xlod4hu Show response a1icdn.net/	18 KB 18 KB	2603ms 818ms	Script text/javascript	47.242.116.177 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://a1icdn.net/3hxe4rtqxkrvg0gwaxqvaey65xlod4hu Requested by Host: proxysitex.officeupdate.workers.dev URL: https://proxysitex.officeupdate.workers.dev/app/common.js?version=2.4.47.dev&build=1570874555 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.242.116.177 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `224c538dc3ef62fe2791c3160f38655a576c785cd2ca1f963abee6b496dbe509` Request headers accept-language en-US,en;q=0.9 Referer https://proxysitex.officeupdate.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 15 Mar 2024 08:37:44 GMT Connection keep-alive Access-Control-Allow-Headers * Transfer-Encoding chunked Content-Type text/javascript; charset=utf-8
POST H3	200	index.php Show response proxysitex.officeupdate.workers.dev/service/	103 B 799 B	752ms 751ms	XHR text/html	2606:4700:3031::ac43:8af2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://proxysitex.officeupdate.workers.dev/service/index.php?m=lang&lang=en_US Requested by Host: proxysitex.officeupdate.workers.dev URL: https://proxysitex.officeupdate.workers.dev/app/index.js?version=2.4.47.dev&build=1570874555 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:8af2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4c7fb8b3b732ec1988fd3f0d237bd4fe446017f2b50a97079089b1ac34e196bc` Request headers Accept application/json, text/javascript Referer https://proxysitex.officeupdate.workers.dev/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 15 Mar 2024 08:37:44 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZyY82WlLVhVfU2VHhktjNLJ0FXexSQioAELUXahD6SJxypBa4kYAY0agnd7Ath31kB%2F7e%2BRt2ySS6RKuSF59F39Ov2zgmkQ3IOZU46%2F%2BnqPl5W3jvT2EUZahhVABHbtdwac%2Ft1T%2Balc10NyWkHwkFH0aa%2B%2FAkN972oUDqjriRX4URw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 864b2ee5fdc15e6a-EWR alt-svc h3=":443"; ma=86400
POST H3	200	index.php Show response proxysitex.officeupdate.workers.dev/service/	103 B 796 B	507ms 506ms	XHR text/html	2606:4700:3031::ac43:8af2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://proxysitex.officeupdate.workers.dev/service/index.php?m=index&c=index&f=checkLogin Requested by Host: proxysitex.officeupdate.workers.dev URL: https://proxysitex.officeupdate.workers.dev/app/index.js?version=2.4.47.dev&build=1570874555 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:8af2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4c7fb8b3b732ec1988fd3f0d237bd4fe446017f2b50a97079089b1ac34e196bc` Request headers Accept application/json, text/javascript Referer https://proxysitex.officeupdate.workers.dev/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 15 Mar 2024 08:37:45 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kAirf5oZv1pNK0dSVjtc6bcGubacaNX1YHCb2uqZrkxH8nzFdj8G5eIXUpk83rCEOxT3Gg8e6gMTEcgkgwiDhD2r%2FdW%2F3IVSxnUgrRJOdSY%2BWSatVp%2Fr5KkRFHLpzzaxKnL02q2y0mzfaGdCX7d0n%2FUGNmY4t0TAEa4nrRtgswHL%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 864b2eeaa82f5e6a-EWR alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	cookie Show response a1icdn.net/	61 B 335 B	221ms 221ms	Script text/javascript	47.242.116.177 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://a1icdn.net/cookie Requested by Host: a1icdn.net URL: https://a1icdn.net/3hxe4rtqxkrvg0gwaxqvaey65xlod4hu Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.242.116.177 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `deeab133058910cff3fe5bb21e46da52e90315600ec0a0c6302eebd298edabae` Request headers accept-language en-US,en;q=0.9 Referer https://proxysitex.officeupdate.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Fri, 15 Mar 2024 08:37:45 GMT Connection keep-alive Transfer-Encoding chunked Content-Type text/javascript

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			proxysitex.officeupdate.workers.dev/service	1969-12-31 23:59:59	Name: srv_session_id Value: Pa1AFmAsRovS1oOM0ky0duObwUw%2F3ERn4sfAjmbKHVdhfDy6ndmQqlZpgQHP%2F3Uki8gBcOjwzRd9B87NCJSKnNLEUZT8BuP3xRutUSYtaw6me522V7iT0i0fnszuQSFp

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1icdn.net
proxysitex.officeupdate.workers.dev
2606:4700:3031::ac43:8af2
47.242.116.177
0033bf0da1b6ff9998b95ee613a0a6c03f23c52183e4b9b08b1c0b2a463ddcb5
224c538dc3ef62fe2791c3160f38655a576c785cd2ca1f963abee6b496dbe509
4c7fb8b3b732ec1988fd3f0d237bd4fe446017f2b50a97079089b1ac34e196bc
87e8ae498fac073857add27852d1098490644e68197f28b6c4da2751d92e29d8
bccd67180fe6352d057e4518bb7fc5d7eb462cf1f2dff49b9bebc6b1e67934b0
deeab133058910cff3fe5bb21e46da52e90315600ec0a0c6302eebd298edabae
e346ed4b1e213695737284d424339d3847b8a318f67eb6a5768ce4e752c242cb

proxysitex.officeupdate.workers.dev Open in urlscan Pro 2606:4700:3031::ac43:8af2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

273 kBTransfer

1125 kBSize

1 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

1 Cookies

Indicators

proxysitex.officeupdate.workers.dev Open in urlscan Pro
2606:4700:3031::ac43:8af2 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

273 kB
Transfer

1125 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions