pandashellhole.com
Open in
urlscan Pro
172.67.181.104
Malicious Activity!
Public Scan
Effective URL: https://pandashellhole.com/
Submission: On December 10 via api from US — Scanned from US
Summary
TLS certificate: Issued by WE1 on November 23rd 2024. Valid for: 3 months.
This is the only time pandashellhole.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPal (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 172.67.181.104 172.67.181.104 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.251.35.170 142.251.35.170 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.251.40.227 142.251.40.227 | 15169 (GOOGLE) (GOOGLE) | |
2 | 104.17.248.203 104.17.248.203 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
23 | 4 |
ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
pandashellhole.com
pandashellhole.com |
3 MB |
2 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 740 |
313 KB |
1 |
gstatic.com
fonts.gstatic.com |
19 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29 |
1 KB |
23 | 4 |
Domain | Requested by | |
---|---|---|
19 | pandashellhole.com |
pandashellhole.com
|
2 | unpkg.com |
pandashellhole.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
pandashellhole.com
|
23 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
github.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
pandashellhole.com WE1 |
2024-11-23 - 2025-02-21 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-11-04 - 2025-01-27 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-11-04 - 2025-01-27 |
3 months | crt.sh |
unpkg.com WE1 |
2024-11-23 - 2025-02-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://pandashellhole.com/
Frame ID: C3F893C7AF649DAD0520DC5239E3E391
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
Pandas hell holePage URL History Show full URLs
-
http://pandashellhole.com/
HTTP 307
https://pandashellhole.com/ Page URL
Detected technologies
three.js (JavaScript Graphics) ExpandDetected patterns
- three(?:\.min)?\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: v1.3.0
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://pandashellhole.com/
HTTP 307
https://pandashellhole.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
pandashellhole.com/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generic.css
pandashellhole.com/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
pandashellhole.com/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
three.js
pandashellhole.com/scripts/ |
1 MB 244 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
threex.domevents.js
pandashellhole.com/scripts/ |
16 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visuals.js
pandashellhole.com/scripts/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
pandashellhole.com/scripts/ |
522 B 813 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instagram_logo.svg
pandashellhole.com/resources/logos/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtube_logo.svg
pandashellhole.com/resources/logos/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter.svg
pandashellhole.com/resources/logos/ |
308 B 849 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kofi_logo.svg
pandashellhole.com/resources/logos/ |
840 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
paypal_logo.svg
pandashellhole.com/resources/logos/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
github_logo.svg
pandashellhole.com/resources/logos/ |
960 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modrinth_logo.svg
pandashellhole.com/resources/logos/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
curseforge_logo.svg
pandashellhole.com/resources/logos/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clang.gif
pandashellhole.com/resources/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ |
18 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pop.mp3
pandashellhole.com/resources/ |
1 KB 2 KB |
Media
audio/mp3 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
helper.js
pandashellhole.com/scripts/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OrbitControls.js
unpkg.com/three@0.119.1/examples/jsm/controls/ |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
three.module.js
unpkg.com/three@0.119.1/build/ |
1 MB 305 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon.png
pandashellhole.com/ |
138 KB 139 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPal (Financial)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| THREE string| __THREE__ object| THREEx function| openTab function| openPage function| hideModList function| showModsList0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
pandashellhole.com
unpkg.com
104.17.248.203
142.251.35.170
142.251.40.227
172.67.181.104
14e5a18e445f7e896a9c99b7b63abb47b838d42635a4621efbdcb412509b0af6
1f24433c0422a6e791b0f66b6a57fb7ade4d851528a8f8fba02c3b42bc94ad82
39cceeb4d3fee6fb11771a8910662c0240d043bd56dd09fb8b122a032e552204
43ff35529211df7c6b881a24a91c33b3fa17232eb3cf79edbaadae6ff0c47964
4835431ef6204d6473f21172f94deb131e8a0aab75367bda679c1a71443ede9b
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4df584103127051e91ac3bd31b3c33c6bbaab44cb33de0304164f4bb5884021a
6913ecaa46113941befd01bd983ac129de0f5fad9a114c8ba0b3a8547518156d
76bd85e2dceb089611fc18115f097e72f6790dd83ef2a462a8ee0570bc084579
7cc6012f5a5ab1b73b2ea693bfdf2b456a36eabb2775d5bf523e7fdfcb6f1c14
82e4c472aa3d6ab36b37d53a92dbe23c165b128f76d68a0de78be0a450ba026a
8544c4ebcad07d37f8dc15cdd07ef4558406046d9366218c48c7fcaf1ef5ed76
8ba91b1fccf190c9a55233876ada5d573b8c0cd13c6fb18b69f27aa27445a2b9
8f620ef60065351616e180a9a8df58bcb263997fecead84f4898c868950daecd
930292e369a2b14e9d98f46d53f8c86077d2631f7b57b1cfd5c5adbf47c7429d
99106395af41a4154d8482aa9d5c0921e7aad7171540e8333a39441085e9c689
ccabf478f4d5d935abb6565e6447bb15235a98b66280e8a7591627ebba6e994d
d6ddae289826f7e8bdb262d8b764eaa77ce5b4de2e132bc53d08b2e4c7eacc28
dfbdf7b4fcad88cc80f83088416bd88f82352efdcae24643e9caf9c907aab247
e15287eb54b642d4f98fd5a4c104218955baa21a22fbcb2a59d74efacc40ed51
e39acf1ebcae8cf969a6b92483162d71c4a86e1e34fe7b6ef053a0a9a554016a
f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5
fab00c2d598c56cb4838603981b66e3490ebe27ea56fb188120a7e6d4ca46970