urlscan.io logo urlscan.io
SecurityTrails logo

forwork.top Open in urlscan Pro
103.63.215.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://forwork.top/
Effective URL: https://forwork.top/login.php
Submission: On July 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 103.63.215.30, located in Viet Nam and belongs to EHOST-AS-VN Ehost software company limited, VN. The main domain is forwork.top.
TLS certificate: Issued by R3 on July 29th 2023. Valid for: 3 months.
This is the only time forwork.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 103.63.215.30 135920 (EHOST-AS-...)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2
Apex Domain
Subdomains		 Transfer
3 forwork.top
forwork.top
53 KB
2 tailwindcss.com
cdn.tailwindcss.com — Cisco Umbrella Rank: 64290
133 KB
3 2
Domain Requested by
3 forwork.top 1 redirects forwork.top
2 cdn.tailwindcss.com 1 redirects forwork.top
3 2

This site contains no links.

Subject Issuer Validity Valid
forwork.top
R3		 2023-07-29 -
2023-10-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://forwork.top/login.php
Frame ID: C1114906B15879198B0F4C04F1A1E744
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://forwork.top/ HTTP 302
    https://forwork.top/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

3
Requests

67 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

186 kB
Transfer

505 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://forwork.top/ HTTP 302
    https://forwork.top/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cdn.tailwindcss.com/?plugins=forms,typography,aspect-ratio,line-clamp HTTP 302
  • https://cdn.tailwindcss.com/3.3.3?plugins=forms@0.5.4,typography@0.5.9,aspect-ratio@0.4.2,line-clamp@0.4.4

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
forwork.top/
Redirect Chain
  • https://forwork.top/
  • https://forwork.top/login.php
1 KB
656 B 		Document
General
Check archive.org
Download Go to
Full URL
https://forwork.top/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.63.215.30 , Viet Nam, ASN135920 (EHOST-AS-VN Ehost software company limited, VN),
Reverse DNS
static-ptr.ehost.vn
Software
Apache/2 /
Resource Hash
a252f4832c7b7860f6fdad90dd94791b44ec7a8fe3b5a776a0f3c1945591ec03

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-length
623
content-type
text/html; charset=UTF-8
date
Sat, 29 Jul 2023 12:28:37 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2
vary
Accept-Encoding,User-Agent

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-length
23
content-type
text/html; charset=UTF-8
date
Sat, 29 Jul 2023 12:28:37 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
login.php
pragma
no-cache
server
Apache/2
vary
Accept-Encoding,User-Agent
3.3.3
cdn.tailwindcss.com/
Redirect Chain
  • https://cdn.tailwindcss.com/?plugins=forms,typography,aspect-ratio,line-clamp
  • https://cdn.tailwindcss.com/3.3.3?plugins=forms@0.5.4,typography@0.5.9,aspect-ratio@0.4.2,line-clamp@0.4.4
452 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tailwindcss.com/3.3.3?plugins=forms@0.5.4,typography@0.5.9,aspect-ratio@0.4.2,line-clamp@0.4.4
Requested by
Host: forwork.top
URL: https://forwork.top/login.php
Protocol
H2
Server
2606:4700:20::681a:95b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beb06bfa2824140f457c5c7e0ee79f548c2a8618cef04364919b59688909f3e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forwork.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 12:28:38 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Jul 2023 11:00:15 GMT
x-vercel-id
gru1::iad1::zdhjd-1689850814554-6b27a94e332e
server
cloudflare
age
781929
x-vercel-cache
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FFFtBp0%2FjawY%2BDNW3EfI4Y647I9ggaFDfC2At7DCes4MR0NxqG9rYJQn6rd2rgz9i9aRLHeiZQL4XPbQf4Rf3QesdiKlE6SxUqeOGI67pA3AAZbkeF%2BbY%2BrlOf3An7P0P4tb2XSqHWsu1c1eIvd9gc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=31536000
cf-ray
7ee55ce19a6243e8-EWR

Redirect headers

date
Sat, 29 Jul 2023 12:28:37 GMT
strict-transport-security
max-age=63072000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id
gru1::iad1::7sw4k-1690633354365-997f5995403e
server
cloudflare
age
0
x-vercel-cache
MISS
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYfvjBQgguoeaudK77B3nOn9O6Xkl8WZDz66z7xLxzs%2BR6h5lEPUAcfM%2FRNpREDo6AJB4mu4wlL63Nl58D1wEfkyAmD2rE95HIvDeOezOXRrI2eFdVRCE%2BqDNUSNH8WOKwo0aBCEBlNfC6j4h25D9Nk%3D"}],"group":"cf-nel","max_age":604800}
location
/3.3.3?plugins=forms@0.5.4,typography@0.5.9,aspect-ratio@0.4.2,line-clamp@0.4.4
cache-control
max-age=14400
cf-ray
7ee55ce16a3d43e8-EWR
content-length
0
avatar.png
forwork.top/imgs/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forwork.top/imgs/avatar.png
Requested by
Host: forwork.top
URL: https://forwork.top/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.63.215.30 , Viet Nam, ASN135920 (EHOST-AS-VN Ehost software company limited, VN),
Reverse DNS
static-ptr.ehost.vn
Software
Apache/2 /
Resource Hash
b5ec8e378a080ceb3a3ee595e5085685a2941c1a64bca5d70805788e1a7ea030

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forwork.top/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 12:28:37 GMT
last-modified
Sat, 29 Jul 2023 09:09:00 GMT
server
Apache/2
accept-ranges
bytes
etag
"d04f-6019c8c4adc5e"
content-length
53327
content-type
image/png

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| tailwind string| /template.html

1 Cookies

Domain/Path Name / Value
forwork.top/ Name: PHPSESSID
Value: lnhle8a6smk01bs9544qjcel66

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tailwindcss.com
forwork.top
103.63.215.30
2606:4700:20::681a:95b
a252f4832c7b7860f6fdad90dd94791b44ec7a8fe3b5a776a0f3c1945591ec03
b5ec8e378a080ceb3a3ee595e5085685a2941c1a64bca5d70805788e1a7ea030
beb06bfa2824140f457c5c7e0ee79f548c2a8618cef04364919b59688909f3e3