starwarscollectionfans.pages.dev
Open in
urlscan Pro
172.66.44.158
Malicious Activity!
Public Scan
Submission: On June 24 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by WE1 on June 22nd 2024. Valid for: 3 months.
This is the only time starwarscollectionfans.pages.dev was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telegram (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 172.66.44.158 172.66.44.158 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
21 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
pages.dev
starwarscollectionfans.pages.dev |
235 KB |
21 | 1 |
Domain | Requested by | |
---|---|---|
15 | starwarscollectionfans.pages.dev |
starwarscollectionfans.pages.dev
|
21 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
starwarscollectionfans.pages.dev WE1 |
2024-06-22 - 2024-09-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://starwarscollectionfans.pages.dev/
Frame ID: 22B9B86608C8AA824FE9C2F6C572439D
Requests: 22 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
starwarscollectionfans.pages.dev/ |
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.f71896c2c50d07adcf73.css
starwarscollectionfans.pages.dev/ |
352 KB 63 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style-desktop.9d7b485ed526720a3aad.css
starwarscollectionfans.pages.dev/ |
355 B 728 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.712f415c3a05b4382935.bundle.js
starwarscollectionfans.pages.dev/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
24.4d8c06f2db954418f16d.chunk.js
starwarscollectionfans.pages.dev/ |
734 B 902 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
20.59cd546d102ae15542e6.chunk.js
starwarscollectionfans.pages.dev/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0.e0afbd5895b2c8eb71c6.chunk.js
starwarscollectionfans.pages.dev/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
22.a20a1ec6ea627171c353.chunk.js
starwarscollectionfans.pages.dev/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1.501f1b99f6befd50ee5e.chunk.js
starwarscollectionfans.pages.dev/ |
133 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
28.6667bb68e660e626d453.chunk.js
starwarscollectionfans.pages.dev/ |
663 B 780 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mtproto.worker.b9472a3acd835ec21780.bundle.worker.js
starwarscollectionfans.pages.dev/ |
390 KB 90 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon-32x32.png
starwarscollectionfans.pages.dev/assets/img/ |
2 KB 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
8.ea3cd7974ebbd0d0029d.chunk.js
starwarscollectionfans.pages.dev/ |
45 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
9.6eaa4e06851092205efd.chunk.js
starwarscollectionfans.pages.dev/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
27.f4a134d00776769d844a.chunk.js
starwarscollectionfans.pages.dev/ |
22 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2.74a3da7f5452b44843ff.chunk.js
starwarscollectionfans.pages.dev/ |
32 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3.783454d94e8eb002e387.chunk.js
starwarscollectionfans.pages.dev/ |
10 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
21.49b949da4f2493f6b111.chunk.js
starwarscollectionfans.pages.dev/ |
6 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
npm.qr-code-styling.6d4087c107d121ea4739.chunk.js
starwarscollectionfans.pages.dev/ |
41 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
17.fae79d657f42f1745c9f.chunk.js
starwarscollectionfans.pages.dev/ |
8 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_padded.svg
starwarscollectionfans.pages.dev/assets/img/ |
1 KB 0 |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telegram (Instant Messenger)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| webpackJsonp number| interval function| postLocalStorageWithFatch object| rootScope object| stateStorage object| appStorage object| appStateManager object| webpWorkerController object| singleInstance object| webPushApiManager function| formatDateAccordingToTodayNew function| fillTipDates object| telegramMeWebManager object| apiManagerProxy function| calcImageInBox object| mediaSizes object| Config object| RichTextProcessor object| I18n object| animationIntersector object| lottieLoader object| pagesManager object| serverTimeManager object| sequentialDom object| appNavigationController function| putPreloader0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
starwarscollectionfans.pages.dev
172.66.44.158
12773258b323211434281b615f20a20bd1a8dbfd2020b31af21f2e2ea63cf645
14f1cbd1cf8a460bf60aa7c762a883206fc2fd8570cc3eab7c2e4277c269f7cf
3236854bc6dc13d16225b0e509cbae369eb17abf82c167550916359191e7ce08
37da34257150a87a8664ee354a6cf3e49071c45dfaa8c6abc112f47fc169313b
3a0e296e9ba8899e31e18cc344123fbaf4e0d1a23bcc3baf7dc5b86f9bed5999
3d734fe0a9440686391136eac7453b024f7760f741d5c401e002f30674ea1c21
4512ad0ba1cbed020c46fe6c05b3392e55598226602c706f0618a4886dd8c2c6
455d79310dc2eda66880ed612cca38ee76928c4198fc2a0f7b02421efbc06841
477fea83b74198e505971d04ef8fddfb6406c7487fc56249b749852f6f0ea3a6
5132a77aea047b16ecaa1086176d8ac7571f6bfb8016e44c64e9dbb3730617f5
5311ec5186b9caffcef519f9c671bc57ccf36bc0e2b2bc67bb77c49d297ee876
652a6577b9f1287199fdf91de1ad503de5f524e6449e121c9c51db96e35e94da
786f521d44d68e6cb99c9d4c21f5d324731f46f96b5b3c8f9d388e73a9e6cfa3
8e18aee6e70418e31cb2bb69f441ef33083586dd3a5c5d1d335562b840a9ac87
9fceeff30b695887206127e6c3f1e024e213c208a3b5072f6e60b1053ddf7471
c3f26688d39cf772bbc24dbdc482b1d23f25070da05cc536d5f1e788f206d070
c7335f843f4f1b00a53996bf9d84c7558d701867fe2488a1cf1a369ae642dce2
e7039ec68cf3da381b04c73b975ef28aa5b57733bb2e1da2de8f1bc9e75c7362
e74fa311cd450c6220775f6dca7a869ff3329e1aaf30960e0f20d033d978a2e5
eeb79b0ae5da35d3433de6edeec3a0e3cce9c24f517dbad26ed97e852666c8f4
f90da47e2c01a9a1d27d356948ba3853039120978d5809a124f573bb8cb1b95d