urlscan.io logo urlscan.io
SecurityTrails logo

madmin.pages.dev Open in urlscan Pro
172.66.44.170  Public Scan

Go To Rescan Add Verdict Report
URL: https://madmin.pages.dev/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On October 16 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 14 HTTP transactions. The main IP is 172.66.44.170, located in United States and belongs to CLOUDFLARENET, US. The main domain is madmin.pages.dev.
TLS certificate: Issued by WE1 on October 16th 2024. Valid for: 3 months.
This is the only time madmin.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 172.66.44.170 13335 (CLOUDFLAR...)
1 172.64.147.238 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.161.82.54 16509 (AMAZON-02)
2 52.18.115.61 16509 (AMAZON-02)
14 6
8    172.66.44.170 (United States)

ASN13335 (CLOUDFLARENET, US)
madmin.pages.dev
1    172.64.147.238 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
unicons.iconscout.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    3.161.82.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-54.fra56.r.cloudfront.net
cdn.sematext.com
2    52.18.115.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-115-61.eu-west-1.compute.amazonaws.com
rum-receiver.eu.sematext.com
Apex Domain
Subdomains		 Transfer
8 pages.dev
madmin.pages.dev
1004 KB
3 sematext.com
cdn.sematext.com — Cisco Umbrella Rank: 542832
rum-receiver.eu.sematext.com
40 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
40 KB
1 iconscout.com
unicons.iconscout.com — Cisco Umbrella Rank: 72972
10 KB
14 4
Domain Requested by
8 madmin.pages.dev madmin.pages.dev
cdn.sematext.com
2 rum-receiver.eu.sematext.com cdn.sematext.com
1 cdn.sematext.com madmin.pages.dev
1 fonts.googleapis.com madmin.pages.dev
1 unicons.iconscout.com madmin.pages.dev
14 5

This site contains no links.

Subject Issuer Validity Valid
madmin.pages.dev
WE1		 2024-10-16 -
2025-01-14		 3 months crt.sh
iconscout.com
WE1		 2024-09-14 -
2024-12-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.sematext.com
Amazon RSA 2048 M03		 2024-03-06 -
2025-04-04		 a year crt.sh
*.eu.sematext.com
Amazon RSA 2048 M02		 2024-01-30 -
2025-02-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://madmin.pages.dev/
Frame ID: B21898C75D5068E2F692571472CF9B4F
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Munchies management panel

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

93 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

6
IPs

3
Countries

1094 kB
Transfer

4224 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
madmin.pages.dev/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://madmin.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.44.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4427d193c7aa90bf8a7e3be67c725ca8ffe050742ed9f46b28021ef5be9e0a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
8d3af60918820e62-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 16 Oct 2024 20:57:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GLnn6uPAkX0Pw4%2FT192qVmkDnvL06xKMuoLWCpbBmEiu%2FGU6rXqYAJz15Rl9xnhKQ7TW412ezAfNp3EQa%2BfSu4UooeCxxbIigGvw85Sc7dht1yB3N5AiIdL2QhiSKq0vEvVa"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-content-type-options
nosniff
speculation
madmin.pages.dev/cdn-cgi/ 		128 B
574 B 		Other
General
Check archive.org
Download Go to
Full URL
https://madmin.pages.dev/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.44.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://madmin.pages.dev
Referer
https://madmin.pages.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BPihjGWsPPXdBcv1EPCjj282Jh8Ya%2Brc6Vtb0uHvzS4Y2xYIlQOUpLCgIKf3aEUYEcUlxaZDkYvN8DASet3cLpKVJ1aEQS1hJXk4PN48T8oqFOH30T1KQIotJsEsylXy8cQm"}],"group":"cf-nel","max_age":604800}
cf-ray
8d3af609f9f50e62-MXP
access-control-allow-origin
https://madmin.pages.dev
alt-svc
h3=":443"; ma=86400
content-length
128
server-timing
cfExtPri
date
Wed, 16 Oct 2024 20:57:24 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
line.css
unicons.iconscout.com/release/v3.0.0/css/ 		56 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unicons.iconscout.com/release/v3.0.0/css/line.css
Requested by
Host: madmin.pages.dev
URL: https://madmin.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.147.238 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22ff898a14845b852d7a96f333cb3ea5134cd008bc01665d948e727ad0e850e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://madmin.pages.dev/

Response headers

content-encoding
gzip
cf-bgj
minify
etag
W/"f7bb978ee7bb23ddef038e456ffa1040"
x-amz-version-id
Mfp4KvdHVq22Oi.YGlXaWYu0ywyXXs_8
cf-cache-status
HIT
age
157427
expires
Thu, 16 Oct 2025 20:57:24 GMT
cf-polished
origSize=65054
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 20:57:24 GMT
content-type
text/css
last-modified
Wed, 12 Aug 2020 06:31:01 GMT
vary
Accept-Encoding
x-amz-id-2
V65c5TrW5AXNXZfZpLjzjjhm/fY/8ksk6sOEZny+mPUSxpj7pdCyqvyN5Z/aXuWBPnQRCBe6aGo=
x-amz-replication-status
REPLICA
cache-control
public, max-age=31536000
x-amz-request-id
ME7HM0YQR0RZBN38
cf-ray
8d3af60a4abd0dfa-MXP
server
cloudflare
x-amz-server-side-encryption
AES256
css2
fonts.googleapis.com/ 		171 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Dongle:wght@300;400;700&display=swap
Requested by
Host: madmin.pages.dev
URL: https://madmin.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d27bd545d69e128a1f3b9b5d3f6cf66b801eea5053ecc275891fc58c3dd68372
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://madmin.pages.dev/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 20:57:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 20:57:24 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 16 Oct 2024 20:57:24 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
main.6bcf058e.js
madmin.pages.dev/static/js/ 		3 MB
922 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://madmin.pages.dev/static/js/main.6bcf058e.js
Requested by
Host: madmin.pages.dev
URL: https://madmin.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.44.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
050d0f5e603480ea5ff518d1158d2831f93c444d5bb7bf8d3fdfde941e13ca51
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://madmin.pages.dev/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"bbc9629a18cc2598bc921905a93ae590"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WjM0vD8YbrgaXplj%2FAaN4gLW0A%2F0AZAMaQVlCJ6IXi%2BrKd5pVUEeWEsyautrsmLKBhvntHyYpsW2oYGpLPSV5xgDz8U5HHnfpcevrv10F%2Fq8hyg7VAwqQ%2B%2BkFZIn2IpdMYXb"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d3af60b4c0e0e62-MXP
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 20:57:25 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
main.28ee9c1e.css
madmin.pages.dev/static/css/ 		553 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://madmin.pages.dev/static/css/main.28ee9c1e.css
Requested by
Host: madmin.pages.dev
URL: https://madmin.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.44.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3269af606dafa6d3f1046c7867178285ddf7012d48a424477cb56687aa65d61
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://madmin.pages.dev/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"6c5ed0e40bab87483eddcc1195e636f3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3q%2FwFnZxwrhN1Ge00ISML%2F8RzKURDJ4VGz5FtMVqcRf25An2qnG20m%2FLcettI%2F4em1B42hrQ8joknHdohXYCmZgsnAJt95vtai%2B8wsPJyigHnat9na9x7Z9QKpCgNNHtjQcf"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d3af609f9fa0e62-MXP
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 20:57:24 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
cloudflare
experience.js
cdn.sematext.com/ 		147 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sematext.com/experience.js
Requested by
Host: madmin.pages.dev
URL: https://madmin.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-54.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a6ec3149369415d23d7925cdf7510535dd4decf69be53e53eb8d2425fd792ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://madmin.pages.dev/

Response headers

x-amz-cf-pop
FRA56-P10
content-encoding
gzip
etag
W/"6b50fe106591fd571714dfa1fd8b7dc7"
age
61499
via
1.1 ecc31e9f7b98bdd8a55967baa6e36ad8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
BOntvqH1_nkbKvYKSsPAInyfczwAHax-mZOCYehnmi34QDbVfN7SkQ==
date
Wed, 16 Oct 2024 03:52:27 GMT
content-type
application/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Mon, 27 Nov 2023 12:15:47 GMT
x-amz-server-side-encryption
AES256
2685352c-5960-46bb-a886-1238d9baa2bf
https://madmin.pages.dev/ 		0
0
/
madmin.pages.dev/socket.io/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://madmin.pages.dev/socket.io/?EIO=4&transport=polling&t=PAN7mQJ
Requested by
Host: cdn.sematext.com
URL: https://cdn.sematext.com/experience.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.44.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4427d193c7aa90bf8a7e3be67c725ca8ffe050742ed9f46b28021ef5be9e0a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Referer
https://madmin.pages.dev/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PUP%2FpUq83d80rZjTAaZbwpMtudnKfX8n1Sw9A%2B0Aqvr6vvBSKuuedacBLwhq%2BBDM%2BOWUD3%2BBfLdqcz%2F0Rj0dd38BNbAQMalKphS7SiYngwWFi3nmDiRpK60XX9aAv7VkYK14"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d3af6110ef20e62-MXP
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 20:57:26 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
f9ada6fb-378d-4a3c-ae4c-e6d95597da90
rum-receiver.eu.sematext.com/sampling/ 		0
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rum-receiver.eu.sematext.com/sampling/f9ada6fb-378d-4a3c-ae4c-e6d95597da90
Requested by
Host: cdn.sematext.com
URL: https://cdn.sematext.com/experience.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.115.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-115-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://madmin.pages.dev/

Response headers

x-sematext-experience-sampling-nextevent
true
access-control-max-age
1728000
access-control-expose-headers
*
x-sematext-experience-sampling-active
false
x-sematext-experience-app-active
false
x-sematext-experience-sampling-percentage
100
access-control-allow-methods
OPTIONS, HEAD, GET, POST, PUT, DELETE
access-control-allow-origin
*
date
Wed, 16 Oct 2024 20:57:26 GMT
access-control-allow-headers
X-Requested-With, Content-Type, Content-Length
favicon.webp
madmin.pages.dev/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://madmin.pages.dev/favicon.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.44.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51c1657a6860cfa76f3163ef6d7b0d6b18c479f9c66150a7ae1ce5fb6deab5f2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://madmin.pages.dev/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
"ced2412e3027c52bdebaef16618a0b47"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ukCtT37ORwCJiJKotq7HtshFENHAFIli5lYIh14M31GZ60NZSWpnA5uEfrH8GIuCj8ThBgMpsWjHmLw4BKLuq2ezHnDZJOIprrhxxtjmmWzCiwBLmnTpiUsD1aboq60GH36Y"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d3af6113f650e62-MXP
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
2460
server-timing
cfExtPri
date
Wed, 16 Oct 2024 20:57:26 GMT
content-type
image/webp
vary
Accept-Encoding
server
cloudflare
f9ada6fb-378d-4a3c-ae4c-e6d95597da90
rum-receiver.eu.sematext.com/sampling/ 		0
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rum-receiver.eu.sematext.com/sampling/f9ada6fb-378d-4a3c-ae4c-e6d95597da90
Requested by
Host: cdn.sematext.com
URL: https://cdn.sematext.com/experience.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.115.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-115-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://madmin.pages.dev/

Response headers

x-sematext-experience-sampling-nextevent
true
access-control-max-age
1728000
access-control-expose-headers
*
x-sematext-experience-sampling-active
false
x-sematext-experience-app-active
false
x-sematext-experience-sampling-percentage
100
access-control-allow-methods
OPTIONS, HEAD, GET, POST, PUT, DELETE
access-control-allow-origin
*
date
Wed, 16 Oct 2024 20:57:26 GMT
access-control-allow-headers
X-Requested-With, Content-Type, Content-Length
/
madmin.pages.dev/socket.io/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://madmin.pages.dev/socket.io/?EIO=4&transport=polling&t=PAN7mk1
Requested by
Host: cdn.sematext.com
URL: https://cdn.sematext.com/experience.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.44.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4427d193c7aa90bf8a7e3be67c725ca8ffe050742ed9f46b28021ef5be9e0a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Referer
https://madmin.pages.dev/

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=esd8Tgr3newG31xSZcIs3%2B35Hi%2Fugo4vdZyOoOARFmlIxUlGtjEeo3VlcJTvhe9d3jtrtibl%2Ba9EOT2hjoVwj1XLRDb1Jfb7aFO2a0weoZclGcmxbZ4ym6887SoBSkJ4IyZM"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 20:57:27 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
link
<https://fonts.googleapis.com>; rel="preconnect"
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules
"/cdn-cgi/speculation"
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d3af618eca50e62-MXP
access-control-allow-origin
*
server
cloudflare
/
madmin.pages.dev/socket.io/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://madmin.pages.dev/socket.io/?EIO=4&transport=polling&t=PAN7nJo
Requested by
Host: cdn.sematext.com
URL: https://cdn.sematext.com/experience.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.44.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4427d193c7aa90bf8a7e3be67c725ca8ffe050742ed9f46b28021ef5be9e0a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Referer
https://madmin.pages.dev/

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=niPO0gi6BfKn%2Fwuq4WliV%2FJlsQVl2w6FAlW9WSoQpSpdDSP2Us2C2dkja9XVpoZIJxUKgfkJbnvo2QzZKZxtO86ubQbo10dAEgZQdz4yur3BFaGTmqISAMHgvbq7D3IpMnV5"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 20:57:29 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
link
<https://fonts.googleapis.com>; rel="preconnect"
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules
"/cdn-cgi/speculation"
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d3af6280dff0e62-MXP
access-control-allow-origin
*
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
madmin.pages.dev
URL
blob:https://madmin.pages.dev/2685352c-5960-46bb-a886-1238d9baa2bf

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| strum object| strumlt object| __core-js_shared__ object| core object| regeneratorRuntime

3 Cookies

Domain/Path Name / Value
madmin.pages.dev/ Name: strumsession
Value: 39bbae6a-db53-45ea-9bf6-ec440430d6f1
madmin.pages.dev/ Name: strumuser
Value: 7d2553e6-4deb-4e3b-8452-2fe26d15013e
madmin.pages.dev/ Name: f9ada6fb-378d-4a3c-ae4c-e6d95597da90-app-disabled
Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff