urlscan.io logo urlscan.io
SecurityTrails logo

a.d72f6d86b3ee6c4eba71d631183243da.workers.dev Open in urlscan Pro
2606:4700:3035::ac43:deee  Public Scan

Go To Rescan Add Verdict Report
URL: https://a.d72f6d86b3ee6c4eba71d631183243da.workers.dev/
Submission: On August 23 via automatic, source links-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 6 HTTP transactions. The main IP is 2606:4700:3035::ac43:deee, located in United States and belongs to CLOUDFLARENET, US. The main domain is a.d72f6d86b3ee6c4eba71d631183243da.workers.dev.
TLS certificate: Issued by WE1 on August 15th 2024. Valid for: 3 months.
This is the only time a.d72f6d86b3ee6c4eba71d631183243da.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 43.156.222.119 132203 (TENCENT-N...)
1 43.152.137.72 139341 (ACE-AS-AP...)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2620:1ec:bdf::44 8075 (MICROSOFT...)
1 43.152.26.221 139341 (ACE-AS-AP...)
6 6
1    2606:4700:3035::ac43:deee (United States)

ASN13335 (CLOUDFLARENET, US)
a.d72f6d86b3ee6c4eba71d631183243da.workers.dev
1    43.156.222.119 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
ca.turing.captcha.qcloud.com
1    43.152.137.72 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
global.turing.captcha.gtimg.com
1    2a02:26f0:7100::687e:2531 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
res.cdn.office.net
1    2620:1ec:bdf::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
1    43.152.26.221 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
global.turing.captcha.gtimg.com
Apex Domain
Subdomains		 Transfer
2 gtimg.com
global.turing.captcha.gtimg.com — Cisco Umbrella Rank: 458639
66 KB
1 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 2218
17 KB
1 office.net
res.cdn.office.net — Cisco Umbrella Rank: 405
3 MB
1 qcloud.com
ca.turing.captcha.qcloud.com — Cisco Umbrella Rank: 435074
34 KB
1 workers.dev
a.d72f6d86b3ee6c4eba71d631183243da.workers.dev
3 KB
6 5
Domain Requested by
2 global.turing.captcha.gtimg.com ca.turing.captcha.qcloud.com
global.turing.captcha.gtimg.com
1 aadcdn.msauth.net
1 res.cdn.office.net a.d72f6d86b3ee6c4eba71d631183243da.workers.dev
1 ca.turing.captcha.qcloud.com a.d72f6d86b3ee6c4eba71d631183243da.workers.dev
1 a.d72f6d86b3ee6c4eba71d631183243da.workers.dev
6 5

This site contains no links.

Subject Issuer Validity Valid
d72f6d86b3ee6c4eba71d631183243da.workers.dev
WE1		 2024-08-15 -
2024-11-13		 3 months crt.sh
*.turing.captcha.qcloud.com
DigiCert Secure Site CN CA G3		 2024-03-27 -
2025-04-27		 a year crt.sh
*.turing.captcha.gtimg.com
DigiCert Secure Site CN CA G3		 2024-02-20 -
2025-03-22		 a year crt.sh
*.res.outlook.com
DigiCert SHA2 Secure Server CA		 2024-02-20 -
2025-02-20		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2024-07-30 -
2025-07-30		 a year crt.sh

This page contains 2 frames:

Primary Page: https://a.d72f6d86b3ee6c4eba71d631183243da.workers.dev/
Frame ID: AC98AF0ACD614D99203670E50B33477E
Requests: 5 HTTP requests in this frame

Frame: https://global.turing.captcha.gtimg.com/template/drag_ele_global.html
Frame ID: 65C558137115A506784406B3C69FA97C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account企业邮箱_电话会议-263云通信

Page Statistics

6
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

2744 kB
Transfer

2964 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
a.d72f6d86b3ee6c4eba71d631183243da.workers.dev/ 		14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.d72f6d86b3ee6c4eba71d631183243da.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:deee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a403e8f8c371d9be40c633abaeda103104d4ed60dd67e5d9d92a5b88bb5d729

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
8b76f47a6a1b0ea9-AMS
content-encoding
br
content-type
text/html
date
Fri, 23 Aug 2024 00:23:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SePwi1ntwoe8yH3pH6KDyQ%2FCkjMrd7aKG4sn81rVVuHcB6K8pgIbuqeS9qs8L6WRI1eYfiuDtGN7MRgyl%2FDFS59HDX658ylVAhWefTdAXUVHEICB9%2FmQf6VGkevDdQzSA7X3Dx%2FWEY5%2FiQcfbU3nhA%2FIcwNNNKdl9HmY1Go9AGS1hjdYHzYggbgi%2BiV5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
TCaptcha-global.js
ca.turing.captcha.qcloud.com/ 		110 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.turing.captcha.qcloud.com/TCaptcha-global.js
Requested by
Host: a.d72f6d86b3ee6c4eba71d631183243da.workers.dev
URL: https://a.d72f6d86b3ee6c4eba71d631183243da.workers.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.156.222.119 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Trpc httpd, tencent http server /
Resource Hash
4e7bf3ab5ff849093979a3815a5bb90a9a57d0a574a3af893e8f9e9402c58b07

Request headers

Referer
https://a.d72f6d86b3ee6c4eba71d631183243da.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 23 Aug 2024 00:23:39 GMT
Content-Encoding
gzip
Server
Trpc httpd, tencent http server
Transfer-Encoding
chunked
P3P
CP=CAO PSA OUR
Content-Type
text/javascript
Cache-Control
max-age=600
Connection
keep-alive
tcaptcha-frame.a1213a25.js
global.turing.captcha.gtimg.com/ 		202 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.turing.captcha.gtimg.com/tcaptcha-frame.a1213a25.js
Requested by
Host: ca.turing.captcha.qcloud.com
URL: https://ca.turing.captcha.qcloud.com/TCaptcha-global.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.137.72 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
tencent-cos /
Resource Hash
7204cc740edef26b9c654950e9228ed787395a8208d9d65558e6c17063ccd6c8

Request headers

Referer
https://a.d72f6d86b3ee6c4eba71d631183243da.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 03:45:06 GMT
Content-Encoding
gzip
X-Cache-Lookup
Cache Hit
x-cosindex-replication-status
Complete
x-cos-storage-class
MAZ_STANDARD
x-cos-request-id
NjZjMmJmYzJfYzc3NWI3MDlfMTc1ZTRfMzQyZThkNQ==
Connection
keep-alive
Content-Length
66741
x-cos-hash-crc64ecma
6662088452498779804
Last-Modified
Tue, 23 Jul 2024 08:48:10 GMT
Server
tencent-cos
Etag
"bc154e83bb927000f6bd7e644d123266"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
X-NWS-LOG-UUID
1882467807488087126
Accept-Ranges
bytes
hero-rebrand-desktop-5dbef93a27.png
res.cdn.office.net/officehub/images/content/images/unauth-refresh/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cdn.office.net/officehub/images/content/images/unauth-refresh/hero-rebrand-desktop-5dbef93a27.png
Requested by
Host: a.d72f6d86b3ee6c4eba71d631183243da.workers.dev
URL: https://a.d72f6d86b3ee6c4eba71d631183243da.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:2531 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a331074ab513a0d0606050869ea08cec2119845e87562c00b507c438f9213c40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://a.d72f6d86b3ee6c4eba71d631183243da.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 00:23:39 GMT
akamai-cache-status
Hit from child
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing
clientrtt; dur=5, clienttt; dur=, origin; dur=0 , cdntime; dur=0
alt-svc
h3=":443"; ma=93600
content-length
2683533
last-modified
Mon, 30 Jan 2023 22:30:21 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.1c257e68.1724372619.50df8828&TotalRTCDNTime=5&CompressionType=&FileSize=2683533"}],"include_subdomains ":true}
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
c7a62b79-601e-0057-2845-3551a4000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
akamai-request-bc
[a=104.126.37.28,b=1356826664,c=g,n=DE_HE_FRANKFURT,o=20940]
timing-allow-origin
*
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msauth.net/shared/1.0/content/images/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

Referer
https://a.d72f6d86b3ee6c4eba71d631183243da.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 23 Aug 2024 00:23:40 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
17174
x-ms-lease-status
unlocked
last-modified
Sun, 18 Oct 2020 03:02:03 GMT
etag
0x8D8731230C851A6
x-azure-ref
20240823T002340Z-179d6ccbd554w7ffnxst2pq6ng00000005k000000000gdbn
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
c686ca02-a01e-007a-653e-f2a9a9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
drag_ele_global.html
global.turing.captcha.gtimg.com/template/ Frame 65C5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://global.turing.captcha.gtimg.com/template/drag_ele_global.html
Requested by
Host: global.turing.captcha.gtimg.com
URL: https://global.turing.captcha.gtimg.com/tcaptcha-frame.a1213a25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Trpc httpd tencent http server /
Resource Hash

Request headers

Referer
https://a.d72f6d86b3ee6c4eba71d631183243da.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Content-Encoding
gzip
Content-Length
34086
Content-Type
text/html
Date
Mon, 19 Aug 2024 03:43:49 GMT
P3P
CP=CAO PSA OUR
Pragma
No-cache
Server
Trpc httpd tencent http server
X-Cache-Lookup
Cache Hit
X-NWS-LOG-UUID
7286773302165772229

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| __TencentCaptchaExists__ boolean| TCaptchaGlobal string| AqSCodeCapDomain string| AqSCodeCdnDomain boolean| TCaptchaPreload function| TencentCaptcha function| callback function| loadErrorCallback function| TCapMsg function| AqSCode

0 Cookies

2 Console Messages

Source Level URL
Text
javascript warning URL: https://a.d72f6d86b3ee6c4eba71d631183243da.workers.dev/(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ca.turing.captcha.qcloud.com/TCaptcha-global.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://a.d72f6d86b3ee6c4eba71d631183243da.workers.dev/(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ca.turing.captcha.qcloud.com/TCaptcha-global.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.