gsuite-user-auto-create.pages.dev Open in urlscan Pro
2606:4700:3033::6815:44c2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gsuite-user-auto-create.pages.dev/
Submission: On May 08 via automatic, source certstream-suspicious (May 8th 2021, 1:34:43 am UTC)

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3033::6815:44c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is gsuite-user-auto-create.pages.dev.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2021. Valid for: a year.

This is the only time gsuite-user-auto-create.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3033::6815:44c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	47.246.43.252 47.246.43.252	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	2a09:7:1000:f... 2a09:7:1000:ffff:ffff:ffff:ffff:cafe	24013 (SB SB Pro...) (SB SB Professional Services)
8	3

5 2606:4700:3033::6815:44c2 (United States)

ASN13335 (CLOUDFLARENET, US)

gsuite-user-auto-create.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.43.252 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

at.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a09:7:1000:ffff:ffff:ffff:ffff:cafe (Estonia)

ASN24013 (SB SB Professional Services, SB)

i.loli.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	pages.dev gsuite-user-auto-create.pages.dev	205 KB
2	loli.net i.loli.net	2 MB
1	alicdn.com at.alicdn.com	4 KB
8	3

	Domain	Requested by
5	gsuite-user-auto-create.pages.dev	gsuite-user-auto-create.pages.dev
2	i.loli.net	gsuite-user-auto-create.pages.dev
1	at.alicdn.com	gsuite-user-auto-create.pages.dev
8	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-08` - `2022-05-07`	a year	crt.sh
*.alicdn.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-08-11` - `2021-08-12`	a year	crt.sh
*.loli.net AlphaSSL CA - SHA256 - G2	`2020-10-27` - `2021-11-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://gsuite-user-auto-create.pages.dev/
Frame ID: 78E82B1B45F21887EC6315B6FECAB81E
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ant Design (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

8
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

2428 kB
Transfer

3231 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gsuite-user-auto-create.pages.dev/ 2 KB
2 KB 50ms
33ms Document
text/html 2606:4700:3033::6815:44c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gsuite-user-auto-create.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:44c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 465c5ceb778e56eab453cf800fd4448468761e8850c7484a13814c7cb23e9f94

Request headers

:method: GET
:authority: gsuite-user-auto-create.pages.dev
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 01:34:05 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=daacfe3b1a5a750e13c0f09ed3ceb850d1620437645; expires=Mon, 07-Jun-21 01:34:05 GMT; path=/; domain=.gsuite-user-auto-create.pages.dev; HttpOnly; SameSite=Lax; Secure
cache-control: public, max-age=0, must-revalidate
etag: W/"871cd16e6896929fcd8f5e1de2036416"
cf-cache-status: MISS
cf-request-id: 09eb3550430000d6e980ac2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gjOV%2FXgW%2B9LCFA9kGlT8ARi0R0p%2FuNpN%2BCzy0ALLa9I9%2B7Tsgi5WFYFJsycEK5pg%2Bsvo4OM6w4D1GCJV9MG2GNXGK6gCbnRja4VfDLgTsyEffCDxM9J5tV7iVddYdS2BpjuBYpvPMtPcc25CMyk%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 64bef1939e24d6e9-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 2.9283591b.chunk.css
gsuite-user-auto-create.pages.dev/static/css/ 510 KB
58 KB 451ms
442ms Stylesheet
text/css 2606:4700:3033::6815:44c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gsuite-user-auto-create.pages.dev/static/css/2.9283591b.chunk.css
Requested by: Host: gsuite-user-auto-create.pages.dev
URL: https://gsuite-user-auto-create.pages.dev/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:44c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f82561601d95862d1c892dcf990e0997d11928a113c6c62037bf38c0e9aad93

Request headers

:path: /static/css/2.9283591b.chunk.css
pragma: no-cache
cookie: __cfduid=daacfe3b1a5a750e13c0f09ed3ceb850d1620437645
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: gsuite-user-auto-create.pages.dev
referer: https://gsuite-user-auto-create.pages.dev/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gsuite-user-auto-create.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 01:34:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"7fcf051e9fb33e6617bb127ba43d747e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1zpRopbxrc7Vpa8Ljnb%2Bf3BeoLkUNpH0AxvFJunsRkLR1sMpKLEwVgfYyyA1OdJGINqADHrrd0uHEgpW3w7G6hkKXiZA%2BwVCkhnaZDvmlw7CyOYlN%2B4d2qdnoDUgtR7lcVppKWR29nzoT7GhB3g%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
cache-control: public, max-age=0, must-revalidate
cf-ray: 64bef193ebbe4e43-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09eb35507000004e43c49f3000000001

GET
H3-29 200 main.301b691d.chunk.css
gsuite-user-auto-create.pages.dev/static/css/ 589 B
854 B 295ms
286ms Stylesheet
text/css 2606:4700:3033::6815:44c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gsuite-user-auto-create.pages.dev/static/css/main.301b691d.chunk.css
Requested by: Host: gsuite-user-auto-create.pages.dev
URL: https://gsuite-user-auto-create.pages.dev/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:44c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01b1023d241b373b733b934e96365850649a6d8f8fa3772ebb9eba91cca871bb

Request headers

:path: /static/css/main.301b691d.chunk.css
pragma: no-cache
cookie: __cfduid=daacfe3b1a5a750e13c0f09ed3ceb850d1620437645
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: gsuite-user-auto-create.pages.dev
referer: https://gsuite-user-auto-create.pages.dev/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gsuite-user-auto-create.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 01:34:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"463bae749acc88dd34b267231feece0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3MZoFtJhtNCQFJ5SgUwC4AWHIBtnsJMJ1tnJUK74fyzm899OiXn1svmDT3fV%2BVx94ozDl4CsSjNZDUSD3TNWEhXm7IdKalFG0oc1TaDTS1iJrGMKZosNcKk4BDVV2I3pY9czUgSz2ggPFuQWFXY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
cache-control: public, max-age=0, must-revalidate
cf-ray: 64bef193ebc24e43-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09eb35507100004e431a1aa000000001

GET
H3-29 200 2.08befd76.chunk.js Show response
gsuite-user-auto-create.pages.dev/static/js/ 487 KB
143 KB 433ms
423ms Script
application/javascript 2606:4700:3033::6815:44c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gsuite-user-auto-create.pages.dev/static/js/2.08befd76.chunk.js
Requested by: Host: gsuite-user-auto-create.pages.dev
URL: https://gsuite-user-auto-create.pages.dev/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:44c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d59e419b7f9d606d678356123217f302f48eb9d746748e3c8f98478b1704c71

Request headers

:path: /static/js/2.08befd76.chunk.js
pragma: no-cache
cookie: __cfduid=daacfe3b1a5a750e13c0f09ed3ceb850d1620437645
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gsuite-user-auto-create.pages.dev
referer: https://gsuite-user-auto-create.pages.dev/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gsuite-user-auto-create.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 01:34:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"450747507ced9d37308fb43c62931d5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=im6k%2Fup6L24Z%2BNg7R%2FXENp5pvGsWKTJtbtq4%2BIdhf03%2FJbQ%2Flx7n3FfbACfjGUBZw6ARe8erG16t19hFoZ%2FzVustF1x9eSRr9nb2jiCFFik8XxPlrVDZOSop0613fevV08AEh7weiqbzuORJsBA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: public, max-age=0, must-revalidate
cf-ray: 64bef193ebc04e43-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09eb35507100004e43edace000000001

GET
H3-29 200 main.a21d3a62.chunk.js Show response
gsuite-user-auto-create.pages.dev/static/js/ 7 KB
3 KB 350ms
341ms Script
application/javascript 2606:4700:3033::6815:44c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gsuite-user-auto-create.pages.dev/static/js/main.a21d3a62.chunk.js
Requested by: Host: gsuite-user-auto-create.pages.dev
URL: https://gsuite-user-auto-create.pages.dev/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:44c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0733c0107e681e41da089e01fb10764bda6aa6ccc443b70260025326f229e56

Request headers

:path: /static/js/main.a21d3a62.chunk.js
pragma: no-cache
cookie: __cfduid=daacfe3b1a5a750e13c0f09ed3ceb850d1620437645
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gsuite-user-auto-create.pages.dev
referer: https://gsuite-user-auto-create.pages.dev/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gsuite-user-auto-create.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 01:34:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3e3ca4e378a25e01aa0034e6a54ebabd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KoQgRtBT1JSvR6wWeqzVX9jZxlOeES8eYBYLcKtGfiOiKFIdjhoCWCjYezH3uYexxaeIt6vMPY7%2BKXgRnRc9sEXz9tcQ1f3xCHklQaMmwLEhpi3CDIh1aKE0yy6U8pwN6yUxwLngz%2Bzp%2BvqMwHY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: public, max-age=0, must-revalidate
cf-ray: 64bef193ebbf4e43-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09eb35507100004e432d276000000001

GET
H2 200 font_2344266_q4e9zpytr8a.js Show response
at.alicdn.com/t/ 9 KB
4 KB 163ms
29ms Script
application/javascript 47.246.43.252
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://at.alicdn.com/t/font_2344266_q4e9zpytr8a.js
Requested by: Host: gsuite-user-auto-create.pages.dev
URL: https://gsuite-user-auto-create.pages.dev/static/js/2.08befd76.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.43.252 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: ccf840a8111e6bfa03a1dd2535ba3648170127235c07e442ca68312dbd23a29e

Request headers

Referer: https://gsuite-user-auto-create.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 06:08:52 GMT
content-encoding: gzip
x-oss-request-id: 600BBD749DDDB0323207D9FD
content-md5: sto6JZX1YenMlmt7YhxwJQ==
age: 9055514
x-cache: HIT TCP_HIT dirn:10:282875942
x-swift-cachetime: 56482426
x-swift-savetime: Fri, 09 Apr 2021 12:35:06 GMT
content-length: 3307
x-oss-object-type: Normal
access-control-allow-origin: *
last-modified: Fri, 22 Jan 2021 10:24:48 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1611382132
content-type: application/javascript
via: cache35.l2ot7-1[0,200-0,H], cache20.l2ot7-1[0,0], cache1.de2[0,0,200-0,H], cache5.de2[1,0]
cache-control: max-age=63072000
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 6461208823429248349
eagleid: 2ff62b9916204376460664777e
x-oss-server-time: 39

GET
H2 200 Rgv3xJAVYN4n9Za.png
i.loli.net/2020/01/22/ 2 MB
2 MB 84ms
45ms Image
image/png 2a09:7:1000:ffff:ffff:ffff:ffff:cafe
SB SB Professiona...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.loli.net/2020/01/22/Rgv3xJAVYN4n9Za.png

Requested by

Host: gsuite-user-auto-create.pages.dev
URL: https://gsuite-user-auto-create.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a09:7:1000:ffff:ffff:ffff:ffff:cafe , Estonia, ASN24013 (SB SB Professional Services, SB),

Reverse DNS

Software

nginx /

Resource Hash

c44ad540a8a6b547dad81e68884e0e2ab072179b6b134e149a6020b778147556

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gsuite-user-auto-create.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-server: cdn-fra
date: Sat, 08 May 2021 01:34:05 GMT
x-content-type-options: nosniff
x-cdn-cache: HIT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 2260661
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jan 2020 15:55:49 GMT
server: nginx
etag: "5e287085-227eb5"
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 GK2zyeg9XRlZIw7.png
i.loli.net/2020/05/31/ 9 KB
9 KB 31ms
31ms Image
image/png 2a09:7:1000:ffff:ffff:ffff:ffff:cafe
SB SB Professiona...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.loli.net/2020/05/31/GK2zyeg9XRlZIw7.png

Requested by

Host: gsuite-user-auto-create.pages.dev
URL: https://gsuite-user-auto-create.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a09:7:1000:ffff:ffff:ffff:ffff:cafe , Estonia, ASN24013 (SB SB Professional Services, SB),

Reverse DNS

Software

nginx /

Resource Hash

8a8a970aebfec827c24f880bf8e1adcf9d55ebc98f57b771f98de9f4769c444b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gsuite-user-auto-create.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-server: cdn-fra
date: Sat, 08 May 2021 01:34:06 GMT
x-content-type-options: nosniff
x-cdn-cache: HIT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 8953
x-xss-protection: 1; mode=block
last-modified: Sun, 31 May 2020 12:15:55 GMT
server: nginx
etag: "5ed39ffb-22f9"
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.gsuite-user-auto-create.pages.dev/	1970-01-19 18:50:29	Name: __cfduid Value: daacfe3b1a5a750e13c0f09ed3ceb850d1620437645

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.alicdn.com
gsuite-user-auto-create.pages.dev
i.loli.net
2606:4700:3033::6815:44c2
2a09:7:1000:ffff:ffff:ffff:ffff:cafe
47.246.43.252
01b1023d241b373b733b934e96365850649a6d8f8fa3772ebb9eba91cca871bb
465c5ceb778e56eab453cf800fd4448468761e8850c7484a13814c7cb23e9f94
6d59e419b7f9d606d678356123217f302f48eb9d746748e3c8f98478b1704c71
7f82561601d95862d1c892dcf990e0997d11928a113c6c62037bf38c0e9aad93
8a8a970aebfec827c24f880bf8e1adcf9d55ebc98f57b771f98de9f4769c444b
c44ad540a8a6b547dad81e68884e0e2ab072179b6b134e149a6020b778147556
ccf840a8111e6bfa03a1dd2535ba3648170127235c07e442ca68312dbd23a29e
e0733c0107e681e41da089e01fb10764bda6aa6ccc443b70260025326f229e56

gsuite-user-auto-create.pages.dev Open in urlscan Pro 2606:4700:3033::6815:44c2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

2428 kBTransfer

3231 kBSize

1 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

1 Cookies

Indicators

gsuite-user-auto-create.pages.dev Open in urlscan Pro
2606:4700:3033::6815:44c2 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

2428 kB
Transfer

3231 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions