ptwork-mango.com Open in urlscan Pro
2606:4700:3037::ac43:8b2d Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ptwork-mango.com/
Submission: On September 20 via api (September 20th 2024, 9:16:19 am UTC) from BE — Scanned from US

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3037::ac43:8b2d, located in United States and belongs to CLOUDFLARENET, US. The main domain is ptwork-mango.com.
TLS certificate: Issued by WE1 on September 18th 2024. Valid for: 3 months.

This is the only time ptwork-mango.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 21	2606:4700:303... 2606:4700:3037::ac43:8b2d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2408:4005:30a... 2408:4005:30a:4302:6218:d8d9:db29:5de0	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
21	2

21 2606:4700:3037::ac43:8b2d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ptwork-mango.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2408:4005:30a:4302:6218:d8d9:db29:5de0 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

cdn.dcloud.net.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	ptwork-mango.com 1 redirects ptwork-mango.com	9 MB
1	dcloud.net.cn cdn.dcloud.net.cn — Cisco Umbrella Rank: 55805	579 B
21	2

	Domain	Requested by
21	ptwork-mango.com	1 redirects ptwork-mango.com
1	cdn.dcloud.net.cn	ptwork-mango.com
21	2

This site contains no links.

Subject Issuer	Validity	Valid
ptwork-mango.com WE1	`2024-09-18` - `2024-12-17`	3 months	crt.sh
*.dcloud.net.cn Certum Domain Validation CA SHA2	`2024-08-12` - `2025-09-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ptwork-mango.com/
Frame ID: 3FE12DED664917DACAE56D84F32E82B4
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MANGO

Page URL History Show full URLs

https://ptwork-mango.com/ Page URL
https://ptwork-mango.com/cdn-cgi/phish-bypass?atok=dMazyj7VuIYMEPB8Fn7U0.4LMws8TlzCZ0uGSmWZoOI-172682... HTTP 301
https://ptwork-mango.com/ Page URL

Page Statistics

21
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

9722 kB
Transfer

10990 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ptwork-mango.com/ Page URL
https://ptwork-mango.com/cdn-cgi/phish-bypass?atok=dMazyj7VuIYMEPB8Fn7U0.4LMws8TlzCZ0uGSmWZoOI-1726823770-0.0.1.1-%2F HTTP 301
https://ptwork-mango.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
ptwork-mango.com/ 4 KB
2 KB 35ms
9ms Document
text/html 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ptwork-mango.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c9ccb37ac13ccacd4c280a69b737ef0de845900505543da5e1bd026e86b63d0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-ray: 8c60b713ce7b6a55-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 20 Sep 2024 09:16:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PoL2iT4K5I2wA%2B9FsP7Iwk55UOY1aEieS683lfEfjxbz7v53DGXf%2B1RqNjNuyyUipjCwRJMTkHkBo%2FVU5R03DMregAhjoKMc1P5Jwhd%2Fkle2SMZsjE8afWyf9mgFWpYtSoLKujEFT0eNbwgLICFE"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 speculation
ptwork-mango.com/cdn-cgi/ 128 B
555 B 8ms
7ms Other
application/speculationrules+json 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ptwork-mango.com/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://ptwork-mango.com
Referer: https://ptwork-mango.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zKwfmxd6nQQN8Kp3mQqczNCQDtzzdma7N2mBdIhDITbp%2Fb%2FzWcvbQsgT4tqL%2BBA99WKLO5%2FGPFn9uPKw7R2ClY9Ja894AekmxItoT52GtjtnJ3HXZ5j7ARjSq2ikeNFRzfVTgg%2Fu%2FekhEfzUFdUv"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c60b713de8c6a55-EWR
access-control-allow-origin: https://ptwork-mango.com
content-length: 128
date: Fri, 20 Sep 2024 09:16:10 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 200 cf.errors.css
ptwork-mango.com/cdn-cgi/styles/ 23 KB
5 KB 7ms
6ms Stylesheet
text/css 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ptwork-mango.com/cdn-cgi/styles/cf.errors.css

Requested by

Host: ptwork-mango.com
URL: https://ptwork-mango.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ptwork-mango.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
content-encoding: gzip
etag: W/"66e7fafc-5df3"
x-content-type-options: nosniff
cf-ray: 8c60b713de8d6a55-EWR
expires: Fri, 20 Sep 2024 11:16:10 GMT
date: Fri, 20 Sep 2024 09:16:10 GMT
content-type: text/css
last-modified: Mon, 16 Sep 2024 09:31:40 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 200 icon-exclamation.png
ptwork-mango.com/cdn-cgi/images/ 452 B
634 B 6ms
5ms Image
image/png 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ptwork-mango.com/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: ptwork-mango.com
URL: https://ptwork-mango.com/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ptwork-mango.com/cdn-cgi/styles/cf.errors.css

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
etag: "66e7fafc-1c4"
x-content-type-options: nosniff
cf-ray: 8c60b7140e9a6a55-EWR
expires: Fri, 20 Sep 2024 11:16:10 GMT
accept-ranges: bytes
content-length: 452
date: Fri, 20 Sep 2024 09:16:10 GMT
content-type: image/png
last-modified: Mon, 16 Sep 2024 09:31:40 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 404 favicon.ico
ptwork-mango.com/ 548 B
601 B 577ms
577ms Other
text/html 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ptwork-mango.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ptwork-mango.com/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: EXPIRED
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uygNvAps1s3twvDUSSMkXgYW%2F3cCdIi8kectXqQ77Kazk8IbsedQLqdYo7BPIjJpVWQXnedi8UU83UZUOG%2FkpnnApZGhj3kHnHOStqJMK3pIANzuUgVs60nzNi0fB5IOzYiNBI3AA%2BLYa7dh7gWL"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c60b7142ea46a55-EWR
x-cache: MISS from shuadan1
date: Fri, 20 Sep 2024 09:16:10 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H3

200

Primary Request / Show response
ptwork-mango.com/
Redirect Chain

https://ptwork-mango.com/cdn-cgi/phish-bypass?atok=dMazyj7VuIYMEPB8Fn7U0.4LMws8TlzCZ0uGSmWZoOI-1726823770-0.0.1.1-%2F
https://ptwork-mango.com/

939 B
935 B

182ms
181ms

Document
text/html

2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ptwork-mango.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd7811ddbf5961b0b48c7ad82cbce85a2ab91ce51eef6e57a7dc0ab056c7303d

Request headers

Referer: https://ptwork-mango.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8c60b72a4c8c6a55-EWR
content-encoding: br
content-type: text/html
date: Fri, 20 Sep 2024 09:16:13 GMT
last-modified: Mon, 12 Aug 2024 11:24:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vthGbnE%2F4N%2FUadcj8BvQxg6ZvooUO86L2qxFHDnhhzCKE%2Brl0%2FO9NFiohbvkCrFy7ZpijYyMb%2BOAGDaRv02VE6CkIc0Tbo7KFZ10k9L4UDw%2FnscisfXrsVylQ5%2Fihb61wPmy2LkxlrNLEVH5mula"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
x-cache: HIT from shuadan1

Redirect headers

cache-control: private, no-cache
cf-ray: 8c60b72a2c7c6a55-EWR
content-length: 167
content-type: text/html
date: Fri, 20 Sep 2024 09:16:13 GMT
location: https://ptwork-mango.com/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 speculation
ptwork-mango.com/cdn-cgi/ 128 B
548 B 20ms
20ms Other
application/speculationrules+json 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ptwork-mango.com/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://ptwork-mango.com
Referer: https://ptwork-mango.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h3b0ycDx3EKQwrCysowSrxX6DlhY6tru0hHmMPL5ZzB0GMRhoa6NGEYYxUm4B7EpBgae6mWHcsv1wpdtuSw9s5JO1DioJS8LwhEOCOZ42vHyeD5wC0x7uLdQvxZud3VBICVjgwSxN%2BWIJ4tYMMtA"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c60b72b6d126a55-EWR
access-control-allow-origin: https://ptwork-mango.com
content-length: 128
date: Fri, 20 Sep 2024 09:16:13 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 200 index.97465e7b.css
ptwork-mango.com/static/ 94 KB
29 KB 14ms
13ms Stylesheet
text/css 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ptwork-mango.com/static/index.97465e7b.css
Requested by: Host: ptwork-mango.com
URL: https://ptwork-mango.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6789ee8a50f44f18ba717956bd34c4cd17b1d658443e92408976907b83a0242

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ptwork-mango.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"66b9f0fc-17894"
age: 6735
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RDirStSrcNc9q2mq%2FPR4nPTGumgC%2BTJUnlz3rwQnedEAzh%2Bg1QBrxkPHuUROUb4KJD1UYn%2B%2BnNPDkYMelzLnsF8xTBxsqMvXrq1WsUJg2LO1Y3mWBSrV9dFCMnwquh3UVHqjtNMzIR9qPzeKz%2Fk8"}],"group":"cf-nel","max_age":604800}
x-cache: HIT from shuadan1
date: Fri, 20 Sep 2024 09:16:13 GMT
content-type: text/css
last-modified: Mon, 12 Aug 2024 11:24:44 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c60b72b6d156a55-EWR
accept-ranges: bytes
content-length: 29680
server: cloudflare

GET
H3 200 chunk-vendors.b0c1900a.js Show response
ptwork-mango.com/static/js/ 772 KB
273 KB 17ms
16ms Script
application/javascript 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ptwork-mango.com/static/js/chunk-vendors.b0c1900a.js
Requested by: Host: ptwork-mango.com
URL: https://ptwork-mango.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88f0dc91d47be5c9509cc91b682347a4629b8e692e484ccd6117b5ec8f1f3cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ptwork-mango.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"66b9f0fc-c0e5d"
age: 6736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nVCOf4nRKvxZqfHL7TKGhLkHXJ4M7hK6uD2k97U5ADZUdAePu4ayRdKf%2Bdw0I4EpMrqWaza82VlA7CETTMxWoGuGoaXVIJzE6M5G8%2Fmea8TTXXwGnFi9yw8bizgXUu2UUmpw9KDoXlcHJrSNcNJx"}],"group":"cf-nel","max_age":604800}
x-cache: HIT from shuadan1
date: Fri, 20 Sep 2024 09:16:13 GMT
content-type: application/javascript
last-modified: Mon, 12 Aug 2024 11:24:44 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c60b72b6d176a55-EWR
accept-ranges: bytes
content-length: 278754
server: cloudflare

GET
H3 200 index.a4adba33.js Show response
ptwork-mango.com/static/js/ 668 KB
174 KB 33ms
32ms Script
application/javascript 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ptwork-mango.com/static/js/index.a4adba33.js
Requested by: Host: ptwork-mango.com
URL: https://ptwork-mango.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f285124f58db38d7c0245480f2422228e2b93124b61386fe7985aace75235e40

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ptwork-mango.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"66b9f0fc-a6fc6"
age: 6736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nlrsbjDa2ObuQ0RqAxuHyCtbFh9U2mQzz2aF7QyBiNflS4boyGIyraqRt73v2DCDJ11sTMKxEoMcpZBfURVGGawirILKFMg7n1vU9lbVxSBDIkP7UtVds3v0XlK5h6uq9gZlauyPjRZn90uLusFK"}],"group":"cf-nel","max_age":604800}
x-cache: HIT from shuadan1
date: Fri, 20 Sep 2024 09:16:13 GMT
content-type: application/javascript
last-modified: Mon, 12 Aug 2024 11:24:44 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c60b72b6d186a55-EWR
accept-ranges: bytes
content-length: 177364
server: cloudflare

GET
H3 200 pages-coupon-coupon~pages-customer_service-index~pages-exchange-exchange~pages-forgetaccount-forgeta~c54abaac.f0431ce0.js Show response
ptwork-mango.com/static/js/ 21 KB
15 KB 14ms
14ms Script
application/javascript 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ptwork-mango.com/static/js/pages-coupon-coupon~pages-customer_service-index~pages-exchange-exchange~pages-forgetaccount-forgeta~c54abaac.f0431ce0.js
Requested by: Host: ptwork-mango.com
URL: https://ptwork-mango.com/static/js/index.a4adba33.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d4e7c793194c1a0a99daba39d4bdacd9270fac31be712def727008866fcb5fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ptwork-mango.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"66b9f0fc-55e2"
age: 6734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PRVNnfzSo1jqqF1DO19Tp8%2BX7%2B7pYl2ygM%2BOQx13SuOnMcy4GIGqe7mhY3%2FOhujoKEEHoF%2BggmlIm68sbb7fkjUqoM69t%2FKJj4xl%2FcXPIUsYnZAsB2FlHEfcUXCvsJxGlmpoF1ZZ6lAGeY%2FpzxdR"}],"group":"cf-nel","max_age":604800}
x-cache: HIT from shuadan1
date: Fri, 20 Sep 2024 09:16:14 GMT
content-type: application/javascript
last-modified: Mon, 12 Aug 2024 11:24:44 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c60b72d8f146a55-EWR
accept-ranges: bytes
content-length: 14680
server: cloudflare

GET
H3 200 pages-addBank-addBank~pages-exchange-exchange~pages-forgetaccount-forgetaccount~pages-index-index~pa~95e8e158.f406d22c.js Show response
ptwork-mango.com/static/js/ 22 KB
6 KB 15ms
14ms Script
application/javascript 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ptwork-mango.com/static/js/pages-addBank-addBank~pages-exchange-exchange~pages-forgetaccount-forgetaccount~pages-index-index~pa~95e8e158.f406d22c.js
Requested by: Host: ptwork-mango.com
URL: https://ptwork-mango.com/static/js/index.a4adba33.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b268cfc5b8632caf77d97f4c1467209526371066205ebea0c58488026ba4a729

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ptwork-mango.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"66b9f0fc-56fd"
age: 6734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rxNlY743BOOXxHFeR%2BWSRA2NUYidy8Q%2Fqb6D7kiGFTiG9UfHb77dSIZB9yR8FSmzndcF1enOZtAIG0Cu2iEGtwwI5jvmY%2BEs1PY5I6FvOgoGFU8aSup3Sqe008mlIimOrDY2TAPE9A9Rdz8LMAkv"}],"group":"cf-nel","max_age":604800}
x-cache: HIT from shuadan1
date: Fri, 20 Sep 2024 09:16:14 GMT
content-type: application/javascript
last-modified: Mon, 12 Aug 2024 11:24:44 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c60b72d8f176a55-EWR
accept-ranges: bytes
content-length: 6038
server: cloudflare

GET
H3 200 pages-coupon-coupon~pages-forgetaccount-forgetaccount~pages-index-index~pages-login-login~pages-news~da8e68af.7e01b076.js Show response
ptwork-mango.com/static/js/ 12 KB
4 KB 32ms
32ms Script
application/javascript 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ptwork-mango.com/static/js/pages-coupon-coupon~pages-forgetaccount-forgetaccount~pages-index-index~pages-login-login~pages-news~da8e68af.7e01b076.js
Requested by: Host: ptwork-mango.com
URL: https://ptwork-mango.com/static/js/index.a4adba33.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f1f01434ce570efcde04d4f1952150cb6210ad567c9fced0ba00a550800c796

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ptwork-mango.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"66b9f0fc-311a"
age: 6734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=edbK1bVNSdIZaFHRmjYmg9hTYhQaeKdW1OZoy3Ipre%2BXBSonGVWFSbn7NaA%2B2FVE3Q8HPoW7YKmS7nAoG%2FT2aYmC0qK4xMGviqou3RaJeW8uwsV3qHgtzInZ40tKiEa3sD2fO9aXu76gL3P7rWpO"}],"group":"cf-nel","max_age":604800}
x-cache: HIT from shuadan1
date: Fri, 20 Sep 2024 09:16:14 GMT
content-type: application/javascript
last-modified: Mon, 12 Aug 2024 11:24:44 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c60b72d8f1a6a55-EWR
accept-ranges: bytes
content-length: 4044
server: cloudflare

GET
H3 200 pages-forgetaccount-forgetaccount~pages-index-index~pages-login-login~pages-news-news~pages-register-register.f740f0a3.js Show response
ptwork-mango.com/static/js/ 8 KB
3 KB 14ms
13ms Script
application/javascript 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ptwork-mango.com/static/js/pages-forgetaccount-forgetaccount~pages-index-index~pages-login-login~pages-news-news~pages-register-register.f740f0a3.js
Requested by: Host: ptwork-mango.com
URL: https://ptwork-mango.com/static/js/index.a4adba33.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e00b4f8eeb0d3cb404d7c4e0b0425c3bad409971e101a4c1fcaa371c893b3a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ptwork-mango.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"66b9f0fc-1f19"
age: 6734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MoHTKsrnaq8%2BC%2FIsSeE7td67NyUuUsaA1TiKEVsZbuQBycDcmKFxZogL7Rrj6kq06wNA1NOZhK6wv4RjFT4RRpHIlJcDKe2lq2KsAu9%2Fy1wEbL3xzolmvBdzQ250vYiRcY4s9Glmfe54s2vRUQzA"}],"group":"cf-nel","max_age":604800}
x-cache: HIT from shuadan1
date: Fri, 20 Sep 2024 09:16:14 GMT
content-type: application/javascript
last-modified: Mon, 12 Aug 2024 11:24:44 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c60b72d8f1c6a55-EWR
accept-ranges: bytes
content-length: 2584
server: cloudflare

GET
H3 200 pages-login-login.8f617303.js Show response
ptwork-mango.com/static/js/ 60 KB
21 KB 15ms
15ms Script
application/javascript 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ptwork-mango.com/static/js/pages-login-login.8f617303.js
Requested by: Host: ptwork-mango.com
URL: https://ptwork-mango.com/static/js/index.a4adba33.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5a70405e016e13acb6431906f33988127f4e18a66fedda6164ffd725e33775d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ptwork-mango.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"66b9f0fc-ee53"
age: 6735
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KnyDTuTfaZRHMTPxqmlnCJvhxH%2Fv2SPZGyYcX7EGFjflwxDX%2FxnnEYxKUf%2FX%2FdEzrUcD9%2BNIERHyM6JVcgGRrqAaDEXvAH4FV6TcH1UTiuQTy5YOk0%2BgLVuEFwPsQN4CR9fyG9qfWaqNbdUmtx5z"}],"group":"cf-nel","max_age":604800}
x-cache: HIT from shuadan1
date: Fri, 20 Sep 2024 09:16:14 GMT
content-type: application/javascript
last-modified: Mon, 12 Aug 2024 11:24:44 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c60b72d8f1e6a55-EWR
accept-ranges: bytes
content-length: 20837
server: cloudflare

GET
H3 200 config Show response
ptwork-mango.com/api/ 88 KB
31 KB 494ms
494ms XHR
application/json 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ptwork-mango.com/api/config
Requested by: Host: ptwork-mango.com
URL: https://ptwork-mango.com/static/js/chunk-vendors.b0c1900a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a89c6f7a5e5b8415e255a77669e3341e2eb011a6eaaf3eae9ae40f66fbaefa

Request headers

Authorization
Referer: https://ptwork-mango.com/
Accept-Language
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Access-Control-Allow-Headers: token

Response headers

access-control-expose-headers: Authorization
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qIzg%2FhsSN4pD4S3%2FZrq96QCkPyApFaSoFcdzFOyd0J%2ByeqhQR3CVwzRzu77rtyES5O8%2BzuibqE7OHl1WTEXibLdYDIVzBCKzDPntSIosL212iCLnCDGsF5MIdTunsOnhBL4FdByBnr7UraOBv4sz"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c60b72dbf6e6a55-EWR
access-control-allow-origin: *
x-cache: MISS from shuadan1
content-length: 31078
date: Fri, 20 Sep 2024 09:16:14 GMT
content-type: application/json
server: cloudflare
access-control-allow-headers: *

GET
H3 200 fm.png
ptwork-mango.com/static/video/ 514 KB
514 KB 16ms
16ms Image
image/png 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ptwork-mango.com/static/video/fm.png
Requested by: Host: ptwork-mango.com
URL: https://ptwork-mango.com/static/js/chunk-vendors.b0c1900a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7878cc38e6e822e35b8da84b12aeca617de2a67cdeeb82399f622a791d46910f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ptwork-mango.com/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "66b9f0fc-80686"
age: 6734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4HLpXTNOTXJvLD%2BQs4AI1xUGiCjIXOOdQS5QUNNtNPP3okDTSUM1M80CsNIpZhE9v72Kv9TxOhCxFPRSmBA1k7jhdbv%2FWpmCgJkLRGiV5c9GDKgwSOnTUrL0mjs%2B%2BX8Xb8tmR78sc98%2B5a0D6h%2Fq"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c60b72e18336a55-EWR
accept-ranges: bytes
x-cache: HIT from shuadan1
content-length: 525958
date: Fri, 20 Sep 2024 09:16:14 GMT
content-type: image/png
last-modified: Mon, 12 Aug 2024 11:24:44 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 logo.svg
ptwork-mango.com/static/images/ 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ptwork-mango.com/static/images/logo.svg
Requested by: Host: ptwork-mango.com
URL: https://ptwork-mango.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3492f90ed59361af41566d4582f4b42fe4162e8ae4bce2240f47193ff513027e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ptwork-mango.com/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"66b9f0fc-639"
age: 6734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lQaCYEshXI3Q0yDMwytJFIgrraa18yyGbUOFB90%2FmAmAF40IVsn%2F64BMjDi3AP6vQ1FyKkRym9UgRVeo%2BtansWkwG%2BmJr9yTNpNYZEAuKZis61ZCPmtLie17J7kU28gYqWFC4A3uJtCIerFupJNQ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c60b72e48456a55-EWR
x-cache: HIT from shuadan1
date: Fri, 20 Sep 2024 09:16:14 GMT
content-type: image/svg+xml
last-modified: Mon, 12 Aug 2024 11:24:44 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 206 login.mp4
ptwork-mango.com/static/video/ 8 MB
8 MB 17ms
16ms Media
video/mp4 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ptwork-mango.com/static/video/login.mp4
Requested by: Host: ptwork-mango.com
URL: https://ptwork-mango.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92edb5c2abdd3a20be8a172952b49eec2e7233a70c1834b452d1bb898c71debd

Request headers

Referer: https://ptwork-mango.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "66b9f0fc-86e97b"
age: 6732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JX7WHugT%2Bs%2BsI9Pcym4duy71KdpvoNXF0v8xhGT%2FjPqjmJ2vXayUoRiFse81RysbDnuCUEURp0zhod3jxqAQg641T%2FEGl8OWMXnL2P23rc1nii357yec%2F%2FsXZl0v5aGnyeXJ3XRr58gLHswN3zfv"}],"group":"cf-nel","max_age":604800}
Content-Range: bytes 0-8841594/8841595
cf-ray: 8c60b73079a76a55-EWR
x-cache: HIT from shuadan1
Content-Length: 8841595
date: Fri, 20 Sep 2024 09:16:14 GMT
content-type: video/mp4
last-modified: Mon, 12 Aug 2024 11:24:44 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 favicon.ico
ptwork-mango.com/static/images/ 66 KB
3 KB 45ms
44ms Other
image/x-icon 2606:4700:3037::ac43:8b2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ptwork-mango.com/static/images/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b237261a3791d9070302f17ccd4872cfe7f0ef10cc858c0a192b341b16c19dd4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ptwork-mango.com/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"66b9f0fc-1083e"
age: 5106
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j5IMTmAX8nrXigCowEjFhlkAx5YSEPPMHMhmHe66zKcQnbHu%2FfjiGRIlGu1uTCUu5DPXkeLx8JXuD242mYKu4x%2FTOoigmSmurgczDbZOtdfOiaFFGVVYTSRLgJ215AAW%2BqzwKjMdYoGf8pR3YEDX"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c60b7330ad96a55-EWR
x-cache: HIT from shuadan1
date: Fri, 20 Sep 2024 09:16:15 GMT
content-type: image/x-icon
last-modified: Mon, 12 Aug 2024 11:24:44 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK shadow-grey.png
cdn.dcloud.net.cn/img/ 136 B
579 B 916ms
218ms Image
image/png 2408:4005:30a:4302:6218:d8d9:db29:5de0
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.dcloud.net.cn/img/shadow-grey.png
Requested by: Host: ptwork-mango.com
URL: https://ptwork-mango.com/static/index.97465e7b.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2408:4005:30a:4302:6218:d8d9:db29:5de0 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ptwork-mango.com/

Response headers

Cache-Control: max-age=7200
ETag: "5cf8b5bf-88"
Connection: close
Expires: Fri, 20 Sep 2024 11:16:18 GMT
Accept-Ranges: bytes
Content-Length: 136
Date: Fri, 20 Sep 2024 09:16:18 GMT
Content-Type: image/png
Last-Modified: Thu, 06 Jun 2019 06:42:07 GMT
Server: nginx

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ptwork-mango.com/	1970-01-20 23:41:50	Name: __cf_mw_byp Value: dMazyj7VuIYMEPB8Fn7U0.4LMws8TlzCZ0uGSmWZoOI-1726823770-0.0.1.1-/
			.dcloud.net.cn/	1970-01-21 09:16:23	Name: __uni__uid Value: 2yld4GbtPWJkR1HjbBxTAg==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ptwork-mango.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	verbose	URL: https://ptwork-mango.com/#/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.dcloud.net.cn
ptwork-mango.com
2408:4005:30a:4302:6218:d8d9:db29:5de0
2606:4700:3037::ac43:8b2d
0e00b4f8eeb0d3cb404d7c4e0b0425c3bad409971e101a4c1fcaa371c893b3a8
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
13a89c6f7a5e5b8415e255a77669e3341e2eb011a6eaaf3eae9ae40f66fbaefa
1d4e7c793194c1a0a99daba39d4bdacd9270fac31be712def727008866fcb5fe
3492f90ed59361af41566d4582f4b42fe4162e8ae4bce2240f47193ff513027e
3f1f01434ce570efcde04d4f1952150cb6210ad567c9fced0ba00a550800c796
7878cc38e6e822e35b8da84b12aeca617de2a67cdeeb82399f622a791d46910f
7c9ccb37ac13ccacd4c280a69b737ef0de845900505543da5e1bd026e86b63d0
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
92edb5c2abdd3a20be8a172952b49eec2e7233a70c1834b452d1bb898c71debd
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
b237261a3791d9070302f17ccd4872cfe7f0ef10cc858c0a192b341b16c19dd4
b268cfc5b8632caf77d97f4c1467209526371066205ebea0c58488026ba4a729
b5a70405e016e13acb6431906f33988127f4e18a66fedda6164ffd725e33775d
bd7811ddbf5961b0b48c7ad82cbce85a2ab91ce51eef6e57a7dc0ab056c7303d
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e88f0dc91d47be5c9509cc91b682347a4629b8e692e484ccd6117b5ec8f1f3cd
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f285124f58db38d7c0245480f2422228e2b93124b61386fe7985aace75235e40
f6789ee8a50f44f18ba717956bd34c4cd17b1d658443e92408976907b83a0242

ptwork-mango.com Open in urlscan Pro 2606:4700:3037::ac43:8b2d Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

21 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

9722 kBTransfer

10990 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

2 Cookies

2 Console Messages

Security Headers

Indicators

ptwork-mango.com Open in urlscan Pro
2606:4700:3037::ac43:8b2d Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

9722 kB
Transfer

10990 kB
Size

2
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!