case-1129869.pagesprotect.com Open in urlscan Pro
203.205.10.134  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request inbox Show response case-1129869.pagesprotect.com/	179 KB 39 KB	2462ms 696ms	Document text/html	203.205.10.134 CMCTELECOM-AS-VN ...
General Check archive.org Show headers Download Go to Full URL https://case-1129869.pagesprotect.com/inbox Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 203.205.10.134 Ho Chi Minh City, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN), Reverse DNS static.cmcti.vn Software openresty/1.19.3.2 / Resource Hash 5e88cd4184521e32fca74066d5ea79e1226b6ecd9ddd1f381dddca9a94b5e420 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers access-control-allow-origin * cache-control max-age=0, private, must-revalidate content-encoding gzip content-length 39665 content-type text/html; charset=utf-8 date Wed, 12 Jun 2024 13:44:00 GMT server openresty/1.19.3.2 vary accept-encoding x-request-id F9hFpsYF5E5yngpCR7Bh
GET H2	200	address.84.min.js Show response case-1129869.pagesprotect.com/address_wc/	438 KB 87 KB	736ms 735ms	Script application/javascript	203.205.10.134 CMCTELECOM-AS-VN ...
General Check archive.org Show headers Download Go to Full URL https://case-1129869.pagesprotect.com/address_wc/address.84.min.js?v=1 Requested by Host: case-1129869.pagesprotect.com URL: https://case-1129869.pagesprotect.com/inbox Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 203.205.10.134 Ho Chi Minh City, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN), Reverse DNS static.cmcti.vn Software openresty/1.19.3.2 / Resource Hash eb391c914c6c4ee5aa01ae03eaddf7d09acad25535a9f2cb31da425f347fd065 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://case-1129869.pagesprotect.com/inbox User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 12 Jun 2024 13:44:01 GMT content-encoding gzip server openresty/1.19.3.2 etag "140C888" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 89268 service-worker-allowed /
GET H2	200	0f54fd0c168f20fb496755ce4a6857a57446dbdad9310bfc1d79fcb8.png content.pancake.vn/1/s400x350/fwebp/d9/61/15/05/	932 B 1 KB	1459ms 713ms	Image image/webp	113.20.119.28 CMCTELECOM-AS-VN ...
General Check archive.org Show headers Download Go to Show image Full URL https://content.pancake.vn/1/s400x350/fwebp/d9/61/15/05/0f54fd0c168f20fb496755ce4a6857a57446dbdad9310bfc1d79fcb8.png Requested by Host: case-1129869.pagesprotect.com URL: https://case-1129869.pagesprotect.com/inbox Protocol H2 Security TLS 1.3, , AES_256_GCM Server 113.20.119.28 Hanoi, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN), Reverse DNS static.cmcti.vn Software nginx/1.18.0 / Resource Hash d40f7efc8472e0e5b32797837f78fbec6890dee54ca1163d9708736422b1215d Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://case-1129869.pagesprotect.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 12 Jun 2024 13:44:01 GMT server nginx/1.18.0 etag 0f54fd0c168f20fb496755ce4a6857a57446dbdad9310bfc1d79fcb8.png content-type image/webp access-control-allow-origin * access-control-expose-headers cache-control public, max-age=2505600 access-control-allow-credentials true accept-ranges bytes content-length 932
GET DATA	200 OK	truncated /	703 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 90fbfd58317619e82d3f221f57c9709261205579d6ae7b604db4c71b7431dcb8 Request headers Referer Origin https://case-1129869.pagesprotect.com Accept-Language it-IT,it;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/svg+xml
GET H2	200	f7a4690e47d372ab1164645002788333f7eddad532c626364ee15a6f.png content.pancake.vn/1/s2550x500/fwebp/87/c4/80/66/	25 KB 25 KB	1193ms 450ms	Image image/webp	113.20.119.28 CMCTELECOM-AS-VN ...
General Check archive.org Show headers Download Go to Show image Full URL https://content.pancake.vn/1/s2550x500/fwebp/87/c4/80/66/f7a4690e47d372ab1164645002788333f7eddad532c626364ee15a6f.png Requested by Host: case-1129869.pagesprotect.com URL: https://case-1129869.pagesprotect.com/inbox Protocol H2 Security TLS 1.3, , AES_256_GCM Server 113.20.119.28 Hanoi, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN), Reverse DNS static.cmcti.vn Software nginx/1.18.0 / Resource Hash b21d0f447e1d32e956ea227ff55c08054ed46fc96b319c46b90f7e966d13fa00 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://case-1129869.pagesprotect.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 12 Jun 2024 13:44:01 GMT server nginx/1.18.0 etag f7a4690e47d372ab1164645002788333f7eddad532c626364ee15a6f.png content-type image/webp access-control-allow-origin * access-control-expose-headers cache-control public, max-age=2505600 access-control-allow-credentials true accept-ranges bytes content-length 25822
GET DATA	200 OK	truncated /	34 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	294 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5a80613afb217840048d21a68193503b10bef8a5f24f391c785a98a3b3905925 Request headers Referer Origin https://case-1129869.pagesprotect.com Accept-Language it-IT,it;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/svg+xml
GET H2	200	css fonts.googleapis.com/	42 KB 3 KB	722ms 90ms	Stylesheet text/css	142.250.186.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900|Libre%20Franklin:100,300,400,700,900|Barlow:100,300,400,700,900|Heebo:100,300,400,700,900&display=swap Requested by Host: case-1129869.pagesprotect.com URL: https://case-1129869.pagesprotect.com/inbox Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f10.1e100.net Software ESF / Resource Hash 88ef3cf50f97be7e38116278799146fc4bf57449195bf7689708424ff8a2908e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://case-1129869.pagesprotect.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000 date Wed, 12 Jun 2024 13:44:02 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Wed, 12 Jun 2024 13:44:02 GMT
GET H2	200	animatev4.css api.webcake.io/animate/	98 KB 7 KB	991ms 329ms	Stylesheet text/css	113.20.119.13 CMCTELECOM-AS-VN ...
General Check archive.org Show headers Download Go to Full URL https://api.webcake.io/animate/animatev4.css?v=1 Requested by Host: case-1129869.pagesprotect.com URL: https://case-1129869.pagesprotect.com/inbox Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 113.20.119.13 Hanoi, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN), Reverse DNS static.cmcti.vn Software openresty/1.15.8.2 / Resource Hash 5a0a021a59ca4c7381a7fc358ba5572400b1a9f47aee1bcb2d520f218991f447 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://case-1129869.pagesprotect.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 12 Jun 2024 13:44:02 GMT content-encoding gzip server openresty/1.15.8.2 etag "306F7DC" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 accept-ranges bytes content-length 6707 service-worker-allowed /
GET H2	200	iconfont.css api.webcake.io/render_iconfont/	654 B 489 B	991ms 330ms	Stylesheet text/css	113.20.119.13 CMCTELECOM-AS-VN ...
General Check archive.org Show headers Download Go to Full URL https://api.webcake.io/render_iconfont/iconfont.css?v=1 Requested by Host: case-1129869.pagesprotect.com URL: https://case-1129869.pagesprotect.com/inbox Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 113.20.119.13 Hanoi, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN), Reverse DNS static.cmcti.vn Software openresty/1.15.8.2 / Resource Hash a7f565be47dcd36f197bdb273b3cdd06ac2ac12e7b7d44ac089f6461f9fe2394 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://case-1129869.pagesprotect.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 12 Jun 2024 13:44:02 GMT content-encoding gzip server openresty/1.15.8.2 etag "75B85FC" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 accept-ranges bytes content-length 302 service-worker-allowed /
GET H2	200	bdb12052-db2c-44e8-a900-b830f25d7c6d Show response case-1129869.pagesprotect.com/webcake/v4/	402 KB 112 KB	809ms 809ms	Script text/plain	203.205.10.134 CMCTELECOM-AS-VN ...
General Check archive.org Show headers Download Go to Full URL https://case-1129869.pagesprotect.com/webcake/v4/bdb12052-db2c-44e8-a900-b830f25d7c6d Requested by Host: case-1129869.pagesprotect.com URL: https://case-1129869.pagesprotect.com/inbox Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 203.205.10.134 Ho Chi Minh City, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN), Reverse DNS static.cmcti.vn Software openresty/1.19.3.2 / Resource Hash 9b22eb36264a6f04ff0a24f8bcdfabaf2b6a7319a581bbd8310da914f073fb25 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://case-1129869.pagesprotect.com/inbox User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 12 Jun 2024 13:44:01 GMT content-encoding gzip server openresty/1.19.3.2 vary accept-encoding access-control-allow-origin * cache-control max-age=0, private, must-revalidate content-length 114747 x-request-id F9hFpxiStQvXCKccFZdj
GET H2	200	page_view.gif case-1129869.pagesprotect.com/	35 B 196 B	809ms 808ms	Image image/gif	203.205.10.134 CMCTELECOM-AS-VN ...
General Check archive.org Show headers Download Go to Show image Full URL https://case-1129869.pagesprotect.com/page_view.gif?pid=7b44750a-9618-4f05-bbd4-a82e6e1991b9 Requested by Host: case-1129869.pagesprotect.com URL: https://case-1129869.pagesprotect.com/inbox Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 203.205.10.134 Ho Chi Minh City, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN), Reverse DNS static.cmcti.vn Software openresty/1.19.3.2 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://case-1129869.pagesprotect.com/inbox User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers access-control-allow-origin * date Wed, 12 Jun 2024 13:44:01 GMT cache-control max-age=0, private, must-revalidate server openresty/1.19.3.2 content-length 35 x-request-id F9hFpxiSlpz5FJUFH58D content-type image/gif
GET H2	200	KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 fonts.gstatic.com/s/roboto/v30/	11 KB 11 KB	785ms 200ms	Font font/woff2	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900|Libre%20Franklin:100,300,400,700,900|Barlow:100,300,400,700,900|Heebo:100,300,400,700,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f3.1e100.net Software sffe / Resource Hash 796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://case-1129869.pagesprotect.com Accept-Language it-IT,it;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Tue, 11 Jun 2024 17:36:33 GMT x-content-type-options nosniff age 72450 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11028 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:50 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 11 Jun 2025 17:36:33 GMT
GET H2	200	jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2 fonts.gstatic.com/s/librefranklin/v14/	28 KB 28 KB	1181ms 596ms	Font font/woff2	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900|Libre%20Franklin:100,300,400,700,900|Barlow:100,300,400,700,900|Heebo:100,300,400,700,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f3.1e100.net Software sffe / Resource Hash a6f29d613fb5f0601de883f702315997e45fe3740c8beb351cb50533a9439257 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://case-1129869.pagesprotect.com Accept-Language it-IT,it;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Tue, 11 Jun 2024 04:39:14 GMT x-content-type-options nosniff age 119089 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28220 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:23:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 11 Jun 2025 04:39:14 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 fonts.gstatic.com/s/roboto/v30/	11 KB 11 KB	664ms 80ms	Font font/woff2	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900|Libre%20Franklin:100,300,400,700,900|Barlow:100,300,400,700,900|Heebo:100,300,400,700,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f3.1e100.net Software sffe / Resource Hash 0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://case-1129869.pagesprotect.com Accept-Language it-IT,it;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Tue, 11 Jun 2024 08:16:56 GMT x-content-type-options nosniff age 106027 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11040 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 11 Jun 2025 08:16:56 GMT
GET H2	200	7cHqv4kjgoGqM7E3t-4s51ostz0rdg.woff2 fonts.gstatic.com/s/barlow/v12/	14 KB 15 KB	1193ms 609ms	Font font/woff2	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51ostz0rdg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900|Libre%20Franklin:100,300,400,700,900|Barlow:100,300,400,700,900|Heebo:100,300,400,700,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f3.1e100.net Software sffe / Resource Hash cb474dc9b3e75c8ec335bab847cb29ec7e89da057ad068abdb99da4585366c8c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://case-1129869.pagesprotect.com Accept-Language it-IT,it;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Tue, 11 Jun 2024 08:23:01 GMT x-content-type-options nosniff age 105662 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14784 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:13:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 11 Jun 2025 08:23:01 GMT
GET H2	200	NGS6v5_NC0k9P9H2TbFhsqMA.woff2 fonts.gstatic.com/s/heebo/v26/	29 KB 30 KB	847ms 263ms	Font font/woff2	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbFhsqMA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900|Libre%20Franklin:100,300,400,700,900|Barlow:100,300,400,700,900|Heebo:100,300,400,700,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f3.1e100.net Software sffe / Resource Hash a1385d445abb408f6ca576479c86314449111bfe8cf9f477ed9bbb4ae0dba493 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://case-1129869.pagesprotect.com Accept-Language it-IT,it;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Tue, 11 Jun 2024 12:02:06 GMT x-content-type-options nosniff age 92517 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30148 x-xss-protection 0 last-modified Wed, 31 Jan 2024 23:10:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 11 Jun 2025 12:02:06 GMT
GET H2	200	7b44750a-9618-4f05-bbd4-a82e6e1991b9 Show response case-1129869.pagesprotect.com/sync/	65 B 241 B	877ms 876ms	XHR application/json	203.205.10.134 CMCTELECOM-AS-VN ...
General Check archive.org Show headers Download Go to Full URL https://case-1129869.pagesprotect.com/sync/7b44750a-9618-4f05-bbd4-a82e6e1991b9 Requested by Host: case-1129869.pagesprotect.com URL: https://case-1129869.pagesprotect.com/webcake/v4/bdb12052-db2c-44e8-a900-b830f25d7c6d Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 203.205.10.134 Ho Chi Minh City, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN), Reverse DNS static.cmcti.vn Software openresty/1.19.3.2 / Resource Hash 3f2075ae1e3ca7261c17558ee154020f661b4a3aa4422a2ced569d52df3cd141 Request headers Accept application/json, text/plain, */* Referer https://case-1129869.pagesprotect.com/inbox Accept-Language it-IT,it;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers access-control-allow-origin * date Wed, 12 Jun 2024 13:44:04 GMT cache-control max-age=0, private, must-revalidate server openresty/1.19.3.2 content-length 65 x-request-id F9hFp9N-sgGRPZ4E78jk content-type application/json; charset=utf-8
GET H2	200	app.js Show response a.pancake.vn/js/	5 KB 5 KB	1297ms 408ms	Script text/javascript	113.20.119.13 CMCTELECOM-AS-VN ...
General Check archive.org Show headers Download Go to Full URL https://a.pancake.vn/js/app.js?vsn=d Requested by Host: case-1129869.pagesprotect.com URL: https://case-1129869.pagesprotect.com/inbox Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 113.20.119.13 Hanoi, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN), Reverse DNS static.cmcti.vn Software openresty/1.15.8.2 / Resource Hash 74b62bbff4866e7a99770a845517c37ae2f1315f850b48028c1697038cb58c7f Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://case-1129869.pagesprotect.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 12 Jun 2024 13:44:05 GMT cache-control public, max-age=31536000 server openresty/1.15.8.2 accept-ranges bytes content-length 4869 content-type text/javascript
GET DATA	200 OK	truncated /	266 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/svg+xml
GET H2	200	collect a.pancake.vn/	35 B 320 B	348ms 347ms	Image image/gif	113.20.119.13 CMCTELECOM-AS-VN ...
General Check archive.org Show headers Download Go to Show image Full URL https://a.pancake.vn/collect?dl=https%3A%2F%2Fcase-1129869.pagesprotect.com%2Finbox&hn=case-1129869.pagesprotect.com&sc=https%3A&sr=1600x1200&vp=1600x1838&dt=Meta%20Help%20Bussiness&tid=ab-lp-7b44750a-9618-4f05-bbd4-a82e6e1991b9&ts=1718199846059&_v=2.0&fr=&_aba=CPA2.1718199846058.3.b47d3b8f-7e09-4396-82dc-3e5a8c6dac9b&_abd=CPD2.1718199846059.3.2eb99e44-af5b-43f7-a48d-29246ba29d2f&_abt=CPT2.1718199846059.3.a42c5d04-555e-4e1f-9c89-a238810b230d&campaign_id=null&campaign_variant_id=null Requested by Host: case-1129869.pagesprotect.com URL: https://case-1129869.pagesprotect.com/inbox Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 113.20.119.13 Hanoi, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN), Reverse DNS static.cmcti.vn Software openresty/1.15.8.2 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://case-1129869.pagesprotect.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 12 Jun 2024 13:44:06 GMT x-content-type-options nosniff server openresty/1.15.8.2 x-permitted-cross-domain-policies none cross-origin-window-policy deny x-download-options noopen x-frame-options SAMEORIGIN content-type image/gif cache-control max-age=0, private, must-revalidate content-length 35 x-xss-protection 1; mode=block x-request-id F9hFqB24pVoQJJeDTjED
GET H2	200	favicon.ico case-1129869.pagesprotect.com/	1 KB 1 KB	456ms 455ms	Other image/vnd.microsoft.icon	203.205.10.134 CMCTELECOM-AS-VN ...
General Check archive.org Show headers Download Go to Full URL https://case-1129869.pagesprotect.com/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 203.205.10.134 Ho Chi Minh City, Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN), Reverse DNS static.cmcti.vn Software openresty/1.19.3.2 / Resource Hash e06a6c458f688f37c973dab200f36a38ff15c59d9306e886bdc3e6967f780690 Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://case-1129869.pagesprotect.com/inbox User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 12 Jun 2024 13:44:06 GMT server openresty/1.19.3.2 etag "626D63C" vary Accept-Encoding content-type image/vnd.microsoft.icon access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 1258 service-worker-allowed /

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| DISPLAY boolean| is_support_webp object| event_data object| gtracks string| gga string| ggt string| ggads string| pageViewConverID string| viewContentConverID object| regeneratorRuntime function| handleFBEventType function| handleTiktokEventType function| handleFBCustomTracking function| handleEventCustom function| gtag object| webcake object| MARK object| WebcakeScript function| onYouTubeIframeAPIReady object| popupBackdrop function| ab undefined| isActiveCart object| sync undefined| pos_promotions object| $syncVariations object| $discounts object| WebcakeAddresses boolean| ab_pv_event_fired

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			case-1129869.pagesprotect.com/	1969-12-31 23:59:59	Name: _p_session_id Value: b53c411d-f913-4b60-bd4b-c2b76e322a17
			case-1129869.pagesprotect.com/	1970-01-21 06:02:15	Name: _aba Value: CPA2.1718199846058.3.b47d3b8f-7e09-4396-82dc-3e5a8c6dac9b
			case-1129869.pagesprotect.com/	1970-01-20 21:18:06	Name: _abd Value: CPD2.1718199846059.3.2eb99e44-af5b-43f7-a48d-29246ba29d2f
			case-1129869.pagesprotect.com/	1970-01-20 21:16:39	Name: _abt Value: CPT2.1718199846059.3.a42c5d04-555e-4e1f-9c89-a238810b230d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pancake.vn
api.webcake.io
case-1129869.pagesprotect.com
content.pancake.vn
fonts.googleapis.com
fonts.gstatic.com
113.20.119.13
113.20.119.28
142.250.186.106
172.217.18.3
203.205.10.134
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
3f2075ae1e3ca7261c17558ee154020f661b4a3aa4422a2ced569d52df3cd141
5a0a021a59ca4c7381a7fc358ba5572400b1a9f47aee1bcb2d520f218991f447
5a80613afb217840048d21a68193503b10bef8a5f24f391c785a98a3b3905925
5e88cd4184521e32fca74066d5ea79e1226b6ecd9ddd1f381dddca9a94b5e420
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
74b62bbff4866e7a99770a845517c37ae2f1315f850b48028c1697038cb58c7f
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88ef3cf50f97be7e38116278799146fc4bf57449195bf7689708424ff8a2908e
90fbfd58317619e82d3f221f57c9709261205579d6ae7b604db4c71b7431dcb8
9b22eb36264a6f04ff0a24f8bcdfabaf2b6a7319a581bbd8310da914f073fb25
a1385d445abb408f6ca576479c86314449111bfe8cf9f477ed9bbb4ae0dba493
a6f29d613fb5f0601de883f702315997e45fe3740c8beb351cb50533a9439257
a7f565be47dcd36f197bdb273b3cdd06ac2ac12e7b7d44ac089f6461f9fe2394
b21d0f447e1d32e956ea227ff55c08054ed46fc96b319c46b90f7e966d13fa00
cb474dc9b3e75c8ec335bab847cb29ec7e89da057ad068abdb99da4585366c8c
d40f7efc8472e0e5b32797837f78fbec6890dee54ca1163d9708736422b1215d
e06a6c458f688f37c973dab200f36a38ff15c59d9306e886bdc3e6967f780690
eb391c914c6c4ee5aa01ae03eaddf7d09acad25535a9f2cb31da425f347fd065