![](/screenshots/8f49ad89-d196-4f39-822d-e662e7d56ea3.png)
onedrive.jiuge.workers.dev
Open in
urlscan Pro
2606:4700:3037::ac43:996e
Public Scan
Submission Tags: @phishunt_io
Submission: On October 02 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on October 2nd 2023. Valid for: 3 months.
This is the only time onedrive.jiuge.workers.dev was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2606:4700:303... 2606:4700:3037::ac43:996e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
9 | 47.246.48.225 47.246.48.225 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
12 | 3 |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
s0.pstatp.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
pstatp.com
s0.pstatp.com — Cisco Umbrella Rank: 308823 |
103 KB |
1 |
workers.dev
onedrive.jiuge.workers.dev |
10 KB |
0 |
danilelxp.com
Failed
www.danilelxp.com Failed |
|
12 | 3 |
Domain | Requested by | |
---|---|---|
9 | s0.pstatp.com |
onedrive.jiuge.workers.dev
s0.pstatp.com |
1 | onedrive.jiuge.workers.dev | |
0 | www.danilelxp.com Failed |
onedrive.jiuge.workers.dev
|
12 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
jiuge.workers.dev GTS CA 1P5 |
2023-10-02 - 2023-12-31 |
3 months | crt.sh |
*.pstatp.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2023-06-30 - 2024-07-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://onedrive.jiuge.workers.dev/
Frame ID: DBD6394ADBDB3B95E3C7A644085749EF
Requests: 12 HTTP requests in this frame
Screenshot
![](/screenshots/8f49ad89-d196-4f39-822d-e662e7d56ea3.png)
Detected technologies
![](/vendor/wappa/icons/Highlight.js.png)
Detected patterns
- /(?:([\d.])+/)?highlight(?:\.min)?\.js
Detected patterns
- /marked(?:\.min)?\.js
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
onedrive.jiuge.workers.dev/ |
56 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ionicons.js
s0.pstatp.com/cdn/expire-1-M/ionicons/4.5.6/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
aliyun-web-office-sdk.min.js
www.danilelxp.com/wp-content/themes/Giligili/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
marked.min.js
s0.pstatp.com/cdn/expire-1-M/marked/0.6.2/ |
23 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
highlight.min.js
s0.pstatp.com/cdn/expire-1-M/highlight.js/9.15.6/ |
48 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
github.min.css
s0.pstatp.com/cdn/expire-1-M/highlight.js/9.15.6/styles/ |
871 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
github-markdown.min.css
s0.pstatp.com/cdn/expire-1-M/github-markdown-css/3.0.1/ |
15 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
s0.pstatp.com/cdn/expire-1-M/jquery/3.4.0/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.fancybox.min.js
s0.pstatp.com/cdn/expire-1-M/fancybox/3.5.7/ |
67 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.fancybox.min.css
s0.pstatp.com/cdn/expire-1-M/fancybox/3.5.7/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
icon-red.png
www.danilelxp.com/wp-content/uploads/2021/12/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ionicons.a4dtotlf.js
s0.pstatp.com/cdn/expire-1-M/ionicons/4.5.6/ionicons/ |
15 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.danilelxp.com
- URL
- https://www.danilelxp.com/wp-content/themes/Giligili/js/aliyun-web-office-sdk.min.js
- Domain
- www.danilelxp.com
- URL
- https://www.danilelxp.com/wp-content/uploads/2021/12/icon-red.png
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| GLOBAL_CONFIG object| ionicons object| s-apps object| s-defined0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
onedrive.jiuge.workers.dev
s0.pstatp.com
www.danilelxp.com
www.danilelxp.com
2606:4700:3037::ac43:996e
47.246.48.225
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
1db82218730bc476779240228b1caf9da69914d8cd58b60a0ff406e8f59a40f7
2a90be7d972a964c84f33ba2fb9a70c4638beef908f86c2a5d9014aa00cf89b4
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
6984dd52b9fa3b0d430e08792537376831a79e3bb8f32ff573cb357609183d0f
6c41c32ecb51d0915e1f1e1295807da813ce461d851e819c3e8a8cc2d385137d
88099637cb9a51d37a63d1427fcb2b41daf1dde555c28b89e50b448b2b9343a0
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
db278c19ab7a7638b9ef72b85a4d8be19fe7239e34bf99e8c1f4998cf83744e2
f437bc9c4e2692469f45dbf7990cdb2b67107aa5e61a889db76174331085dee3