ken-brass-eocurs-auth02.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2cd3  Malicious Activity! Public Scan

URL: https://ken-brass-eocurs-auth02.pages.dev/
Submission: On October 02 via api from JP — Scanned from JP

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 2606:4700:310c::ac42:2cd3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ken-brass-eocurs-auth02.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on October 2nd 2023. Valid for: 3 months.
This is the only time ken-brass-eocurs-auth02.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Optimum (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:310... 13335 (CLOUDFLAR...)
1 2
Apex Domain
Subdomains
Transfer
1 pages.dev
ken-brass-eocurs-auth02.pages.dev
406 KB
1 1
Domain Requested by
1 ken-brass-eocurs-auth02.pages.dev
1 1
Subject Issuer Validity Valid
ken-brass-eocurs-auth02.pages.dev
GTS CA 1P5
2023-10-02 -
2023-12-31
3 months crt.sh

This page contains 2 frames:

Primary Page: https://ken-brass-eocurs-auth02.pages.dev/
Frame ID: 3981A916BF73662AB9A5D89E4821FD4D
Requests: 10 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2783551E72851DE58E24221E4EC536B6
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Sign In to Manage Your Services | Optimum

Page Statistics

1
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

617 kB
Transfer

1122 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ken-brass-eocurs-auth02.pages.dev/
699 KB
406 KB
Document
General
Full URL
https://ken-brass-eocurs-auth02.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b87958def342882ce01e0708142557be5f276169bd796185d1ce29797a3ccba8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
80ff78ee0e22e041-NRT
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 02 Oct 2023 19:50:05 GMT
etag
W/"3e49a17969c13e6c163736e0a7dbc516"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gsJ%2F64B5UOEJ6HapAqfbGSBh3%2FiiHajg%2B0UudgwQQGD5zyxwmsWg6EKDbs7kM8QtnieYqihg6kTr8uBMxdVSBrjIJ5nenKoxqkCsmEfTUbhv3Bh%2BJvsQA8VjbZB9m6C8Ce8iOIBnByTd45uBnhVC6H7Y5%2BmT7VYB9SXiB2f7bE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a80363e3aaefdfbf02c3ab9906d83f9bbf80821b0c1a04df69c8a0f97fbc7453

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
405 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24b1b0fc642753fc6e693eae5cde6fd56366fad297e2915b3e9f63774f3aa1fb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
441 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d57340d92cb2e9557a1cc3ac96c86ca86b0c8323c851a55573a3a2488ef84ff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
249 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dda50837373135f2515c7ed1216d1cb8c79aa12786d8512e3400a9cd665e1d88

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
146 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0fde4c9c87c9e7b45f2edee970396be68320f3762a1a7998aff4b7f7517fcfe4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
61 KB
61 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b85f5f5732534318102cd1b76600be50148a28b8ddf10bc845c43702f2a5fa5

Request headers

Referer
Origin
https://ken-brass-eocurs-auth02.pages.dev
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
61 KB
61 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6956ea2e1d93df622505b666c2987433a0f5546e4037f0a185c133b20a9a783b

Request headers

Referer
Origin
https://ken-brass-eocurs-auth02.pages.dev
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
29 KB
29 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6fb906942932de53852ee244ee3fec27bca0bf63a96421672aa4784851b8d4b

Request headers

Referer
Origin
https://ken-brass-eocurs-auth02.pages.dev
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
60 KB
60 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
878a83f4ffa56c09d18f71c29755fdd6f93c2e9702845ec7c83c1da4754d2650

Request headers

Referer
Origin
https://ken-brass-eocurs-auth02.pages.dev
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ Frame 2783
61 KB
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Origin
null
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
font/woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Optimum (Telecommunication)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff