![](/screenshots/79c6aee8-4566-445c-84a0-ad388cf4178a.png)
pollpursuit-vote-pro.pages.dev
Open in
urlscan Pro
2606:4700:310c::ac42:2f1b
Malicious Activity!
Public Scan
Effective URL: https://pollpursuit-vote-pro.pages.dev/connecting
Submission: On May 31 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by E1 on May 5th 2024. Valid for: 3 months.
This is the only time pollpursuit-vote-pro.pages.dev was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 2606:4700:310... 2606:4700:310c::ac42:2f1b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
8 | 172.66.47.27 172.66.47.27 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
12 | 5 |
ASN13335 (CLOUDFLARENET, US)
pollpursuit-vote-pro.pages.dev |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
pages.dev
1 redirects
pollpursuit-vote-pro.pages.dev |
108 KB |
1 |
gstatic.com
fonts.gstatic.com |
16 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 |
1002 B |
12 | 3 |
Domain | Requested by | |
---|---|---|
10 | pollpursuit-vote-pro.pages.dev |
1 redirects
pollpursuit-vote-pro.pages.dev
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
pollpursuit-vote-pro.pages.dev
|
12 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
pollpursuit-vote-pro.pages.dev E1 |
2024-05-05 - 2024-08-03 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-05-13 - 2024-08-05 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-05-13 - 2024-08-05 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://pollpursuit-vote-pro.pages.dev/survey
Frame ID: E9F6FAE6AAB37B0984F8B375F1B3B34A
Requests: 12 HTTP requests in this frame
Screenshot
![](/screenshots/79c6aee8-4566-445c-84a0-ad388cf4178a.png)
Page Title
Facebook - Log In or Sign UpPage URL History Show full URLs
-
https://pollpursuit-vote-pro.pages.dev/connecting.html
HTTP 308
https://pollpursuit-vote-pro.pages.dev/connecting Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://pollpursuit-vote-pro.pages.dev/connecting.html
HTTP 308
https://pollpursuit-vote-pro.pages.dev/connecting Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://pollpursuit-vote-pro.pages.dev/survey.html HTTP 308
- https://pollpursuit-vote-pro.pages.dev/survey
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
connecting
pollpursuit-vote-pro.pages.dev/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.css
pollpursuit-vote-pro.pages.dev/assets/bootstrap/css/ |
158 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 1002 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Contact-Form-Clean.css
pollpursuit-vote-pro.pages.dev/assets/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles.css
pollpursuit-vote-pro.pages.dev/assets/css/ |
427 B 687 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dF5SId3UHWd.svg
pollpursuit-vote-pro.pages.dev/assets/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Rolling-0.6s-211px.gif
pollpursuit-vote-pro.pages.dev/assets/img/ |
53 KB 54 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
pollpursuit-vote-pro.pages.dev/assets/bootstrap/js/ |
81 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
script.js
pollpursuit-vote-pro.pages.dev/assets/js/ |
185 B 631 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
facebook.svg
pollpursuit-vote-pro.pages.dev/assets/img/ |
710 B 891 B |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
survey
pollpursuit-vote-pro.pages.dev/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- pollpursuit-vote-pro.pages.dev
- URL
- https://pollpursuit-vote-pro.pages.dev/survey
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| bootstrap0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
pollpursuit-vote-pro.pages.dev
pollpursuit-vote-pro.pages.dev
172.66.47.27
2606:4700:310c::ac42:2f1b
2a00:1450:4001:803::200a
2a00:1450:4001:830::2003
361eba4cdef4b0ee564f1195bae1ccda55962018edfd50aa83b21fafbe3674b5
41553f4de93ead62430831a9c7eef680411f0cfe2f35ee46cb3a1031b905e5ad
44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61
5af5133459a08aaab60f1340c731b242ee78b77d9143f76c47101c04dc900d48
6d2dac17fd709066968a9c190ed86281a69e0c759f19250f4acb3bc5aa720b94
9091caf2ebc41ea232983bc546c2762ce3271b2947970c3c601cb072c492e414
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
aed7883c0b37c32435c653ff51c7206fa069e5194610f59386efc263050b1c9f
b236a61daf36b683113bf28a379255885ca65515257781bb26d8f024a64f98c7
f0061ed53bdd3192fd9c9955f4ca70e3a6db13c2dec2999401ff931b213955bd
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615