bramdansuperot.pages.dev
Open in
urlscan Pro
2a06:98c1:3121::3
Malicious Activity!
Public Scan
Effective URL: https://bramdansuperot.pages.dev/
Submission: On July 17 via manual from SA — Scanned from DE
Summary
TLS certificate: Issued by WE1 on June 28th 2024. Valid for: 3 months.
This is the only time bramdansuperot.pages.dev was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 107.180.113.22 107.180.113.22 | 398101 (GO-DADDY-...) (GO-DADDY-COM-LLC) | |
1 1 | 67.199.248.10 67.199.248.10 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 2606:4700:310... 2606:4700:310c::ac42:2fc9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 72.167.56.14 72.167.56.14 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
1 | 199.232.196.193 199.232.196.193 | 54113 (FASTLY) (FASTLY) | |
5 | 199.232.192.193 199.232.192.193 | 54113 (FASTLY) (FASTLY) | |
1 8 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
25 | 7 |
ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 22.113.180.107.host.secureserver.net
vrapd.xyz |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 14.56.167.72.host.secureserver.net
oresk.xyz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
pages.dev
1 redirects
od-img.pages.dev poramdansupermar2.pages.dev Failed bramdansuperot.pages.dev |
23 KB |
6 |
imgur.com
i.imgur.com — Cisco Umbrella Rank: 7108 |
683 KB |
2 |
vrapd.xyz
1 redirects
vrapd.xyz |
865 B |
1 |
oresk.xyz
oresk.xyz |
3 KB |
1 |
bit.ly
1 redirects
bit.ly — Cisco Umbrella Rank: 6373 |
434 B |
25 | 5 |
Domain | Requested by | |
---|---|---|
8 | bramdansuperot.pages.dev |
1 redirects
oresk.xyz
bramdansuperot.pages.dev |
6 | i.imgur.com |
oresk.xyz
|
2 | vrapd.xyz | 1 redirects |
1 | oresk.xyz |
oresk.xyz
|
1 | od-img.pages.dev |
vrapd.xyz
oresk.xyz |
1 | bit.ly | 1 redirects |
0 | poramdansupermar2.pages.dev Failed |
oresk.xyz
|
25 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.cloudflare.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
vrapd.xyz R10 |
2024-07-17 - 2024-10-15 |
3 months | crt.sh |
webdisk.oresk.xyz R10 |
2024-06-13 - 2024-09-11 |
3 months | crt.sh |
*.imgur.com Sectigo RSA Domain Validation Secure Server CA |
2024-02-15 - 2025-02-14 |
a year | crt.sh |
bramdansuperot.pages.dev WE1 |
2024-06-28 - 2024-09-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bramdansuperot.pages.dev/
Frame ID: 5A24B6E22F3545674C3B686AB0DBD199
Requests: 25 HTTP requests in this frame
Screenshot
Page Title
Worker threw exception | bramdansuperot.pages.dev | CloudflarePage URL History Show full URLs
-
https://vrapd.xyz/othaims-gifts
HTTP 301
https://vrapd.xyz/othaims-gifts/ Page URL
- https://oresk.xyz/othaims-anniversary/ Page URL
- https://bramdansuperot.pages.dev/ Page URL
-
https://bramdansuperot.pages.dev/cdn-cgi/phish-bypass?atok=WxWfVqxpWN4eu3cV9JkbxF.pWNwQ4LdveaNEJ3v9zy8-172123...
HTTP 301
https://bramdansuperot.pages.dev/ Page URL
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Cloudflare
Search URL Search Domain Scan URL
Title: login to Cloudflare
Search URL Search Domain Scan URL
Title: Cloudflare
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://vrapd.xyz/othaims-gifts
HTTP 301
https://vrapd.xyz/othaims-gifts/ Page URL
- https://oresk.xyz/othaims-anniversary/ Page URL
- https://bramdansuperot.pages.dev/ Page URL
-
https://bramdansuperot.pages.dev/cdn-cgi/phish-bypass?atok=WxWfVqxpWN4eu3cV9JkbxF.pWNwQ4LdveaNEJ3v9zy8-1721234846-0.0.1.1-%2F
HTTP 301
https://bramdansuperot.pages.dev/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://vrapd.xyz/othaims-gifts HTTP 301
- https://vrapd.xyz/othaims-gifts/
- https://bit.ly/4cUjj6M HTTP 301
- https://od-img.pages.dev/ic.png?OthaimNew39
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
vrapd.xyz/othaims-gifts/ Redirect Chain
|
1004 B 514 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ic.png
od-img.pages.dev/ Redirect Chain
|
73 B 592 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
oresk.xyz/othaims-anniversary/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OEytDrP.jpeg
i.imgur.com/ |
17 KB 18 KB |
Other
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.css
poramdansupermar2.pages.dev/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.css
poramdansupermar2.pages.dev/css/landers/survey-pick-a-box/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1fQ9sIT.png
i.imgur.com/ |
76 KB 76 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iA4hj7u.jpeg
i.imgur.com/ |
214 KB 214 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fmZLKXU.png
i.imgur.com/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IydMRJT.png
i.imgur.com/ |
341 KB 341 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zCO3qy2.png
i.imgur.com/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
true.png
od-img.pages.dev/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
XxiCuSd.jpeg
i.imgur.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
checked.png
poramdansupermar2.pages.dev/img/landers/survey-pick-a-box/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
spinner.gif
poramdansupermar2.pages.dev/img/landers/survey-pick-a-box/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.js
poramdansupermar2.pages.dev/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app.js
poramdansupermar2.pages.dev/js/landers/survey-pick-a-box/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
p.js
oresk.xyz/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
bramdansuperot.pages.dev/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
bramdansuperot.pages.dev/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
bramdansuperot.pages.dev/cdn-cgi/images/ |
452 B 635 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
bramdansuperot.pages.dev/ |
4 KB 5 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
/
bramdansuperot.pages.dev/ Redirect Chain
|
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
bramdansuperot.pages.dev/cdn-cgi/styles/ |
23 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
bramdansuperot.pages.dev/ |
4 KB 5 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- poramdansupermar2.pages.dev
- URL
- https://poramdansupermar2.pages.dev/css/app.css?id=2fbe2d9a9a40ca9b2489
- Domain
- poramdansupermar2.pages.dev
- URL
- https://poramdansupermar2.pages.dev/css/landers/survey-pick-a-box/app.css?id=cfc27b22c2dc71691640
- Domain
- od-img.pages.dev
- URL
- https://od-img.pages.dev/true.png
- Domain
- i.imgur.com
- URL
- https://i.imgur.com/XxiCuSd.jpeg
- Domain
- poramdansupermar2.pages.dev
- URL
- https://poramdansupermar2.pages.dev/img/landers/survey-pick-a-box/checked.png
- Domain
- poramdansupermar2.pages.dev
- URL
- https://poramdansupermar2.pages.dev/img/landers/survey-pick-a-box/spinner.gif
- Domain
- poramdansupermar2.pages.dev
- URL
- https://poramdansupermar2.pages.dev/js/app.js?id=d41d8cd98f00b204e980
- Domain
- poramdansupermar2.pages.dev
- URL
- https://poramdansupermar2.pages.dev/js/landers/survey-pick-a-box/app.js?id=17138759790b445ece6b
- Domain
- oresk.xyz
- URL
- https://oresk.xyz/p.js?f=sync&lr=1&partner=6ead5f0c5ddb6c1d33a3179db69d52f2ab5ba8ceb41f0306c27032933ca3b3f3
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _cf_translation1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bramdansuperot.pages.dev/ | Name: __cf_mw_byp Value: WxWfVqxpWN4eu3cV9JkbxF.pWNwQ4LdveaNEJ3v9zy8-1721234846-0.0.1.1-/ |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bit.ly
bramdansuperot.pages.dev
i.imgur.com
od-img.pages.dev
oresk.xyz
poramdansupermar2.pages.dev
vrapd.xyz
i.imgur.com
od-img.pages.dev
oresk.xyz
poramdansupermar2.pages.dev
107.180.113.22
199.232.192.193
199.232.196.193
2606:4700:310c::ac42:2fc9
2a06:98c1:3121::3
67.199.248.10
72.167.56.14
11bc7aad286eae20dddeb503f016e7ccf407d6627d46a05fb630c5a362aaf6c4
6ab47ea26e0d84f76101d1af85d81349a5a6b62cefb544b5c3bb76780c936e5f
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
bad62605d40538e2eabbc7640aa3d32c424cea2eca865151bd5e9e01af326c4b
ddfd9229bbcec545d1b33a7df9408958bb378c6347901fa6a674f4745320c6d2
f11d1dec92d2591b274b2add1e247ea9d9a8021cfb6ade17a10f748a8398c939
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016