urlscan.io logo urlscan.io
SecurityTrails logo

pollpursuit-vote-pro.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2f1b  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pollpursuit-vote-pro.pages.dev/connecting.html
Effective URL: https://pollpursuit-vote-pro.pages.dev/connecting
Submission: On May 31 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 2606:4700:310c::ac42:2f1b, located in United States and belongs to CLOUDFLARENET, US. The main domain is pollpursuit-vote-pro.pages.dev.
TLS certificate: Issued by E1 on May 5th 2024. Valid for: 3 months.
This is the only time pollpursuit-vote-pro.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:310... 13335 (CLOUDFLAR...)
8 172.66.47.27 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 5
Apex Domain
Subdomains		 Transfer
10 pages.dev
pollpursuit-vote-pro.pages.dev
108 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1002 B
12 3
Domain Requested by
10 pollpursuit-vote-pro.pages.dev 1 redirects pollpursuit-vote-pro.pages.dev
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com pollpursuit-vote-pro.pages.dev
12 3

This site contains no links.

Subject Issuer Validity Valid
pollpursuit-vote-pro.pages.dev
E1		 2024-05-05 -
2024-08-03		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh

This page contains 1 frames:

Frame: https://pollpursuit-vote-pro.pages.dev/survey
Frame ID: E9F6FAE6AAB37B0984F8B375F1B3B34A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Facebook - Log In or Sign Up

Page URL History Show full URLs

  1. https://pollpursuit-vote-pro.pages.dev/connecting.html HTTP 308
    https://pollpursuit-vote-pro.pages.dev/connecting Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

12
Requests

92 %
HTTPS

75 %
IPv6

3
Domains

3
Subdomains

5
IPs

2
Countries

125 kB
Transfer

318 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pollpursuit-vote-pro.pages.dev/connecting.html HTTP 308
    https://pollpursuit-vote-pro.pages.dev/connecting Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://pollpursuit-vote-pro.pages.dev/survey.html HTTP 308
  • https://pollpursuit-vote-pro.pages.dev/survey

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request connecting
pollpursuit-vote-pro.pages.dev/
Redirect Chain
  • https://pollpursuit-vote-pro.pages.dev/connecting.html
  • https://pollpursuit-vote-pro.pages.dev/connecting
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pollpursuit-vote-pro.pages.dev/connecting
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2f1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed7883c0b37c32435c653ff51c7206fa069e5194610f59386efc263050b1c9f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
88c58b602ae135f9-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 31 May 2024 08:20:23 GMT
etag
W/"1511afa9393d752d652d809002d5219a"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qtdKpCI%2BKUcoBwJOomUR%2F8rus6gEB1Nb%2FPSCwgAgU%2BW0ewcnnlZm1jsUYj9piNuZfG%2Fg7tg4C51ARHyjyQE4LSMJG%2B4EuBfmR7gBR1JT6%2BQ%2FQE8GReKBrPCvfaQ6zTHz1cnWE1stpDKL2CRXaa%2BWcO6LHNDBQflGC4AUfCk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-ray
88c58b5fca6b35f9-FRA
content-length
0
date
Fri, 31 May 2024 08:20:23 GMT
location
/connecting
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D8A07B4n2tt2%2FLo55pg5HYfTWzqmgNlqAoWr0jATouDlJWKBX8G5tkJRmk6If0o%2F9A7QB6TMtMU54eu%2FRrnV5pIrv%2Fztu9ivQwmyoRTC%2BHY99ynL9jQg3ec9S%2BEwlD1doasghuOiAOdSQ5hhwxxT7KTe%2FrRFuvVbL4zfags%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bootstrap.min.css
pollpursuit-vote-pro.pages.dev/assets/bootstrap/css/ 		158 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pollpursuit-vote-pro.pages.dev/assets/bootstrap/css/bootstrap.min.css
Requested by
Host: pollpursuit-vote-pro.pages.dev
URL: https://pollpursuit-vote-pro.pages.dev/connecting
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5af5133459a08aaab60f1340c731b242ee78b77d9143f76c47101c04dc900d48
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pollpursuit-vote-pro.pages.dev/connecting
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 08:20:23 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"fa33fb6a086d55a082d4ad103b6f4880"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kGtthHyr9wiN0CoBZePT9yRGBxOo97ZLW%2FhlWgHjQ4wLlSyrFc%2Fclmc7nUQIfY3akwpOhA1Pdo3KLhJMvX44advN2MY0kP7a3gj9je5l30sZ6gvKmUHJpru%2BhaQ4ARDgI03n3Ej3BxlTkxwnn%2BjQJ6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
88c58b60efd55d67-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		2 KB
1002 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: pollpursuit-vote-pro.pages.dev
URL: https://pollpursuit-vote-pro.pages.dev/connecting
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pollpursuit-vote-pro.pages.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 31 May 2024 08:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 31 May 2024 06:52:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 31 May 2024 08:20:23 GMT
Contact-Form-Clean.css
pollpursuit-vote-pro.pages.dev/assets/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pollpursuit-vote-pro.pages.dev/assets/css/Contact-Form-Clean.css
Requested by
Host: pollpursuit-vote-pro.pages.dev
URL: https://pollpursuit-vote-pro.pages.dev/connecting
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
361eba4cdef4b0ee564f1195bae1ccda55962018edfd50aa83b21fafbe3674b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pollpursuit-vote-pro.pages.dev/connecting
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 08:20:24 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4850e5aba9c151092ddde09cb1d5ed61"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lbVGUAKbQ4tOa6ZQodWZJRO8Gs%2Bje8PEdCB4ppN%2FOllHicxJJpyt%2B7a7iMM7iRLVAs3OVguZ85FSrADjEA32nxr43PbDcxpHiq8yUKjwxbXORcypVHgYsrfOFQsrr3fgBo%2F0RNCjFeVv0j8UBR8RPfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
88c58b60efd75d67-FRA
alt-svc
h3=":443"; ma=86400
styles.css
pollpursuit-vote-pro.pages.dev/assets/css/ 		427 B
687 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pollpursuit-vote-pro.pages.dev/assets/css/styles.css
Requested by
Host: pollpursuit-vote-pro.pages.dev
URL: https://pollpursuit-vote-pro.pages.dev/connecting
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d2dac17fd709066968a9c190ed86281a69e0c759f19250f4acb3bc5aa720b94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pollpursuit-vote-pro.pages.dev/connecting
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 08:20:24 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6f5b97c2a5d69aa9b5202565856bb337"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=owUAYEGHb2M%2B2RZnsn4SGHJCHOI%2FV3pqaIvEY42BPQoWDKv0%2F0cEngeN%2FyA4skYpwAdk1aBhCAeDASVQD1WgYxkiiVzmWSr4NAt2p6ypi7DqSI37E1dsNeHOAuUgX6JqSQukiwhmcrGeAk0Z64c%2BGqI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
88c58b60efda5d67-FRA
alt-svc
h3=":443"; ma=86400
dF5SId3UHWd.svg
pollpursuit-vote-pro.pages.dev/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pollpursuit-vote-pro.pages.dev/assets/img/dF5SId3UHWd.svg
Requested by
Host: pollpursuit-vote-pro.pages.dev
URL: https://pollpursuit-vote-pro.pages.dev/connecting
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pollpursuit-vote-pro.pages.dev/connecting
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 08:20:23 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"75f8e43fed0f8776701fdc026fe1d15f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SnYQxq7ccoqHzr2A%2B2UYFSnd3do7e3EnI5pAknT4nliiqIH7ChcfIobEmT7L0IUs%2B0hXVGz1LFQk8pGNkHAokhzPHtKuHx2yKj8YV6kwzk%2FbRvCNubYcoatT7Ckn2IrmM54BjeMY2owWRFoE9PK%2Bk2o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
88c58b60efdc5d67-FRA
alt-svc
h3=":443"; ma=86400
Rolling-0.6s-211px.gif
pollpursuit-vote-pro.pages.dev/assets/img/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pollpursuit-vote-pro.pages.dev/assets/img/Rolling-0.6s-211px.gif
Requested by
Host: pollpursuit-vote-pro.pages.dev
URL: https://pollpursuit-vote-pro.pages.dev/connecting
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41553f4de93ead62430831a9c7eef680411f0cfe2f35ee46cb3a1031b905e5ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pollpursuit-vote-pro.pages.dev/connecting
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 08:20:24 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a4ce42f9ed7dfc645a85f9b4efa75d3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0PeLt3z4FEQ5shtjKBUqM5YqN%2F%2FY15c7Vq93DmLIJvstBaR7l5AkpefmQuqqn3QB6GF7i5h72nuWbfEUrLzusCADvOU1t%2BA2jURr4ybCIvkJMMHwNyABVbxyvDBNz%2BYAm9SVQaQNxwKmoDrS%2BXlRXes%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
88c58b60efdd5d67-FRA
alt-svc
h3=":443"; ma=86400
content-length
54730
bootstrap.min.js
pollpursuit-vote-pro.pages.dev/assets/bootstrap/js/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pollpursuit-vote-pro.pages.dev/assets/bootstrap/js/bootstrap.min.js
Requested by
Host: pollpursuit-vote-pro.pages.dev
URL: https://pollpursuit-vote-pro.pages.dev/connecting
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0061ed53bdd3192fd9c9955f4ca70e3a6db13c2dec2999401ff931b213955bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pollpursuit-vote-pro.pages.dev/connecting
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 08:20:24 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7cf76fc38f322fe2cefa9cb34bd3a42b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BSOWTOO2GCjsh1AhN1OBiPkRxNMLRBNntAwrt3sBDWyl2jujSA%2BOqzfKWS66mJHuj8TeZQGWuu3ZFvuUMG1FqxHIt5fN4qVPQG4wF6%2FECpBnKjoRJQv%2BLjrEgdz5d1yE5WduGH8UN2j1XrddLNJDs8o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
88c58b60efdf5d67-FRA
alt-svc
h3=":443"; ma=86400
script.js
pollpursuit-vote-pro.pages.dev/assets/js/ 		185 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pollpursuit-vote-pro.pages.dev/assets/js/script.js
Requested by
Host: pollpursuit-vote-pro.pages.dev
URL: https://pollpursuit-vote-pro.pages.dev/connecting
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b236a61daf36b683113bf28a379255885ca65515257781bb26d8f024a64f98c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pollpursuit-vote-pro.pages.dev/connecting
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 08:20:24 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5272789ac3be258863c26bb65e4878af"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TU4sgSgOypZ3TUGdoh6gE6R0Pwem58lrr2GrtL0zuM1lHRbKYefOvc6lkvHWv0j1O7n%2BWj3osbPvdTfAPC7rysdRL53Gz89%2BABGhOvZka0UP6gUntc8zX2qHKM8cwP7sI2kKGMkxLXfNZpFsLslsAss%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
88c58b60efe35d67-FRA
alt-svc
h3=":443"; ma=86400
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://pollpursuit-vote-pro.pages.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 14:40:13 GMT
x-content-type-options
nosniff
age
236411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:40:13 GMT
facebook.svg
pollpursuit-vote-pro.pages.dev/assets/img/ 		710 B
891 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pollpursuit-vote-pro.pages.dev/assets/img/facebook.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9091caf2ebc41ea232983bc546c2762ce3271b2947970c3c601cb072c492e414
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pollpursuit-vote-pro.pages.dev/connecting
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 08:20:24 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66bfd5efdc513fdc07002d48cfee298f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=suv81P0uZkUTDAOVxrQAGD4HGjZigfB6eT9oT6x2q%2BanwbgYZfzIulG81XV%2BaGksuREJJATkSF1JWJ84PAnmSP9SRv2y71Nxie3J7gILArMsEkujwbwiOXjMrx7SpI7Ztl8iH%2F460sZMiIxuRXpWq6U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
88c58b632a345d67-FRA
alt-svc
h3=":443"; ma=86400
survey
pollpursuit-vote-pro.pages.dev/
Redirect Chain
  • https://pollpursuit-vote-pro.pages.dev/survey.html
  • https://pollpursuit-vote-pro.pages.dev/survey
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pollpursuit-vote-pro.pages.dev
URL
https://pollpursuit-vote-pro.pages.dev/survey

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| bootstrap

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff