case-1129869.pagesprotect.com
Open in
urlscan Pro
203.205.10.134
Malicious Activity!
Public Scan
Submission: On June 12 via api from US — Scanned from IT
Summary
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on June 11th 2024. Valid for: 3 months.
This is the only time case-1129869.pagesprotect.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 203.205.10.134 203.205.10.134 | 45903 (CMCTELECO...) (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company) | |
2 | 113.20.119.28 113.20.119.28 | 45903 (CMCTELECO...) (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company) | |
1 | 142.250.186.106 142.250.186.106 | 15169 (GOOGLE) (GOOGLE) | |
4 | 113.20.119.13 113.20.119.13 | 45903 (CMCTELECO...) (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company) | |
5 | 172.217.18.3 172.217.18.3 | 15169 (GOOGLE) (GOOGLE) | |
18 | 6 |
ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN)
PTR: static.cmcti.vn
case-1129869.pagesprotect.com |
ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN)
PTR: static.cmcti.vn
content.pancake.vn |
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
fonts.googleapis.com |
ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN)
PTR: static.cmcti.vn
api.webcake.io | |
a.pancake.vn |
ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
pagesprotect.com
case-1129869.pagesprotect.com |
241 KB |
5 |
gstatic.com
fonts.gstatic.com |
94 KB |
4 |
pancake.vn
content.pancake.vn — Cisco Umbrella Rank: 178450 a.pancake.vn — Cisco Umbrella Rank: 311558 |
32 KB |
2 |
webcake.io
api.webcake.io — Cisco Umbrella Rank: 367013 |
7 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77 |
3 KB |
18 | 5 |
Domain | Requested by | |
---|---|---|
6 | case-1129869.pagesprotect.com |
case-1129869.pagesprotect.com
|
5 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | a.pancake.vn |
case-1129869.pagesprotect.com
|
2 | api.webcake.io |
case-1129869.pagesprotect.com
|
2 | content.pancake.vn |
case-1129869.pagesprotect.com
|
1 | fonts.googleapis.com |
case-1129869.pagesprotect.com
|
18 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
case-1129869.pagesprotect.com ZeroSSL ECC Domain Secure Site CA |
2024-06-11 - 2024-09-09 |
3 months | crt.sh |
*.pancake.vn Sectigo RSA Domain Validation Secure Server CA |
2023-07-10 - 2024-07-12 |
a year | crt.sh |
upload.video.google.com WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
*.webcake.io Sectigo RSA Domain Validation Secure Server CA |
2023-09-29 - 2024-10-01 |
a year | crt.sh |
*.gstatic.com WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://case-1129869.pagesprotect.com/inbox
Frame ID: CE8E88292B984204CE9A1B5BD3347A1A
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
Meta Help BussinessDetected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
inbox
case-1129869.pagesprotect.com/ |
179 KB 39 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
address.84.min.js
case-1129869.pagesprotect.com/address_wc/ |
438 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0f54fd0c168f20fb496755ce4a6857a57446dbdad9310bfc1d79fcb8.png
content.pancake.vn/1/s400x350/fwebp/d9/61/15/05/ |
932 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
703 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f7a4690e47d372ab1164645002788333f7eddad532c626364ee15a6f.png
content.pancake.vn/1/s2550x500/fwebp/87/c4/80/66/ |
25 KB 25 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
34 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
294 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
42 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animatev4.css
api.webcake.io/animate/ |
98 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iconfont.css
api.webcake.io/render_iconfont/ |
654 B 489 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bdb12052-db2c-44e8-a900-b830f25d7c6d
case-1129869.pagesprotect.com/webcake/v4/ |
402 KB 112 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page_view.gif
case-1129869.pagesprotect.com/ |
35 B 196 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2
fonts.gstatic.com/s/librefranklin/v14/ |
28 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7cHqv4kjgoGqM7E3t-4s51ostz0rdg.woff2
fonts.gstatic.com/s/barlow/v12/ |
14 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NGS6v5_NC0k9P9H2TbFhsqMA.woff2
fonts.gstatic.com/s/heebo/v26/ |
29 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7b44750a-9618-4f05-bbd4-a82e6e1991b9
case-1129869.pagesprotect.com/sync/ |
65 B 241 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
a.pancake.vn/js/ |
5 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
266 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
a.pancake.vn/ |
35 B 320 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
case-1129869.pagesprotect.com/ |
1 KB 1 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| DISPLAY boolean| is_support_webp object| event_data object| gtracks string| gga string| ggt string| ggads string| pageViewConverID string| viewContentConverID object| regeneratorRuntime function| handleFBEventType function| handleTiktokEventType function| handleFBCustomTracking function| handleEventCustom function| gtag object| webcake object| MARK object| WebcakeScript function| onYouTubeIframeAPIReady object| popupBackdrop function| ab undefined| isActiveCart object| sync undefined| pos_promotions object| $syncVariations object| $discounts object| WebcakeAddresses boolean| ab_pv_event_fired4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
case-1129869.pagesprotect.com/ | Name: _p_session_id Value: b53c411d-f913-4b60-bd4b-c2b76e322a17 |
|
case-1129869.pagesprotect.com/ | Name: _aba Value: CPA2.1718199846058.3.b47d3b8f-7e09-4396-82dc-3e5a8c6dac9b |
|
case-1129869.pagesprotect.com/ | Name: _abd Value: CPD2.1718199846059.3.2eb99e44-af5b-43f7-a48d-29246ba29d2f |
|
case-1129869.pagesprotect.com/ | Name: _abt Value: CPT2.1718199846059.3.a42c5d04-555e-4e1f-9c89-a238810b230d |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.pancake.vn
api.webcake.io
case-1129869.pagesprotect.com
content.pancake.vn
fonts.googleapis.com
fonts.gstatic.com
113.20.119.13
113.20.119.28
142.250.186.106
172.217.18.3
203.205.10.134
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
3f2075ae1e3ca7261c17558ee154020f661b4a3aa4422a2ced569d52df3cd141
5a0a021a59ca4c7381a7fc358ba5572400b1a9f47aee1bcb2d520f218991f447
5a80613afb217840048d21a68193503b10bef8a5f24f391c785a98a3b3905925
5e88cd4184521e32fca74066d5ea79e1226b6ecd9ddd1f381dddca9a94b5e420
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
74b62bbff4866e7a99770a845517c37ae2f1315f850b48028c1697038cb58c7f
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88ef3cf50f97be7e38116278799146fc4bf57449195bf7689708424ff8a2908e
90fbfd58317619e82d3f221f57c9709261205579d6ae7b604db4c71b7431dcb8
9b22eb36264a6f04ff0a24f8bcdfabaf2b6a7319a581bbd8310da914f073fb25
a1385d445abb408f6ca576479c86314449111bfe8cf9f477ed9bbb4ae0dba493
a6f29d613fb5f0601de883f702315997e45fe3740c8beb351cb50533a9439257
a7f565be47dcd36f197bdb273b3cdd06ac2ac12e7b7d44ac089f6461f9fe2394
b21d0f447e1d32e956ea227ff55c08054ed46fc96b319c46b90f7e966d13fa00
cb474dc9b3e75c8ec335bab847cb29ec7e89da057ad068abdb99da4585366c8c
d40f7efc8472e0e5b32797837f78fbec6890dee54ca1163d9708736422b1215d
e06a6c458f688f37c973dab200f36a38ff15c59d9306e886bdc3e6967f780690
eb391c914c6c4ee5aa01ae03eaddf7d09acad25535a9f2cb31da425f347fd065