winsyu-maintenace-redirect.pages.dev
Open in
urlscan Pro
2a06:98c1:3120::9
Malicious Activity!
Public Scan
Submission: On September 25 via automatic, source phishtank — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on August 10th 2023. Valid for: 3 months.
This is the only time winsyu-maintenace-redirect.pages.dev was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 2a06:98c1:312... 2a06:98c1:3120::9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700:e4:... 2606:4700:e4::ac40:a216 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 2 |
ASN13335 (CLOUDFLARENET, US)
winsyu-maintenace-redirect.pages.dev |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
pages.dev
winsyu-maintenace-redirect.pages.dev |
130 KB |
3 |
fontawesome.com
kit-free.fontawesome.com — Cisco Umbrella Rank: 35383 |
31 KB |
14 | 2 |
Domain | Requested by | |
---|---|---|
11 | winsyu-maintenace-redirect.pages.dev |
winsyu-maintenace-redirect.pages.dev
|
3 | kit-free.fontawesome.com |
winsyu-maintenace-redirect.pages.dev
|
14 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
winsyu-maintenace-redirect.pages.dev GTS CA 1P5 |
2023-08-10 - 2023-11-08 |
3 months | crt.sh |
kit-free.fontawesome.com E1 |
2023-09-02 - 2023-12-01 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://winsyu-maintenace-redirect.pages.dev/authenticate
Frame ID: 0BD08628853E89C34BAD35332736AB9D
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
LoglnDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
authenticate
winsyu-maintenace-redirect.pages.dev/ |
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
winsyu-maintenace-redirect.pages.dev/index_files/ |
141 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
winsyu-maintenace-redirect.pages.dev/index_files/ |
1 KB 777 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
585b051251.js
winsyu-maintenace-redirect.pages.dev/index_files/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.css
winsyu-maintenace-redirect.pages.dev/index_files/ |
59 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.css
winsyu-maintenace-redirect.pages.dev/index_files/ |
26 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.js
winsyu-maintenace-redirect.pages.dev/index_files/ |
48 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.js
winsyu-maintenace-redirect.pages.dev/index_files/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap_002.js
winsyu-maintenace-redirect.pages.dev/index_files/ |
48 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
winsyu-maintenace-redirect.pages.dev/index_files/ |
84 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.js
winsyu-maintenace-redirect.pages.dev/index_files/ |
50 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.min.css
kit-free.fontawesome.com/releases/latest/css/ |
26 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.css
kit-free.fontawesome.com/releases/latest/css/ |
59 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.css
kit-free.fontawesome.com/releases/latest/css/ |
59 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| FontAwesomeKitConfig object| prefixesArray string| prefixesSelectorString function| Popper object| bootstrap function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
kit-free.fontawesome.com
winsyu-maintenace-redirect.pages.dev
2606:4700:e4::ac40:a216
2a06:98c1:3120::9
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1aed92cee6add106faa48275e546b0bd61970559aa275c377faf6e9d01d79bb3
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2ee7d7bd8d1d9bfc925f53386e4b0ab58883361cf2f5177c91ef778895a98b88
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
78430aacded9bc766ca632d544407a3ded6eb62f7c296f29e668e21feefa5e3b
8f701947ccec193e5d77382be3f43481c0cab84b75dad13a7497c386c7d13a6a
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
d7966d2e7b03e37b72019b84692227ad81ee3a3c0cabaeb383766aee46a33080
e7067ebd80b3644eb678de99e0936f638d54628ce9775e304d42300821fd8b79
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda