Report - gyvaz.pages.dev/

Report Overview

Submitted URL
gyvaz.pages.dev/
IP
172.66.47.12
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 04:59:34
Access
public
Website Title
Secure Document Sharing
Final URL
gyvaz.pages.dev/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
gyvaz.pages.dev	unknown	2020-09-02	2022-10-20	2024-04-16	895 B	30 kB	172.66.47.12
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	431 B	6.4 kB	172.217.21.170
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	423 B	72 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	559 B	20 kB	216.58.207.227
c0.wallpaperflare.com	294514	2017-09-02	2019-07-30	2024-02-20	454 B	55 kB	104.21.235.45

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-02	medium	gyvaz.pages.dev/	Generic/Spear Phishing
2024-05-02	medium	gyvaz.pages.dev/	Generic/Spear Phishing

PhishTank

Scan Date	Severity	Indicator	Alert
2024-04-05	medium	gyvaz.pages.dev/	Other
2024-04-05	medium	gyvaz.pages.dev/favicon.ico	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	gyvaz.pages.dev	Sinkholed
2024-05-10	medium	gyvaz.pages.dev	Sinkholed

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	gyvaz.pages.dev/sandbox%20eval%20code	147 B	2023-04-11	2024-05-20
Pretty URL gyvaz.pages.dev/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-20 14:47:14 Times Seen351201 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-20
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-20 14:47:13 Times Seen350686 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	gyvaz.pages.dev/	2.5 kB	2023-03-11	2024-05-10
Pretty URL gyvaz.pages.dev/ IP 172.66.47.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 23:25:34 Last Seen2024-05-10 06:59:35 Times Seen5 Hash b6038d8757fc57340673ebe906ea48bb 539e5fbbcdbf848112f06995f2ab175b90e99391 e77133be953fe6d9bfb994b3289f85c6c5691d959f7f54ccd060e02f33552c8a Loading...

	www.googletagmanager.com/gtag/js?id=UA-80520768-2	195 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=UA-80520768-2 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 06:59:35 Last Seen2024-05-10 06:59:35 Times Seen2 Hash f25416ba84048f9a3c5d8e0dcb8c25fd 417aaf6f4a77f780d86447e6cb86620b12f47e28 f3702c1afa25dffbbb2de19f50811eefc921bc6dc00a7b55efe87476b30cb460 Loading...

HTTP Transactions (6)

URL IP Response Size

www.googletagmanager.com/gtag/js?id=UA-80520768-2

142.250.74.168

200 OK

71 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-80520768-2
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://gyvaz.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (1822)
Size
71 kB (70941 bytes)
Hash
f25416ba84048f9a3c5d8e0dcb8c25fd
417aaf6f4a77f780d86447e6cb86620b12f47e28
f3702c1afa25dffbbb2de19f50811eefc921bc6dc00a7b55efe87476b30cb460

HTTP Headers

GET /gtag/js?id=UA-80520768-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gyvaz.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 04:59:09 GMT
expires: Fri, 10 May 2024 04:59:09 GMT
cache-control: private, max-age=900
last-modified: Fri, 10 May 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70941
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://gyvaz.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18668, version 1.0
Size
19 kB (18668 bytes)
Hash
8655d20bbcc8cdbfab17b6be6cf55df3
90edbfa9a7dabb185487b4774076f82eb6412270
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

HTTP Headers

GET /s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gyvaz.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:49:21 GMT
expires: Fri, 09 May 2025 01:49:21 GMT
cache-control: public, max-age=31536000
age: 97789
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

c0.wallpaperflare.com/preview/231/247/682/5be98e06c77ea.jpg

104.21.235.45

200 OK

54 kB

URL GET HTTP/2
c0.wallpaperflare.com/preview/231/247/682/5be98e06c77ea.jpg
IP
104.21.235.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gyvaz.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectwallpaperflare.com
FingerprintBB:DC:27:A9:65:C4:16:B3:A0:6C:C6:FA:1A:8D:9C:46:10:07:A2:0B
ValidityMon, 29 Apr 2024 18:55:17 GMT - Sun, 28 Jul 2024 18:55:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 910x607, components 3
Size
54 kB (54390 bytes)
Hash
510ca71d77bcaf4996a1df307a3d9ab2
c9db3b2c62c73512598e9cfa9f6f18661573f09d
6b30cafde4b787e82456ea2372d4cb6e4515a172ca60e624b91c353517637e13

HTTP Headers

GET /preview/231/247/682/5be98e06c77ea.jpg HTTP/1.1
Host: c0.wallpaperflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gyvaz.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 04:59:10 GMT
content-type: image/jpeg
content-length: 54390
last-modified: Thu, 23 May 2019 15:17:16 GMT
etag: "5ce6b97c-d476"
expires: Thu, 25 Dec 2025 11:40:30 GMT
cache-control: max-age=51840000
access-control-allow-origin: *
cf-cache-status: HIT
age: 494320
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qS%2FUVMzkxAim7oD0EsEkqxQShom4igBahA6ODkl88Y8zC2G9Vu%2BVjr05bMC9NCcA6uqFICnPxJqLkuY%2Fsh7ZH4jYjTbvUmRZE8nqm3WLOQOjnwvM%2BlgbiNyEtSi3Y0iO%2BvjF9bWf%2BCQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88175bbd0c3e6511-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

gyvaz.pages.dev/

172.66.47.12

200 OK

14 kB

URL User Request GET HTTP/2
gyvaz.pages.dev/
IP
172.66.47.12:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgyvaz.pages.dev
FingerprintA0:C6:46:8F:0D:0E:79:9F:12:C6:12:DC:0A:D6:20:98:6E:EE:3F:85
ValidityThu, 04 Apr 2024 12:25:37 GMT - Wed, 03 Jul 2024 12:25:36 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (7217)
Size
14 kB (14090 bytes)
Hash
e7c790db1ccbbb95d1afc483342ae69e
56eab4e088b705e23068cb352ab7025ec0df2edd
edfc247d3203a11c33a4029da043e4865a8063e7786a082063436882f99724e5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: gyvaz.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 04:59:09 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"581c801e5f8ac5c56e635fcc850598ec"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LJT1hMpZV4U%2FdS6Lxzm5pUgO%2FhhXEduw3%2FR0xSSCJXhZuYkyNFxywQ8X6FPITWK%2BZqq4I4sBFfo8wvKlczK0eAlxkxEoSIPU%2FQdiQ3l2BS8kpmkopCbXUB6PbCIuUN5UqEg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88175bb75fd256ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans

172.217.21.170

200 OK

5.8 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans
IP
172.217.21.170:443
ASN
#15169 GOOGLE

Requested by
https://gyvaz.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (5866), with no line terminators
Size
5.8 kB (5776 bytes)
Hash
9a9a7fec0410c78b8c7601306b9fa182
7d736470060c2cbab18d2a59c043202c2d3dbaac
6a2126bd16491c04d2f664d8acb3a7ad24ec144e02bffd62db7254bee91567f0

HTTP Headers

GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gyvaz.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 04:59:09 GMT
date: Fri, 10 May 2024 04:59:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gyvaz.pages.dev/favicon.ico

172.66.47.12

200 OK

15 kB

URL GET HTTP/3
gyvaz.pages.dev/favicon.ico
IP
172.66.47.12:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gyvaz.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectgyvaz.pages.dev
FingerprintA0:C6:46:8F:0D:0E:79:9F:12:C6:12:DC:0A:D6:20:98:6E:EE:3F:85
ValidityThu, 04 Apr 2024 12:25:37 GMT - Wed, 03 Jul 2024 12:25:36 GMT

File type

Size
15 kB (14869 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: gyvaz.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gyvaz.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 04:59:10 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"581c801e5f8ac5c56e635fcc850598ec"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WPUC71JjSskDMO1ecJj8G2WD5bakrtO0eVC%2F0XE82wp5It6YaVJxCnEunA8QQO8llDZuKLmdN01J1qqinVHP%2FQCBsIbzQaR1ZLgGqkiv7pSJDnSge4xf6zHAFjptOIwP4DY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88175bbdbcd7569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (6)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size