winsyu-maintenace-redirect.pages.dev Open in urlscan Pro
2a06:98c1:3120::9  Malicious Activity! Public Scan

URL: https://winsyu-maintenace-redirect.pages.dev/authenticate
Submission: On September 25 via automatic, source phishtank — Scanned from NL

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 2a06:98c1:3120::9, located in United Kingdom and belongs to CLOUDFLARENET, US. The main domain is winsyu-maintenace-redirect.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on August 10th 2023. Valid for: 3 months.
This is the only time winsyu-maintenace-redirect.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

IP Address AS Autonomous System
11 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2606:4700:e4:... 13335 (CLOUDFLAR...)
14 2
Apex Domain
Subdomains
Transfer
11 pages.dev
winsyu-maintenace-redirect.pages.dev
130 KB
3 fontawesome.com
kit-free.fontawesome.com — Cisco Umbrella Rank: 35383
31 KB
14 2
Domain Requested by
11 winsyu-maintenace-redirect.pages.dev winsyu-maintenace-redirect.pages.dev
3 kit-free.fontawesome.com winsyu-maintenace-redirect.pages.dev
14 2

This site contains no links.

Subject Issuer Validity Valid
winsyu-maintenace-redirect.pages.dev
GTS CA 1P5
2023-08-10 -
2023-11-08
3 months crt.sh
kit-free.fontawesome.com
E1
2023-09-02 -
2023-12-01
3 months crt.sh

This page contains 1 frames:

Primary Page: https://winsyu-maintenace-redirect.pages.dev/authenticate
Frame ID: 0BD08628853E89C34BAD35332736AB9D
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

Logln

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

160 kB
Transfer

633 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request authenticate
winsyu-maintenace-redirect.pages.dev/
10 KB
3 KB
Document
General
Full URL
https://winsyu-maintenace-redirect.pages.dev/authenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::9 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7966d2e7b03e37b72019b84692227ad81ee3a3c0cabaeb383766aee46a33080
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
80c64e203c6e0be6-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 25 Sep 2023 21:19:24 GMT
etag
W/"641b28a708b5c015ce79729f7c7a05f0"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8Bc8y6NCy1E9e0oCp3YhNlC8I%2B%2FHJejuGPfrMpAq7nNrmpNvR%2BlQRsSr6qHVX9DJXDfw7dix4fPn15ymRQpOhmssm3qRdwROoq89eJFsySQ9F7ch6MS0z%2Fj41ksddXiiKZmLx%2BgSQ3bmbo5NepaBS1QZFccxRtk%2BTKP1Uk2wfwxnoQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
bootstrap.css
winsyu-maintenace-redirect.pages.dev/index_files/
141 KB
22 KB
Stylesheet
General
Full URL
https://winsyu-maintenace-redirect.pages.dev/index_files/bootstrap.css
Requested by
Host: winsyu-maintenace-redirect.pages.dev
URL: https://winsyu-maintenace-redirect.pages.dev/authenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::9 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winsyu-maintenace-redirect.pages.dev/authenticate
Origin
https://winsyu-maintenace-redirect.pages.dev
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 21:19:24 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"c34db0bec958e930cafdc5c1280b8264"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tj0aygsgWes3JCn1ciFhAvNpUD%2B1NYUIIE3VhQEQdm90S6MrFJeluMNb362C0MLuTddn07DQCcChZYuK8L%2FodGKsSmorky83SYnyc3kyCJRqM%2F%2FCdTgycWC8UIATjLaIBdvdne4V2G5zRQMMNPkUSQmJMQiy3SzqCFohN5OmNrflJ%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
80c64e20bd7a0be6-AMS
alt-svc
h3=":443"; ma=86400
css.css
winsyu-maintenace-redirect.pages.dev/index_files/
1 KB
777 B
Stylesheet
General
Full URL
https://winsyu-maintenace-redirect.pages.dev/index_files/css.css
Requested by
Host: winsyu-maintenace-redirect.pages.dev
URL: https://winsyu-maintenace-redirect.pages.dev/authenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::9 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f701947ccec193e5d77382be3f43481c0cab84b75dad13a7497c386c7d13a6a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://winsyu-maintenace-redirect.pages.dev/authenticate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 21:19:24 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"07812d80dd867188ee0ae14050fa425e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T22W6DWuad9G7eHynNnOk%2B%2FDC%2FWaHwMysIuA75yY69gamcQeWe2LflqqG6oCChzPuvidkoG7%2BE9mkvjOgdND6fDSsa1XKixKQ2N0GbAl7nYfHvLr3DrjCAWoZEG1oR7Xm3QZICFGwqgB9gE0n0p7Xc0z8feECU68OLFrt%2BLozrhb%2Bac%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
80c64e20bd7d0be6-AMS
alt-svc
h3=":443"; ma=86400
585b051251.js
winsyu-maintenace-redirect.pages.dev/index_files/
4 KB
2 KB
Script
General
Full URL
https://winsyu-maintenace-redirect.pages.dev/index_files/585b051251.js
Requested by
Host: winsyu-maintenace-redirect.pages.dev
URL: https://winsyu-maintenace-redirect.pages.dev/authenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::9 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78430aacded9bc766ca632d544407a3ded6eb62f7c296f29e668e21feefa5e3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winsyu-maintenace-redirect.pages.dev/authenticate
Origin
https://winsyu-maintenace-redirect.pages.dev
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 21:19:24 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3fffdf888eaf59260a2ae71d15e6e611"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w58TwVS5D2%2FKtGZR3rWQpPkVli35jx%2BfcVaEp23ck3s3nDAXTCq4KA8Gsm8bjm3Sa0cs4YUZCAmBGPoEyCZGknAno0L3ZqaMRVJJv5eawbqcx3kLKRtPQNaxrbEKoVlrGHuAT05l4WOtBCs0VI7KJ9eU7M%2BxmtzK55dpu%2Bd1thmIrDw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
80c64e20bd860be6-AMS
alt-svc
h3=":443"; ma=86400
free.css
winsyu-maintenace-redirect.pages.dev/index_files/
59 KB
13 KB
Stylesheet
General
Full URL
https://winsyu-maintenace-redirect.pages.dev/index_files/free.css
Requested by
Host: winsyu-maintenace-redirect.pages.dev
URL: https://winsyu-maintenace-redirect.pages.dev/authenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::9 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee7d7bd8d1d9bfc925f53386e4b0ab58883361cf2f5177c91ef778895a98b88
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://winsyu-maintenace-redirect.pages.dev/authenticate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 21:19:24 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e58085c9b553d3c7eba957989e3996ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SfxaP6Rfws1bF6MfDheIlNjtQwoLQCzWA6%2BiRhVzlSKFdxdGeMykd8akAs%2F9zoSMD%2BwyhVwcPIogev21WXvEE8jPy4%2BiyBDXh6lc24NzUZq5eGZRVigJzQLRY9XmyF505rz6SDWrv1VGnBgSBEggAMRPATDuYvniKezXI78rXVLed0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
80c64e20bd820be6-AMS
alt-svc
h3=":443"; ma=86400
free-v4-shims.css
winsyu-maintenace-redirect.pages.dev/index_files/
26 KB
4 KB
Stylesheet
General
Full URL
https://winsyu-maintenace-redirect.pages.dev/index_files/free-v4-shims.css
Requested by
Host: winsyu-maintenace-redirect.pages.dev
URL: https://winsyu-maintenace-redirect.pages.dev/authenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::9 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7067ebd80b3644eb678de99e0936f638d54628ce9775e304d42300821fd8b79
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://winsyu-maintenace-redirect.pages.dev/authenticate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 21:19:24 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"dda3a7f8146a3978599ed1ed73d805fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClxhhgP9oooI7Nc%2BCfPwBYCozTWD4LAsOIzwfIAKvb%2FoenVCzDkctkjDdanmgJBu17LJD9x4g0Awl3PM%2FGh1STvmKWuQgfjun%2FF1VW1k8s9ShPOTUF%2FH70lPTb7tZxngDwP%2FKSL0oGSPStfD4USWJbDNRmYdqOhtknatlM172qDohIU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
80c64e20bd850be6-AMS
alt-svc
h3=":443"; ma=86400
jquery-3.js
winsyu-maintenace-redirect.pages.dev/index_files/
48 KB
18 KB
Script
General
Full URL
https://winsyu-maintenace-redirect.pages.dev/index_files/jquery-3.js
Requested by
Host: winsyu-maintenace-redirect.pages.dev
URL: https://winsyu-maintenace-redirect.pages.dev/authenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::9 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aed92cee6add106faa48275e546b0bd61970559aa275c377faf6e9d01d79bb3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winsyu-maintenace-redirect.pages.dev/authenticate
Origin
https://winsyu-maintenace-redirect.pages.dev
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 21:19:24 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"9bbc498956630beddb370cbadc235877"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOOOsXkrVMpPFEWVEKNoz2Fuq1rI%2F3ndaQgxn%2FAOKDo7hQPexuDhw9T0b3Xldku6ounrMwBSqBYFDoC2%2FdfIHabkc6cs2YSVHdtIlHjOQZSCrGhRX5w6AoTob4TYyVg5ijUeQfZN2J0d38afgCN4rb9GSC%2FtPnCS2mUONGy26OWX9kc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
80c64e20bd8a0be6-AMS
alt-svc
h3=":443"; ma=86400
popper.js
winsyu-maintenace-redirect.pages.dev/index_files/
19 KB
7 KB
Script
General
Full URL
https://winsyu-maintenace-redirect.pages.dev/index_files/popper.js
Requested by
Host: winsyu-maintenace-redirect.pages.dev
URL: https://winsyu-maintenace-redirect.pages.dev/authenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::9 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winsyu-maintenace-redirect.pages.dev/authenticate
Origin
https://winsyu-maintenace-redirect.pages.dev
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 21:19:24 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"07f3a2befd9efa08b18584f01492260e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nIT3d2QSo00y9nYVzIjeUi73M2p%2FKoLcJCG65DayuQCn%2FwosdLSVhsgdBasO%2B552ocOfkBDlzpPSNnBlDeT10y5oxNpXo8qo1JwEWnIReTkSq%2Bxn0pLvQdfiVN41wdStyblc1rP7ckDQMvJP9ymX7YCOUdfXNOnKk6Ddd9M6%2BSMWZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
80c64e20bd8c0be6-AMS
alt-svc
h3=":443"; ma=86400
bootstrap_002.js
winsyu-maintenace-redirect.pages.dev/index_files/
48 KB
14 KB
Script
General
Full URL
https://winsyu-maintenace-redirect.pages.dev/index_files/bootstrap_002.js
Requested by
Host: winsyu-maintenace-redirect.pages.dev
URL: https://winsyu-maintenace-redirect.pages.dev/authenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::9 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winsyu-maintenace-redirect.pages.dev/authenticate
Origin
https://winsyu-maintenace-redirect.pages.dev
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 21:19:24 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7b1b342884119ca768efbd12f23e3ced"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwp8FDT8%2B3Dw3CPPvas7wyDlwGKf4INAfwhB%2BQjAKgOeg9SmSABTJhWbGVXEwEew%2Bdkso0%2FPsSs47oFAT09KWLiySneHqPUi2WwJJXcbKJl6VXeJH0sACggSz7L5%2BiuLhMMEw114OW27oz7J1YouT%2FuMCEGB9aHBxkkDfvD23TYqmJk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
80c64e20bd8e0be6-AMS
alt-svc
h3=":443"; ma=86400
jquery.js
winsyu-maintenace-redirect.pages.dev/index_files/
84 KB
31 KB
Script
General
Full URL
https://winsyu-maintenace-redirect.pages.dev/index_files/jquery.js
Requested by
Host: winsyu-maintenace-redirect.pages.dev
URL: https://winsyu-maintenace-redirect.pages.dev/authenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::9 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://winsyu-maintenace-redirect.pages.dev/authenticate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 21:19:24 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"ea34e325270be1c2d8c0d34c46871195"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvYtL%2BQjrNaP5Gg1KH02LjXJqJ3b%2FJnlg7tS3tmZH%2FH2j%2F4nYaGl3VXIgezGlnve4T6VLNwicwGAmON5NfV9hrQUB%2FbphyuAelflJMHjyi5wTAB3yL%2BNVfWDXPHelWZAJEhv2PZugKeQf15eO4vfVy%2Fctd9RymgB4sAMPYDLFwx9HtI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
80c64e20bd950be6-AMS
alt-svc
h3=":443"; ma=86400
bootstrap.js
winsyu-maintenace-redirect.pages.dev/index_files/
50 KB
15 KB
Script
General
Full URL
https://winsyu-maintenace-redirect.pages.dev/index_files/bootstrap.js
Requested by
Host: winsyu-maintenace-redirect.pages.dev
URL: https://winsyu-maintenace-redirect.pages.dev/authenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::9 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://winsyu-maintenace-redirect.pages.dev/authenticate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 21:19:24 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"31c3f9ea0df3dd0d791098afa7b69631"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2F5JN34jQ9%2BW%2FshKpc006s3%2B%2F5QTtUSoqYTdqRU6%2F7apC9CbYhyTaoIqldQTwRmudnhWbhD6w%2Fs5rsWR7e3InFwsJL1X2DOuw6M0cWvnnp4m9dgsmZxcLq5%2B1agvNYPMhOyvgbqdEyVqipXrVY4NRzFMiE%2FMUnaRRWxtmnXpY3YkNe0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
80c64e20bd990be6-AMS
alt-svc
h3=":443"; ma=86400
free-v4-shims.min.css
kit-free.fontawesome.com/releases/latest/css/
26 KB
5 KB
Stylesheet
General
Full URL
https://kit-free.fontawesome.com/releases/latest/css/free-v4-shims.min.css
Requested by
Host: winsyu-maintenace-redirect.pages.dev
URL: https://winsyu-maintenace-redirect.pages.dev/index_files/585b051251.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://winsyu-maintenace-redirect.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 21:19:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1JPKWYMQ24993BY5
age
1752
alt-svc
h3=":443"; ma=86400
x-amz-id-2
DeGrGM5I4LyDPIPNJB2tnQ53DlVtpUZvnC42CYlEf2+hzdlu1Mvi8raNOMKOEHPwuTqOOiFqeAI=
last-modified
Wed, 04 Aug 2021 21:22:51 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YEVAHdHaoB1ssmsJ4kcEOIMB8aeuc2iA%2FeUSR3pSIFuAud5PT%2B6qndIcH9ts5WqWIE89EbBDsKx92m3pMycZOyn0uancXxk%2FZ%2F47Z8fMLljuIPuoMgD3ED1WIgfRZhg3aCTW4jCiji5UdsWBF5zKFDGHCQdDvLo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
80c64e223dba37f5-FRA
free.min.css
kit-free.fontawesome.com/releases/latest/css/
59 KB
13 KB
Stylesheet
General
Full URL
https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Requested by
Host: winsyu-maintenace-redirect.pages.dev
URL: https://winsyu-maintenace-redirect.pages.dev/index_files/585b051251.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://winsyu-maintenace-redirect.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 21:19:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
F6PXQJCH92R9W0A1
age
1492
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8+lvC03bqKObKAFe1KlQu1Sar8lvyfTY7wQopfSGO8Ax8G3KmH8QYG3vxT+pYplUD9DZY95FBw8=
last-modified
Wed, 04 Aug 2021 21:22:50 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAA%2BV8oxT5xwjlRJLcTuTStjUsSPl2ujQ0%2B0NeLPfi6tgp6dvJNaQNZ%2BvmhcI1wPOYtVX3cGVKNgAde%2Fw69NrCgFIVFZD%2BdcSM1v%2BpKy4MgJ4AOHcbjsVhiV9r%2BEQ0z2G%2Fp%2BxWx0IVLrY7EaIbYko%2FT42kPd1n8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
80c64e223dbc37f5-FRA
free.min.css
kit-free.fontawesome.com/releases/latest/css/
59 KB
13 KB
Stylesheet
General
Full URL
https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Requested by
Host: winsyu-maintenace-redirect.pages.dev
URL: https://winsyu-maintenace-redirect.pages.dev/index_files/585b051251.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://winsyu-maintenace-redirect.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 21:19:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
F6PXQJCH92R9W0A1
age
1492
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8+lvC03bqKObKAFe1KlQu1Sar8lvyfTY7wQopfSGO8Ax8G3KmH8QYG3vxT+pYplUD9DZY95FBw8=
last-modified
Wed, 04 Aug 2021 21:22:50 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wg169j0dK7dnLbjna5H82t3bZqo%2BlejSBKwzKoBieSsfIl9HFwSA%2FotT4KDc38v5fYcxDHqBGb5T2PKP9Y83mwhJBtq555CmFYw40mUHuiZdsK2n439Vps729%2BEiayo0g75N2OMgVhBGbIsBTCPpwQ4uMlfYroM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
80c64e227dee37f5-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| FontAwesomeKitConfig object| prefixesArray string| prefixesSelectorString function| Popper object| bootstrap function| $ function| jQuery

0 Cookies

1 Console Messages

Source Level URL
Text
security error URL: https://winsyu-maintenace-redirect.pages.dev/authenticate
Message:
Failed to find a valid digest in the 'integrity' attribute for resource 'https://winsyu-maintenace-redirect.pages.dev/index_files/jquery-3.js' with computed SHA-384 integrity 'IjyRTSfKo0NnYW1xYKrx5b5aD3WKy2aa75b5vNG3Yun10lRuf3lo/OcmkZC35rs6'. The resource has been blocked.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff