celcomwsgdemo.sanjay6326.workers.dev

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 5 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is celcomwsgdemo.sanjay6326.workers.dev.
TLS certificate: Issued by WE1 on October 24th 2024. Valid for: 3 months.

This is the only time celcomwsgdemo.sanjay6326.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.3.246 104.21.3.246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.131.95 172.67.131.95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	3

3 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

celcomwsgdemo.sanjay6326.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.3.246 (None, )

ASN13335 (CLOUDFLARENET, US)

omni.oren.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.131.95 (United States)

ASN13335 (CLOUDFLARENET, US)

omni.oren.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	workers.dev celcomwsgdemo.sanjay6326.workers.dev	200 KB
2	oren.chat omni.oren.chat	10 KB
5	2

	Domain	Requested by
3	celcomwsgdemo.sanjay6326.workers.dev	celcomwsgdemo.sanjay6326.workers.dev
2	omni.oren.chat	celcomwsgdemo.sanjay6326.workers.dev omni.oren.chat
5	2

This site contains no links.

Subject Issuer	Validity	Valid
sanjay6326.workers.dev WE1	`2024-10-24` - `2025-01-22`	3 months	crt.sh
oren.chat WE1	`2024-10-12` - `2025-01-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://celcomwsgdemo.sanjay6326.workers.dev/
Frame ID: CFB672CD333BAC39BFBB30AFF8FCDF90
Requests: 4 HTTP requests in this frame

Frame: https://omni.oren.chat/widget?website_token=zNDG4harDSteyitK23X68FnG
Frame ID: 1FF9A343E0F3C68B36A95EA583EA9C35
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WSG Celcom Bot Demo

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

3
Countries

211 kB
Transfer

228 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
celcomwsgdemo.sanjay6326.workers.dev/ 4 KB
2 KB 126ms
27ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://celcomwsgdemo.sanjay6326.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5777423ad2ba91f04623f474b27074dcf6e504c7a31849bca453bd4d10aca75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 8e82cb3acd259fca-AMS
content-encoding: zstd
content-type: text/html
date: Mon, 25 Nov 2024 15:50:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PbvFqo1Gei2AYTwcK4KdwYcxfubbt1TJVZ2EHFUz4RTJ08Sy%2B370Ol5SK23IOVvOmYu7JBqY9JntfzNRuuGRISMEuDa4tqrhn%2BEX9HQfEvL45i1XScC1ypIjSzD88Zj8CTR5tSfkWF9O59aBWbS1Htnei5IHSV4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=14647&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4165&recv_bytes=4417&delivery_rate=161159&cwnd=12000&unsent_bytes=0&cid=89230bdf30857090&ts=92&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3 200 sdk.js Show response
omni.oren.chat/packs/js/ 27 KB
10 KB 905ms
219ms Script
application/javascript 104.21.3.246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.oren.chat/packs/js/sdk.js

Requested by

Host: celcomwsgdemo.sanjay6326.workers.dev
URL: https://celcomwsgdemo.sanjay6326.workers.dev/

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

104.21.3.246 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e03b3e1555b0e19bb14a3f7563504d8f4bb1580346749132e2d7a0f2447cbd4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://celcomwsgdemo.sanjay6326.workers.dev/

Response headers

strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=31556952
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QE%2BZAllVXY5vsvjuVwSprxJTKB0nnTUd0uD7abEr4xRTKpwvSpLdWSIraJjSzAa5IiNlpaypQV6lVPhNAigW523j5qMEIZOH34rWbL%2B9CL1eWxOnoTTlRjxWNCCH%2FCCKtw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e82cb44d93a3c98-CDG
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24673&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4259&recv_bytes=4434&delivery_rate=547&cwnd=12000&unsent_bytes=0&cid=813b7b52d6a0bb61&ts=858&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 15:50:22 GMT
content-type: application/javascript
last-modified: Fri, 25 Oct 2024 20:47:11 GMT
vary: Origin
server: cloudflare

GET
H3 200 mybake.png
celcomwsgdemo.sanjay6326.workers.dev/ 197 KB
197 KB 740ms
739ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://celcomwsgdemo.sanjay6326.workers.dev/mybake.png
Requested by: Host: celcomwsgdemo.sanjay6326.workers.dev
URL: https://celcomwsgdemo.sanjay6326.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20bcd04ef3917c085f79609c5f20dc40a027da73ad98cc9b46df7e8535770a66

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://celcomwsgdemo.sanjay6326.workers.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "39695477d402c9f0fcc2a8039c764d50"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4rWx%2FCG8tJeV2gJPDTttWLtsiRUiAKHgs6VHJSXcoZA7yHCwV9t65g2PXPBAuxKp6tFgARMiw1iDUX2jPYkoQbz%2BbA6uL1SBYfOcjcZDa5Azc6AyvdTmWPeWVsuc0U2Tp8LPogkJJ83xagvaC9VIJNYRFEz1tC8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e82cb4098869fca-AMS
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14427&sent=16&recv=13&lost=0&retrans=0&sent_bytes=6678&recv_bytes=4959&delivery_rate=211056&cwnd=12000&unsent_bytes=0&cid=89230bdf30857090&ts=1735&x=1", cfHdrFlush;dur=0
content-length: 201346
date: Mon, 25 Nov 2024 15:50:22 GMT
content-type: image/jpeg
last-modified: Mon, 25 Nov 2024 10:08:21 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 widget
omni.oren.chat/ Frame 1FF9 0
0 370ms
357ms Document
text/html 172.67.131.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.oren.chat/widget?website_token=zNDG4harDSteyitK23X68FnG

Requested by

Host: omni.oren.chat
URL: https://omni.oren.chat/packs/js/sdk.js

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

172.67.131.95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://celcomwsgdemo.sanjay6326.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8e82cb49ccfa1afc-AMS
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Mon, 25 Nov 2024 15:50:23 GMT
link: <https://d2m492rv5lc76k.cloudfront.net/vite/assets/widget-D9YzTf8-.js>; rel=modulepreload; as=script; crossorigin=anonymous; nopush,<https://d2m492rv5lc76k.cloudfront.net/vite/assets/widget-K6U-UUUD.css>; rel=preload; as=style; nopush,<https://d2m492rv5lc76k.cloudfront.net/vite/assets/Spinner-BEUeMke2.css>; rel=preload; as=style; nopush,<https://d2m492rv5lc76k.cloudfront.net/vite/assets/Branding-snHbT51t.css>; rel=preload; as=style; nopush
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q80biLYay4MvSchfF2ZiXZJnJ2YaRmckiaTWXM8sa1ISb55A3X2663J27RUnCJ6pN1eoic1eqxasLyfy7BwOy42jD3GiWYF0XokdpwrsURKr%2Bl6eDQVBT4ASbwSxWFLJFw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=15107&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4485&recv_bytes=4542&delivery_rate=7561&cwnd=12000&unsent_bytes=0&cid=4a4100d2ed415a20&ts=366&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=0; includeSubDomains; preload
vary: accept-encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 0199bff8-1f74-4668-863d-f7481ded074c
x-runtime: 0.098977
x-xss-protection: 0

GET
H3 404 favicon.ico
celcomwsgdemo.sanjay6326.workers.dev/ 9 B
605 B 28ms
28ms Other
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://celcomwsgdemo.sanjay6326.workers.dev/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3ebaa16dd9d9b9fc107c42183fb6cf9d22927e1af03dbbdfa0ccc38e4e4ac31

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://celcomwsgdemo.sanjay6326.workers.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kpq2Y3%2Fs4xRMRF6HuirWZMdqJyjOnESnqZ%2FouG1Oq0%2B5h6oJS3Bdepyzfb7TVDkanymbJNYjgnlyDmSb1dcXnTbBWEnJtN2UJxSbhY9dpNjv6gNQPs7MU9xIHxzg6%2Fmoc2uOkQt3AbK9Af0WKMH%2FhmJd3uw%2BRJw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e82cb6008b89fca-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17900&sent=195&recv=70&lost=0&retrans=0&sent_bytes=213370&recv_bytes=7934&delivery_rate=862203&cwnd=82200&unsent_bytes=0&cid=89230bdf30857090&ts=6048&x=1", cfHdrFlush;dur=0
content-length: 9
date: Mon, 25 Nov 2024 15:50:26 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			celcomwsgdemo.sanjay6326.workers.dev/	1970-01-21 10:01:25	Name: cw_conversation Value: eyJhbGciOiJIUzI1NiJ9.eyJzb3VyY2VfaWQiOiI2MDkwYjkzZi1iYmMzLTQ4OWMtYjYyMC0xMGNhODlmMzZkNTYiLCJpbmJveF9pZCI6MTU1fQ.4k6v8aAv9VNt-H7b-WBTFUvWWrantDiC26QJF1tswyk

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://celcomwsgdemo.sanjay6326.workers.dev/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

celcomwsgdemo.sanjay6326.workers.dev
omni.oren.chat
104.21.3.246
172.67.131.95
188.114.97.3
20bcd04ef3917c085f79609c5f20dc40a027da73ad98cc9b46df7e8535770a66
b5777423ad2ba91f04623f474b27074dcf6e504c7a31849bca453bd4d10aca75
e03b3e1555b0e19bb14a3f7563504d8f4bb1580346749132e2d7a0f2447cbd4f
e3ebaa16dd9d9b9fc107c42183fb6cf9d22927e1af03dbbdfa0ccc38e4e4ac31

celcomwsgdemo.sanjay6326.workers.dev Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

3 Countries

211 kBTransfer

228 kBSize

1 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

celcomwsgdemo.sanjay6326.workers.dev Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

3
Countries

211 kB
Transfer

228 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions