madmin.pages.dev
Open in
urlscan Pro
172.66.44.170
Public Scan
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On October 16 via api from IT — Scanned from IT
Summary
TLS certificate: Issued by WE1 on October 16th 2024. Valid for: 3 months.
This is the only time madmin.pages.dev was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 172.66.44.170 172.66.44.170 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.64.147.238 172.64.147.238 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 3.161.82.54 3.161.82.54 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 52.18.115.61 52.18.115.61 | 16509 (AMAZON-02) (AMAZON-02) | |
14 | 6 |
ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-54.fra56.r.cloudfront.net
cdn.sematext.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-115-61.eu-west-1.compute.amazonaws.com
rum-receiver.eu.sematext.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
pages.dev
madmin.pages.dev |
1004 KB |
3 |
sematext.com
cdn.sematext.com — Cisco Umbrella Rank: 542832 rum-receiver.eu.sematext.com |
40 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30 |
40 KB |
1 |
iconscout.com
unicons.iconscout.com — Cisco Umbrella Rank: 72972 |
10 KB |
14 | 4 |
Domain | Requested by | |
---|---|---|
8 | madmin.pages.dev |
madmin.pages.dev
cdn.sematext.com |
2 | rum-receiver.eu.sematext.com |
cdn.sematext.com
|
1 | cdn.sematext.com |
madmin.pages.dev
|
1 | fonts.googleapis.com |
madmin.pages.dev
|
1 | unicons.iconscout.com |
madmin.pages.dev
|
14 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
madmin.pages.dev WE1 |
2024-10-16 - 2025-01-14 |
3 months | crt.sh |
iconscout.com WE1 |
2024-09-14 - 2024-12-13 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-09-30 - 2024-12-23 |
3 months | crt.sh |
*.sematext.com Amazon RSA 2048 M03 |
2024-03-06 - 2025-04-04 |
a year | crt.sh |
*.eu.sematext.com Amazon RSA 2048 M02 |
2024-01-30 - 2025-02-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://madmin.pages.dev/
Frame ID: B21898C75D5068E2F692571472CF9B4F
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Munchies management panelDetected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
madmin.pages.dev/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
speculation
madmin.pages.dev/cdn-cgi/ |
128 B 574 B |
Other
application/speculationrules+json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
line.css
unicons.iconscout.com/release/v3.0.0/css/ |
56 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
171 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.6bcf058e.js
madmin.pages.dev/static/js/ |
3 MB 922 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.28ee9c1e.css
madmin.pages.dev/static/css/ |
553 KB 73 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
experience.js
cdn.sematext.com/ |
147 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
2685352c-5960-46bb-a886-1238d9baa2bf
https://madmin.pages.dev/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
madmin.pages.dev/socket.io/ |
2 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
HEAD H2 |
f9ada6fb-378d-4a3c-ae4c-e6d95597da90
rum-receiver.eu.sematext.com/sampling/ |
0 349 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.webp
madmin.pages.dev/ |
2 KB 3 KB |
Other
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
HEAD H2 |
f9ada6fb-378d-4a3c-ae4c-e6d95597da90
rum-receiver.eu.sematext.com/sampling/ |
0 350 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
madmin.pages.dev/socket.io/ |
2 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
madmin.pages.dev/socket.io/ |
2 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- madmin.pages.dev
- URL
- blob:https://madmin.pages.dev/2685352c-5960-46bb-a886-1238d9baa2bf
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| strum object| strumlt object| __core-js_shared__ object| core object| regeneratorRuntime3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
madmin.pages.dev/ | Name: strumsession Value: 39bbae6a-db53-45ea-9bf6-ec440430d6f1 |
|
madmin.pages.dev/ | Name: strumuser Value: 7d2553e6-4deb-4e3b-8452-2fe26d15013e |
|
madmin.pages.dev/ | Name: f9ada6fb-378d-4a3c-ae4c-e6d95597da90-app-disabled Value: true |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.sematext.com
fonts.googleapis.com
madmin.pages.dev
rum-receiver.eu.sematext.com
unicons.iconscout.com
madmin.pages.dev
172.64.147.238
172.66.44.170
2a00:1450:4001:82a::200a
3.161.82.54
52.18.115.61
050d0f5e603480ea5ff518d1158d2831f93c444d5bb7bf8d3fdfde941e13ca51
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
22ff898a14845b852d7a96f333cb3ea5134cd008bc01665d948e727ad0e850e5
3a6ec3149369415d23d7925cdf7510535dd4decf69be53e53eb8d2425fd792ea
51c1657a6860cfa76f3163ef6d7b0d6b18c479f9c66150a7ae1ce5fb6deab5f2
a3269af606dafa6d3f1046c7867178285ddf7012d48a424477cb56687aa65d61
b4427d193c7aa90bf8a7e3be67c725ca8ffe050742ed9f46b28021ef5be9e0a6
d27bd545d69e128a1f3b9b5d3f6cf66b801eea5053ecc275891fc58c3dd68372
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855