www.gproxx.com Open in urlscan Pro
139.99.176.244  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request welcome Show response www.gproxx.com/https://login.adp.com/	2 KB 1 KB	3949ms 1584ms	Document text/html	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gproxx.com/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash 21ec5ed5f23a2d8b5fa198fdb51d45759d17f93193e5d5730b1f19439e4749d7 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers access-control-allow-origin * content-encoding gzip content-language en-AU content-length 840 content-type text/html;charset=UTF-8 date Tue, 20 Sep 2022 00:02:04 GMT server nginx vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	asyncjs.php Show response www.gpedia.com/adserver/www/delivery/	10 KB 4 KB	738ms 98ms	Script text/javascript	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gpedia.com/adserver/www/delivery/asyncjs.php Requested by Host: www.gproxx.com URL: https://www.gproxx.com/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash 10522baae2487fc01989a107312a2b8d3fb97ebbbdce612d46d83eafb3232f6f Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:04 GMT content-encoding gzip server nginx p3p CP="CUR ADM OUR NOR STA NID" etag d16397d5740531636a9d05e725e727d1 vary Accept-Encoding content-type text/javascript;charset=UTF-8 cache-control private, max-age=3600 expire Tue, 20 Sep 2022 01:02:04 GMT content-length 3538
GET H2	200	gproxy.css www.gproxx.com/	375 B 549 B	95ms 95ms	Stylesheet text/css	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gproxx.com/gproxy.css Requested by Host: www.gproxx.com URL: https://www.gproxx.com/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash 7f4ffe55a70fa7e16d557d27ec23e7eda6e203c409ec29cfdbac1831d2525c11 Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:04 GMT last-modified Fri, 02 Jun 2017 11:54:20 GMT server nginx etag "593151ec-177" content-type text/css cache-control max-age=315360000 accept-ranges bytes content-length 375 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery-1.11.3.min.js Show response code.jquery.com/	94 KB 33 KB	2313ms 335ms	Script application/javascript	69.16.175.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.11.3.min.js Requested by Host: www.gproxx.com URL: https://www.gproxx.com/https://login.adp.com/welcome Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS tlb.hwcdn.net Software nginx / Resource Hash ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:06 GMT content-encoding gzip last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx etag W/"28feccc0-176d5" vary Accept-Encoding x-hw 1663632125.dop209.la3.t,1663632126.cds213.la3.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 33261
GET H2	200	desktop_gproxx_small.jpg www.gproxx.com/	15 KB 15 KB	189ms 189ms	Image image/jpeg	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://www.gproxx.com/desktop_gproxx_small.jpg Requested by Host: www.gproxx.com URL: https://www.gproxx.com/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash 95643823fb7788413f6a410cef8b6ef248a8751fcce6971bd1ad18c129a5abda Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:04 GMT last-modified Fri, 09 Jun 2017 07:55:51 GMT server nginx etag "593a5487-3b47" content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes content-length 15175 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	desktop_search_button.jpg www.gproxx.com/	855 B 1 KB	190ms 189ms	Image image/jpeg	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://www.gproxx.com/desktop_search_button.jpg Requested by Host: www.gproxx.com URL: https://www.gproxx.com/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash 022c8f2a59e615543a78e989bc5976f604fc01969eddd76f340dd36ca81a49dc Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:04 GMT last-modified Fri, 02 Jun 2017 11:54:27 GMT server nginx etag "593151f3-357" content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes content-length 855 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	welcome Show response www.gproxx.com/proxy/https://login.adp.com/ Frame 6A3F	16 KB 4 KB	1199ms 1199ms	Document text/html	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gproxx.com/proxy/https://login.adp.com/welcome Requested by Host: www.gproxx.com URL: https://www.gproxx.com/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash cfdc387b0ea23baafa1f67e6606237c0e8ef0e3d92e2dee6f857148852a6a42a Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.gproxx.com/https://login.adp.com/welcome Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers access-control-allow-origin * content-encoding gzip content-language en-AU content-length 4192 content-type text/html;charset=UTF-8 date Tue, 20 Sep 2022 00:02:07 GMT server nginx vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	asyncspc.php Show response www.gpedia.com/adserver/www/delivery/	885 B 657 B	102ms 102ms	XHR application/json	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gpedia.com/adserver/www/delivery/asyncspc.php?zones=4%7C4&prefix=revive-0-&loc=https%3A%2F%2Fwww.gproxx.com%2Fhttps%3A%2F%2Flogin.adp.com%2Fwelcome Requested by Host: www.gpedia.com URL: https://www.gpedia.com/adserver/www/delivery/asyncjs.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash 7c2eb23fd049142f76dd00ce9aec91ea9bd65a38e1f16e17d52f6760d4a9bcc7 Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Tue, 20 Sep 2022 00:02:06 GMT content-encoding gzip server nginx p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://www.gproxx.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-type application/json expires 0
GET		lg.php www.gpedia.com/adserver/www/delivery/	0 0
GET		lg.php www.gpedia.com/adserver/www/delivery/	0 0
GET H2	404	bootstrap.min.css www.gproxx.com/https://login.adp.com/resources/css/ Frame 6A3F	0 0	96ms 94ms	Stylesheet text/html	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gproxx.com/https://login.adp.com/resources/css/bootstrap.min.css Requested by Host: www.gproxx.com URL: https://www.gproxx.com/proxy/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/proxy/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:07 GMT content-encoding gzip server nginx etag W/"623bb933-57d" content-type text/html
GET H2	404	adp-css-framework.css www.gproxx.com/https://login.adp.com/resources/css/ Frame 6A3F	0 0	96ms 95ms	Stylesheet text/html	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gproxx.com/https://login.adp.com/resources/css/adp-css-framework.css Requested by Host: www.gproxx.com URL: https://www.gproxx.com/proxy/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/proxy/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:07 GMT content-encoding gzip server nginx etag W/"623bb933-57d" content-type text/html
GET H2	404	landing.css www.gproxx.com/https://login.adp.com/resources/css/ Frame 6A3F	0 0	97ms 96ms	Stylesheet text/html	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gproxx.com/https://login.adp.com/resources/css/landing.css Requested by Host: www.gproxx.com URL: https://www.gproxx.com/proxy/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/proxy/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:07 GMT content-encoding gzip server nginx etag W/"623bb933-57d" content-type text/html
GET H2	404	font-awesome.min.css www.gproxx.com/https://login.adp.com/resources/css/ Frame 6A3F	0 0	97ms 96ms	Stylesheet text/html	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gproxx.com/https://login.adp.com/resources/css/font-awesome.min.css Requested by Host: www.gproxx.com URL: https://www.gproxx.com/proxy/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/proxy/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:07 GMT content-encoding gzip server nginx etag W/"623bb933-57d" content-type text/html
GET H2	404	style.css www.gproxx.com/https://login.adp.com/resources/css/ Frame 6A3F	0 0	98ms 97ms	Stylesheet text/html	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gproxx.com/https://login.adp.com/resources/css/style.css Requested by Host: www.gproxx.com URL: https://www.gproxx.com/proxy/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/proxy/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:07 GMT content-encoding gzip server nginx etag W/"623bb933-57d" content-type text/html
GET H2	404	sandbox.css www.gproxx.com/https://login.adp.com/resources/css/ Frame 6A3F	0 0	98ms 97ms	Stylesheet text/html	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gproxx.com/https://login.adp.com/resources/css/sandbox.css Requested by Host: www.gproxx.com URL: https://www.gproxx.com/proxy/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/proxy/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:07 GMT content-encoding gzip server nginx etag W/"623bb933-57d" content-type text/html
GET H2	404	css-main-logins.css www.gproxx.com/https://login.adp.com/resources/adp-com-css/-/media/adp2018/main/ Frame 6A3F	0 0	98ms 98ms	Stylesheet text/html	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gproxx.com/https://login.adp.com/resources/adp-com-css/-/media/adp2018/main/css-main-logins.css Requested by Host: www.gproxx.com URL: https://www.gproxx.com/proxy/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/proxy/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:07 GMT content-encoding gzip server nginx etag W/"623bb933-57d" content-type text/html
GET H2	200	image www.gproxx.com/https://online.adp.com/api/brand-service/v1/brands/ Frame 6A3F	58 KB 58 KB	1315ms 1315ms	Image image/png	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://www.gproxx.com/https://online.adp.com/api/brand-service/v1/brands/image?productId=%24default%24&imageId=productLogo-red.png Requested by Host: www.gproxx.com URL: https://www.gproxx.com/proxy/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Express Resource Hash f1a1ebb7a2adc60302828b1ab6cd885659c2cbf86231916136b94502602c8d4e Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains; preload, max-age=15724800; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/proxy/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=315360000; includeSubDomains; preload, max-age=15724800; includeSubDomains etag W/"e720-fW2PIWlGKw1mlcsnlORg+YdvVLk:dtagent10247220811100421wwKg:dtagent10247220811100421wwKg" server nginx x-powered-by Express content-type image/png access-control-allow-origin * date Tue, 20 Sep 2022 00:02:08 GMT server-timing dtSInfo;desc="0", dtRpid;desc="-1865068883"
GET H2	404	jquery.min.js www.gproxx.com/https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame 6A3F	0 0	97ms 96ms	Script text/html	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gproxx.com/https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js Requested by Host: www.gproxx.com URL: https://www.gproxx.com/proxy/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/proxy/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:07 GMT content-encoding gzip server nginx etag W/"623bb933-57d" content-type text/html
GET H2	404	js-main-logins.js www.gproxx.com/https://login.adp.com/resources/adp-com-css/-/media/adp2018/main/ Frame 6A3F	0 0	97ms 96ms	Script text/html	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gproxx.com/https://login.adp.com/resources/adp-com-css/-/media/adp2018/main/js-main-logins.js Requested by Host: www.gproxx.com URL: https://www.gproxx.com/proxy/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/proxy/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:07 GMT content-encoding gzip server nginx etag W/"623bb933-57d" content-type text/html
GET H2	404	bootstrap.min.js www.gproxx.com/https://login.adp.com/resources/js/ Frame 6A3F	0 0	167ms 166ms	Script text/html	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gproxx.com/https://login.adp.com/resources/js/bootstrap.min.js Requested by Host: www.gproxx.com URL: https://www.gproxx.com/proxy/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/proxy/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:07 GMT content-encoding gzip server nginx etag W/"623bb933-57d" content-type text/html
GET H2	404	evergage.min.js www.gproxx.com/https://cdn.evgnet.com/beacon/adpinc/prod/scripts/ Frame 6A3F	0 0	186ms 185ms	Script text/html	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gproxx.com/https://cdn.evgnet.com/beacon/adpinc/prod/scripts/evergage.min.js Requested by Host: www.gproxx.com URL: https://www.gproxx.com/proxy/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/proxy/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:07 GMT content-encoding gzip server nginx etag W/"623bb933-57d" content-type text/html
GET H2	404	gtm.js www.gproxx.com/https://www.googletagmanager.com/ Frame 6A3F	0 0	186ms 185ms	Script text/html	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gproxx.com/https://www.googletagmanager.com/gtm.js?id=GTM-TDW7JFQ&gtm_auth=SkWbFomXC0rxfehHh8-Ilw&gtm_preview=env-5&gtm_cookies_win=x Requested by Host: www.gproxx.com URL: https://www.gproxx.com/proxy/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/proxy/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:07 GMT content-encoding gzip server nginx etag W/"623bb933-57d" content-type text/html
GET H2	200	image www.gproxx.com/https://online.adp.com/api/brand-service/v1/brands/ Frame 6A3F	107 KB 108 KB	1405ms 1404ms	Image image/png	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://www.gproxx.com/https://online.adp.com/api/brand-service/v1/brands/image?productId=$default$&imageId=ADP_default_background.png Requested by Host: www.gproxx.com URL: https://www.gproxx.com/proxy/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Express Resource Hash df7069893e99a7ab00720402ec3249023ea35ef37fe7c20d856a8bfd31a0e1b1 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains; preload, max-age=15724800; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/proxy/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=315360000; includeSubDomains; preload, max-age=15724800; includeSubDomains etag W/"1adb0-4rcOw7dZviq+M4Euny78N4/DeA8:dtagent10247220811100421wwKg:dtagent10247220811100421wwKg" server nginx x-powered-by Express content-type image/png access-control-allow-origin * date Tue, 20 Sep 2022 00:02:09 GMT server-timing dtSInfo;desc="0", dtRpid;desc="1639419383"
GET H2	404	ae.js www.gproxx.com/https://ws.audioeye.com/ Frame 6A3F	0 0	95ms 95ms	Script text/html	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gproxx.com/https://ws.audioeye.com/ae.js Requested by Host: www.gproxx.com URL: https://www.gproxx.com/proxy/https://login.adp.com/welcome Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/proxy/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:09 GMT content-encoding gzip server nginx etag W/"623bb933-57d" content-type text/html
GET H2	200	amazon-advertising.php Show response www.gproxx.com/	105 B 218 B	723ms 722ms	XHR text/html	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gproxx.com/amazon-advertising.php?search_index=Blended&q=Login%20%7C%20ADP%20Products Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-1.11.3.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash b1238a1eec99d808277aca6dd2a1752dbb6f02ce6071a132c860dac995fa7474 Request headers Accept text/html, */*; q=0.01 Referer https://www.gproxx.com/https://login.adp.com/welcome X-Requested-With XMLHttpRequest accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:10 GMT content-encoding gzip server nginx content-length 109 vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	amazon-advertising.css www.gproxx.com/	4 KB 1 KB	95ms 95ms	Stylesheet text/css	139.99.176.244 OVH
General Check archive.org Show headers Download Go to Full URL https://www.gproxx.com/amazon-advertising.css Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-1.11.3.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.176.244 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip244.ip-139-99-176.net Software nginx / Resource Hash aef4dde6c4b9c7a205d399dd4f8ef3fe216ff6a5a8020201606c6d1b8d06a842 Request headers accept-language en-AU,en;q=0.9 Referer https://www.gproxx.com/https://login.adp.com/welcome User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 00:02:10 GMT content-encoding gzip last-modified Fri, 02 Jun 2017 11:52:39 GMT server nginx etag W/"59315187-1129" content-type text/css cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.gpedia.com

URL

https://www.gpedia.com/adserver/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=4&loc=https%3A%2F%2Fwww.gproxx.com%2Fhttps%3A%2F%2Flogin.adp.com%2Fwelcome&cb=c8b7285ee8

Domain

www.gpedia.com

URL

https://www.gpedia.com/adserver/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=4&loc=https%3A%2F%2Fwww.gproxx.com%2Fhttps%3A%2F%2Flogin.adp.com%2Fwelcome&cb=f5ac7ff0ca

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ADP (Online)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| org function| getQueryParamValue function| FlashObject function| SWFObject object| reviveAsync function| $ function| jQuery

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.gproxx.com/	1969-12-31 23:59:59	Name: BIGipServerp_login.adp.com_web Value: 217579531.37889.0000
			www.gproxx.com/	1969-12-31 23:59:59	Name: LP_JSESSIONID Value: 4289E504EDE486BF3B5A18B62001D090

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.gproxx.com/https://login.adp.com/resources/css/bootstrap.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gproxx.com/https://login.adp.com/resources/css/adp-css-framework.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gproxx.com/https://login.adp.com/resources/css/landing.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gproxx.com/https://login.adp.com/resources/css/font-awesome.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gproxx.com/https://login.adp.com/resources/css/style.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gproxx.com/https://login.adp.com/resources/css/sandbox.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gproxx.com/https://login.adp.com/resources/adp-com-css/-/media/adp2018/main/css-main-logins.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gproxx.com/https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gproxx.com/https://login.adp.com/resources/adp-com-css/-/media/adp2018/main/js-main-logins.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gproxx.com/https://login.adp.com/resources/js/bootstrap.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gproxx.com/https://cdn.evgnet.com/beacon/adpinc/prod/scripts/evergage.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gproxx.com/https://www.googletagmanager.com/gtm.js?id=GTM-TDW7JFQ&gtm_auth=SkWbFomXC0rxfehHh8-Ilw&gtm_preview=env-5&gtm_cookies_win=x Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gproxx.com/https://ws.audioeye.com/ae.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
www.gpedia.com
www.gproxx.com
www.gpedia.com
139.99.176.244
69.16.175.10
022c8f2a59e615543a78e989bc5976f604fc01969eddd76f340dd36ca81a49dc
10522baae2487fc01989a107312a2b8d3fb97ebbbdce612d46d83eafb3232f6f
21ec5ed5f23a2d8b5fa198fdb51d45759d17f93193e5d5730b1f19439e4749d7
7c2eb23fd049142f76dd00ce9aec91ea9bd65a38e1f16e17d52f6760d4a9bcc7
7f4ffe55a70fa7e16d557d27ec23e7eda6e203c409ec29cfdbac1831d2525c11
95643823fb7788413f6a410cef8b6ef248a8751fcce6971bd1ad18c129a5abda
aef4dde6c4b9c7a205d399dd4f8ef3fe216ff6a5a8020201606c6d1b8d06a842
b1238a1eec99d808277aca6dd2a1752dbb6f02ce6071a132c860dac995fa7474
cfdc387b0ea23baafa1f67e6606237c0e8ef0e3d92e2dee6f857148852a6a42a
df7069893e99a7ab00720402ec3249023ea35ef37fe7c20d856a8bfd31a0e1b1
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f1a1ebb7a2adc60302828b1ab6cd885659c2cbf86231916136b94502602c8d4e