![](/screenshots/2e2a3d9a-4b05-432b-a7b2-51355c033268.png)
ps-script.vsebas.workers.dev
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Effective URL: https://ps-script.vsebas.workers.dev/
Submission: On September 01 via api from US — Scanned from NL
Summary
TLS certificate: Issued by E1 on July 5th 2023. Valid for: 3 months.
This is the only time ps-script.vsebas.workers.dev was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
cdn.ckeditor.com |
ASN13335 (CLOUDFLARENET, US)
examples.page-shield.workers.dev | |
csp-prototype.page-shield.workers.dev | |
test2.page-shield.workers.dev |
ASN16625 (AKAMAI-AS, US)
PTR: a23-209-233-112.deploy.static.akamaitechnologies.com
static.atgsvcs.com |
Domain | Requested by | |
---|---|---|
4 | examples.page-shield.workers.dev |
ps-script.vsebas.workers.dev
|
3 | csp-prototype.page-shield.workers.dev |
ps-script.vsebas.workers.dev
|
2 | cdn.sub2tech.com |
ps-script.vsebas.workers.dev
cdn.sub2tech.com |
2 | www.bing.com |
ps-script.vsebas.workers.dev
|
2 | blog.cloudflare.com |
1 redirects
ps-script.vsebas.workers.dev
|
2 | cdn.jsdelivr.net |
ps-script.vsebas.workers.dev
|
2 | cdnjs.cloudflare.com |
ps-script.vsebas.workers.dev
|
2 | ps-script.vsebas.workers.dev |
ps-script.vsebas.workers.dev
|
1 | www.americantourister.co.kr |
ps-script.vsebas.workers.dev
|
1 | assets.api.useinsider.com |
ps-script.vsebas.workers.dev
|
1 | static.atgsvcs.com |
ps-script.vsebas.workers.dev
|
1 | otvetstvennayaigra.betfair.com |
ps-script.vsebas.workers.dev
|
1 | useinsider.com |
ps-script.vsebas.workers.dev
|
1 | global.direct.asda.com |
ps-script.vsebas.workers.dev
|
1 | cn.pandora.net |
ps-script.vsebas.workers.dev
|
1 | bing.co.uk | 1 redirects |
1 | bing.com | 1 redirects |
1 | dash.cloudflare.com |
ps-script.vsebas.workers.dev
|
1 | en.wikipedia.org |
ps-script.vsebas.workers.dev
|
1 | workers.cloudflare.com |
ps-script.vsebas.workers.dev
|
1 | workers.dev | 1 redirects |
1 | test2.page-shield.workers.dev |
ps-script.vsebas.workers.dev
|
1 | klarittyjoy.com |
ps-script.vsebas.workers.dev
|
1 | example.com |
ps-script.vsebas.workers.dev
|
1 | imgs.signifyd.com |
ps-script.vsebas.workers.dev
|
1 | stackpath.bootstrapcdn.com |
ps-script.vsebas.workers.dev
|
1 | cdn.ckeditor.com |
ps-script.vsebas.workers.dev
|
0 | cf-malicious-test.domain.example.com Failed |
ps-script.vsebas.workers.dev
|
0 | hookb.in Failed |
ps-script.vsebas.workers.dev
|
0 | baefaweing.com Failed |
ps-script.vsebas.workers.dev
|
0 | sefjse.com Failed |
ps-script.vsebas.workers.dev
|
0 | baeaweing.com Failed |
ps-script.vsebas.workers.dev
|
0 | foo.cloudflare.com Failed |
ps-script.vsebas.workers.dev
|
0 | polinaryapp.com Failed |
ps-script.vsebas.workers.dev
|
0 | cf-malicious-test.url.example.com Failed |
ps-script.vsebas.workers.dev
|
0 | threat.malicious.cf-malicious-test.domain.example.com Failed |
ps-script.vsebas.workers.dev
|
0 | new3.malicious.cf-malicious-test.domain.example.com Failed |
ps-script.vsebas.workers.dev
|
0 | another.malicious.cf-malicious-test.domain.example.com Failed |
ps-script.vsebas.workers.dev
|
0 | malicious.cf-malicious-test.domain.example.com Failed |
ps-script.vsebas.workers.dev
|
0 | ced-ns.sascdn.com Failed |
ps-script.vsebas.workers.dev
|
0 | cf-malicious-test.domain.example Failed |
ps-script.vsebas.workers.dev
|
64 | 41 |
This site contains links to these domains. Also see Links.
Domain |
---|
example.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
vsebas.workers.dev E1 |
2023-07-05 - 2023-10-03 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
cdn.ckeditor.com Sectigo RSA Domain Validation Secure Server CA |
2023-04-06 - 2024-05-06 |
a year | crt.sh |
imgs.signifyd.com Go Daddy Secure Certificate Authority - G2 |
2022-12-19 - 2023-12-19 |
a year | crt.sh |
www.example.org DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-13 - 2024-02-13 |
a year | crt.sh |
klarittyjoy.com GTS CA 1P5 |
2023-08-20 - 2023-11-18 |
3 months | crt.sh |
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-10-27 - 2023-11-17 |
a year | crt.sh |
cloudflare-dns.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-01-12 - 2024-01-11 |
a year | crt.sh |
dash.cloudflare.com Cloudflare Inc ECC CA-3 |
2023-06-06 - 2024-06-05 |
a year | crt.sh |
evecom.pandora.net GlobalSign RSA OV SSL CA 2018 |
2023-05-03 - 2024-03-23 |
a year | crt.sh |
direct.asda.com GlobalSign RSA OV SSL CA 2018 |
2022-12-09 - 2024-01-10 |
a year | crt.sh |
useinsider.com Cloudflare Inc ECC CA-3 |
2023-07-21 - 2024-07-19 |
a year | crt.sh |
betfair.com Cloudflare Inc ECC CA-3 |
2023-04-25 - 2024-04-24 |
a year | crt.sh |
static.atgsvcs.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-07-06 - 2024-07-10 |
a year | crt.sh |
*.sub2tech.com Go Daddy Secure Certificate Authority - G2 |
2022-10-11 - 2023-11-11 |
a year | crt.sh |
americantourister.co.kr Sectigo RSA Domain Validation Secure Server CA |
2023-03-03 - 2024-02-02 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://ps-script.vsebas.workers.dev/
Frame ID: 730C9DF1463B09D26730EF813FAE8676
Requests: 63 HTTP requests in this frame
Frame:
https://ps-script.vsebas.workers.dev/cdn-cgi/challenge-platform/scripts/invisible.js
Frame ID: FDA02DD3CD848FEFDE5D9D73E6CC96EF
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/2e2a3d9a-4b05-432b-a7b2-51355c033268.png)
Page URL History Show full URLs
-
http://ps-script.vsebas.workers.dev/
HTTP 307
https://ps-script.vsebas.workers.dev/ Page URL
Detected technologies
Detected patterns
- /demandware\.static/
Detected patterns
- /wp-(?:content|includes)/
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Prototype.png)
Detected patterns
- (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- api\.useinsider\.\w+/
![](/vendor/wappa/icons/Oracle.png)
Detected patterns
- atgsvcs.+atgsvcs\.js
![](/vendor/wappa/icons/SyntaxHighlighter.png)
Detected patterns
- <(?:script|link)[^>]*sh(?:Core|Brush|ThemeDefault)
Twitter Emoji (Twemoji) (Miscellaneous) Expand
Detected patterns
- twemoji(?:\.min)?\.js
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Go
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ps-script.vsebas.workers.dev/
HTTP 307
https://ps-script.vsebas.workers.dev/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 28- https://workers.dev/x.js HTTP 301
- https://workers.cloudflare.com/
- https://blog.cloudflare.com/foo.js HTTP 301
- https://blog.cloudflare.com/foo.js/
- https://bing.com/foo.js HTTP 301
- https://www.bing.com/foo.js?toWww=1&redig=568BDD718CAE4A0D96FC5A58684A2774
- https://bing.co.uk/da.js HTTP 301
- https://www.bing.com/da.js?cc=gb
64 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ps-script.vsebas.workers.dev/ Redirect Chain
|
25 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome.min.js
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/ |
37 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ckeditor.js
cdn.ckeditor.com/4.16.0/standard/ |
650 KB 194 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ |
59 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
badthing.js
cf-malicious-test.domain.example/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sas-banner-1.1.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear3.png;CIS3SID=A1B1472639831C2EA63E92714FC7F5EF
imgs.signifyd.com/fp/ |
2 B 255 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2023.5.0.js
example.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shBrushJScript.min.js
cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/scripts/ |
821 B 1016 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1.js
malicious.cf-malicious-test.domain.example.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1.js
another.malicious.cf-malicious-test.domain.example.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
990.js
new3.malicious.cf-malicious-test.domain.example.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
test.js
klarittyjoy.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1.js
threat.malicious.cf-malicious-test.domain.example.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
500.js
cf-malicious-test.url.example.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
100.js
cf-malicious-test.url.example.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
990.js
cf-malicious-test.url.example.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
new3.js
cf-malicious-test.url.example.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
21ecefdd84a1d2a730.js
polinaryapp.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0001.js
examples.page-shield.workers.dev/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cf-malicious-test-script-new3.js
examples.page-shield.workers.dev/ |
87 B 390 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cf-malicious-test-script-new1.js
examples.page-shield.workers.dev/ |
87 B 654 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
external-script-1.js
csp-prototype.page-shield.workers.dev/ |
282 B 617 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
external-script-2.js
csp-prototype.page-shield.workers.dev/ |
282 B 473 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
external-script-3.js
csp-prototype.page-shield.workers.dev/ |
282 B 472 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001f...
examples.page-shield.workers.dev/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
x.js
test2.page-shield.workers.dev/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
workers.cloudflare.com/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
x.js
en.wikipedia.org/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site-16bcc13e690cc771698c.js
1.1.1.1/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foo.js
dash.cloudflare.com/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
blog.cloudflare.com/foo.js/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
foo.js
foo.cloudflare.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foo.js
www.bing.com/ Redirect Chain
|
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fadawoo.js
baeaweing.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
awdkja.js
sefjse.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
da.js
www.bing.com/ Redirect Chain
|
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
test.js
baefaweing.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sbu_hc.js
cn.pandora.net/_ws_sbu/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
service-worker.js
global.direct.asda.com/ |
33 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
useinsider.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twemoji.js
otvetstvennayaigra.betfair.com/wp-includes/js/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
atgsvcs.js
static.atgsvcs.com/js/ |
96 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sub2.js
cdn.sub2tech.com/CodeBase/LIVE/Min/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opt-in-popup-helper.js
assets.api.useinsider.com/js/ |
53 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kakaoStoreLocator.js
www.americantourister.co.kr/on/demandware.static/Sites-AmericanTouristerKR-Site/-/ko_KR/v1665602114344/js/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sub2_custom_cbv.js
cdn.sub2tech.com/ccs// |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
nP7QwexB8BhZVG2ZLa0Y
hookb.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
foo
example.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
barQwexB8BhZVG2ZLa0Y
hookb.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
connectionPath2023
hookb.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
connectionPath2
hookb.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
foo
cf-malicious-test.domain.example.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
cf-malicious-test.domain.example.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
nP7QwexB8BhZVG2ZLa0Y
hookb.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
foo
example.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
barQwexB8BhZVG2ZLa0Y
hookb.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
connectionPath2023
hookb.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
connectionPath2
hookb.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
foo
cf-malicious-test.domain.example.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
cf-malicious-test.domain.example.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
invisible.js
ps-script.vsebas.workers.dev/cdn-cgi/challenge-platform/scripts/ Frame FDA0 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cf-malicious-test.domain.example
- URL
- https://cf-malicious-test.domain.example/badthing.js
- Domain
- ced-ns.sascdn.com
- URL
- https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.1.js
- Domain
- malicious.cf-malicious-test.domain.example.com
- URL
- https://malicious.cf-malicious-test.domain.example.com/1.js
- Domain
- another.malicious.cf-malicious-test.domain.example.com
- URL
- https://another.malicious.cf-malicious-test.domain.example.com/1.js
- Domain
- new3.malicious.cf-malicious-test.domain.example.com
- URL
- https://new3.malicious.cf-malicious-test.domain.example.com/990.js
- Domain
- threat.malicious.cf-malicious-test.domain.example.com
- URL
- https://threat.malicious.cf-malicious-test.domain.example.com/1.js
- Domain
- cf-malicious-test.url.example.com
- URL
- https://cf-malicious-test.url.example.com/500.js
- Domain
- cf-malicious-test.url.example.com
- URL
- https://cf-malicious-test.url.example.com/100.js
- Domain
- cf-malicious-test.url.example.com
- URL
- https://cf-malicious-test.url.example.com/990.js
- Domain
- cf-malicious-test.url.example.com
- URL
- https://cf-malicious-test.url.example.com/new3.js
- Domain
- polinaryapp.com
- URL
- https://polinaryapp.com/21ecefdd84a1d2a730.js
- Domain
- foo.cloudflare.com
- URL
- https://foo.cloudflare.com/foo.js
- Domain
- baeaweing.com
- URL
- https://baeaweing.com/fadawoo.js
- Domain
- sefjse.com
- URL
- https://sefjse.com/awdkja.js
- Domain
- baefaweing.com
- URL
- https://baefaweing.com/test.js
- Domain
- hookb.in
- URL
- https://hookb.in/nP7QwexB8BhZVG2ZLa0Y
- Domain
- example.com
- URL
- https://example.com/foo
- Domain
- hookb.in
- URL
- https://hookb.in/barQwexB8BhZVG2ZLa0Y
- Domain
- hookb.in
- URL
- https://hookb.in/connectionPath2023
- Domain
- hookb.in
- URL
- https://hookb.in/connectionPath2?a=1
- Domain
- cf-malicious-test.domain.example.com
- URL
- https://cf-malicious-test.domain.example.com/foo
- Domain
- cf-malicious-test.domain.example.com
- URL
- https://cf-malicious-test.domain.example.com/
- Domain
- hookb.in
- URL
- https://hookb.in/nP7QwexB8BhZVG2ZLa0Y
- Domain
- example.com
- URL
- https://example.com/foo
- Domain
- hookb.in
- URL
- https://hookb.in/barQwexB8BhZVG2ZLa0Y
- Domain
- hookb.in
- URL
- https://hookb.in/connectionPath2023
- Domain
- hookb.in
- URL
- https://hookb.in/connectionPath2?a=1
- Domain
- cf-malicious-test.domain.example.com
- URL
- https://cf-malicious-test.domain.example.com/foo
- Domain
- cf-malicious-test.domain.example.com
- URL
- https://cf-malicious-test.domain.example.com/
Verdicts & Comments Add Verdict or Comment
73 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome object| CKEDITOR object| bootstrap function| Popper function| hello function| sendExternalData undefined| matchPage undefined| serveOfflinePage undefined| matchStaticResource undefined| matchPattern undefined| isPLPSearch object| twemoji object| wp object| _ATGSvcs function| iaDecisionServiceConditionsCheck function| conditionsCheck function| runConditions function| odaHelper function| webChatHelper function| esHelper function| odaVariableParse function| webChatVariableParse function| esVariableParse function| showODAChat function| formatVersion function| isValidWebChatVersion function| showWebChat function| showEs function| odaSetPrimaryChatLanguage function| odaUpdateUser function| getConnectionData function| updateConnectionData function| webChatSetInfo function| getPreLaunchFormData function| resetPreLaunchForm function| webChatSetFormFields function| webChatSetLocale function| hasActiveWebChat function| isValidWebChatAction function| odaSendMessage function| odaReconnect function| esUpdateChatHiddenFields function| callRules object| links string| DEBUG_C string| DEBUG_IP_C function| enableLogView function| displayLogView function| rnAddWidget function| rnPush function| Rule object| ruleHash function| wrap function| guard function| loadRules function| loadSiteConfigs function| loadConfig function| loadInvites function| doNotCall object| session function| registerPublicCallback object| ATGSvcs object| CleverSet object| _$_5ee4 boolean| __SUB2_Loaded object| SUB2 object| helpers function| searchAndStore function| init_connection8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bing.com/ | Name: SUID Value: M |
|
.bing.com/ | Name: MUID Value: 03529D91394B6E8E31A88EEE381C6F94 |
|
.useinsider.com/ | Name: __cf_bm Value: 6_o9ZPsPgd51a2B.5xqHponZXWOKcLu0WE0BAQmXAPU-1693591576-0-AWX1aTwXDJ0qCeADVOF7mDvGxJqln3HWLqN077BmhjIseLQmBxpIvx24Cry/lbKu8W8l79+1B/hGjN6rGcjC9tA= |
|
.dash.cloudflare.com/ | Name: __cf_bm Value: 1YoF74LhGen3Ea9e8cPslF7upZbv2I9PmVcwNPD3HTU-1693591576-0-Ab0Mx/KIsQLQvTFO8bGObmizR9aEiiGjQhbJ00SxYtFmAE9bHo12ONZxHdPG4e4stkkUJa6Q7hxpAL8VKK5PtR0YcJHmwS3n9bvSLRlyloo3 |
|
.dash.cloudflare.com/ | Name: __cfruid Value: 7c4511c9de7c852d1e4a990a93252acf8a529f75-1693591576 |
|
.dash.cloudflare.com/ | Name: _cfuvid Value: fcwwDtSk9z.QFLWZWyei3Q71Mb_UH9Z7oKdzBjOviuo-1693591576616-0-604800000 |
|
.cn.pandora.net/ | Name: __cf_bm Value: uUXEPYXr.1hgWlYDd.8uX35mpttBzb7SMWsBE2Iz3rk-1693591576-0-AUyb1JXgmk72ZENqlKwjHVvQfK7bzATstTcb/sYoCbwyM8uWC05w4NB2Uqc3lRAiCMII4oAC1k743pCYrydwQDo= |
|
.blog.cloudflare.com/ | Name: __cf_bm Value: 8MtpfmOukJyRHg3Y5E_jctVnb3ms..52phM_mk5p8_g-1693591576-0-AX5SsjQoTf6Dyi3polOY24XmdzH+nfoP4X5zC+vgIufFqycm5nbPhYAO3obkf4R6bdjNSBuYZrVb3RAdo0pEP3w= |
47 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
another.malicious.cf-malicious-test.domain.example.com
assets.api.useinsider.com
baeaweing.com
baefaweing.com
bing.co.uk
bing.com
blog.cloudflare.com
cdn.ckeditor.com
cdn.jsdelivr.net
cdn.sub2tech.com
cdnjs.cloudflare.com
ced-ns.sascdn.com
cf-malicious-test.domain.example
cf-malicious-test.domain.example.com
cf-malicious-test.url.example.com
cn.pandora.net
csp-prototype.page-shield.workers.dev
dash.cloudflare.com
en.wikipedia.org
example.com
examples.page-shield.workers.dev
foo.cloudflare.com
global.direct.asda.com
hookb.in
imgs.signifyd.com
klarittyjoy.com
malicious.cf-malicious-test.domain.example.com
new3.malicious.cf-malicious-test.domain.example.com
otvetstvennayaigra.betfair.com
polinaryapp.com
ps-script.vsebas.workers.dev
sefjse.com
stackpath.bootstrapcdn.com
static.atgsvcs.com
test2.page-shield.workers.dev
threat.malicious.cf-malicious-test.domain.example.com
useinsider.com
workers.cloudflare.com
workers.dev
www.americantourister.co.kr
www.bing.com
another.malicious.cf-malicious-test.domain.example.com
baeaweing.com
baefaweing.com
ced-ns.sascdn.com
cf-malicious-test.domain.example
cf-malicious-test.domain.example.com
cf-malicious-test.url.example.com
example.com
foo.cloudflare.com
hookb.in
malicious.cf-malicious-test.domain.example.com
new3.malicious.cf-malicious-test.domain.example.com
polinaryapp.com
sefjse.com
threat.malicious.cf-malicious-test.domain.example.com
1.1.1.1
104.17.233.12
104.17.95.20
104.19.154.16
204.79.197.219
205.234.175.175
23.209.233.112
2606:2800:220:1:248:1893:25c8:1946
2606:2800:234:305:1538:7d5:1af9:e7f
2606:4700:3035::6815:3e54
2606:4700:3035::ac43:bb76
2606:4700:4400::6812:228a
2606:4700:7::a29f:853d
2606:4700:7::a29f:863d
2606:4700::6810:5714
2606:4700::6810:8409
2606:4700::6811:190e
2606:4700::6811:6fb8
2606:4700::6812:1c07
2606:4700::6812:acf
2606:4700::6812:c0f
2620:1ec:c11::200
2a02:26f0:3100::1735:2b70
2a02:ec80:300:ed1a::1
2a06:98c1:3120::3
91.235.133.113
1a95c5e72dcd353cc2d1c4bc1e57062ff6f01e3d7b6720ab7af0de6924da5395
2545ce6ce7bb78184be698e6a97455ba061153d4bd122c5fe740fb4c17840801
43c201d2f72e351b4fcdc676a29bc1b25233047ec43af3161f8bb074e19ada10
4afa0afd3ce52d49b89f7b15a354423daa9a9003935b41f3c52cbbf9f8432b1f
4bbb990624b2a4a0a7206c70ca6ed2a82470dec17358d99ae81df54240f9334b
4cc47119fdcd69986bc537c3f32fcd1a2c84e145c1037b9d1f597e0a8f090d55
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
712da4ffb942e87da4129d246209cb397b7f04412906332b8ba87bf0df0dca2d
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
8d67fadec31f84edfd365b7a1ffb8335429a0fab142d1fc6bb2e7fd753f87088
a134fad8f844570dd4604166d4d93f29aa2275482e7dbb7557bb4c04c56a9366
a3394dac0f13468fa6520075e33464e3adaa33b221146b5d6b05d58cafe64201
cca73b5e8f7b1a1976c60afc2fe8ef02eb2ebfb951c0675431345f7ff3bfa107
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa17a8bb36e3b53ec3b55b141463cfaa6e036cf10c0dacf7d181fca83a6974f4
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f