Report - aiwebbyvotettytryr6.pages.dev/index_files/index_files/index

Report Overview

Submitted URL
aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js
IP
172.66.44.245
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-25 05:57:58
Access
public
Website Title
Instagram
Final URL
aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js
Tags
instagram meta social phishing
urlquery detections
Phishing - Instagram

Detections

urlquery
9
Network Intrusion Detection
0
Threat Detection Systems
48

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.instagram.com	1096	2004-06-04	2012-07-24	2024-04-23	477 B	35 kB	31.13.72.174
aiwebbyvotettytryr6.pages.dev	unknown	2020-09-02	2024-01-10	2024-03-26	4.4 kB	342 kB	172.66.44.245

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-19	medium	aiwebbyvotettytryr6.pages.dev/	Instagram
2024-03-13	medium	aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/b67d172d5783.asc	Instagram
2024-03-13	medium	aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/eventcheck.js	Instagram
2024-04-19	medium	aiwebbyvotettytryr6.pages.dev/	Instagram
2024-04-19	medium	aiwebbyvotettytryr6.pages.dev/	Instagram
2024-04-19	medium	aiwebbyvotettytryr6.pages.dev/	Instagram
2024-04-19	medium	aiwebbyvotettytryr6.pages.dev/	Instagram
2024-04-19	medium	aiwebbyvotettytryr6.pages.dev/	Instagram

PhishTank

Scan Date	Severity	Indicator	Alert
2024-03-12	medium	aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/8e2c2a606042.download	Other
2024-03-12	medium	aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/b67d172d5783.asc	Other
2024-03-12	medium	aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/eventcheck.js	Other
2024-03-12	medium	aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/96f2557117a2.asc	Other
2024-03-12	medium	aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/001bc33056c1.jpg	Other
2024-03-12	medium	aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/629d23a3c7b2.jpg	Other
2024-03-12	medium	aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/fbevents.js	Other
2024-03-12	medium	aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/f55c258e826e.png	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	aiwebbyvotettytryr6.pages.dev	Sinkholed
2024-04-25	medium	aiwebbyvotettytryr6.pages.dev	Sinkholed
2024-04-25	medium	aiwebbyvotettytryr6.pages.dev	Sinkholed
2024-04-25	medium	aiwebbyvotettytryr6.pages.dev	Sinkholed
2024-04-25	medium	aiwebbyvotettytryr6.pages.dev	Sinkholed
2024-04-25	medium	aiwebbyvotettytryr6.pages.dev	Sinkholed
2024-04-25	medium	aiwebbyvotettytryr6.pages.dev	Sinkholed
2024-04-25	medium	aiwebbyvotettytryr6.pages.dev	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js	284 B	2023-03-07	2024-05-03
Pretty URL aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06:30 Last Seen2024-05-03 18:58:37 Times Seen179 Hash d439d3159ea60f8f7e406dd5907e51f9 23820143e39cfa9a7f50fac69669976e6106c664 ec8315b1a8641ba123dccfed379a1e6b36867f8824592eeedaa2c721aa43dcbd Loading...

	aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js	414 B	2023-03-07	2024-05-03
Pretty URL aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:18:06 Last Seen2024-05-03 18:58:37 Times Seen174 Hash d1310309cf397381261be4a1d8a324dd 378e9804c9a05b846af859de55171142349263c4 4c3d4a4c8db3be18897b5647809ac78b72c2d77c3cd4cd06c76beab10a1599e0 Loading...

	aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js	2.1 kB	2023-03-07	2024-05-03
Pretty URL aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:18:06 Last Seen2024-05-03 18:58:37 Times Seen170 Hash b85b9458f28b695d08b94f4617d79d18 4a8ca52e6585fbad70f69208b2607c6cae390f79 dbb5022c8ab9a59d4a7261650526fe818bc52a6b47ca98f57259276c30157a33 Loading...

	aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js	3.2 kB	2023-03-07	2024-05-03
Pretty URL aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:18:06 Last Seen2024-05-03 18:58:37 Times Seen168 Hash f3dbce1e783f08c022ac9671917b88e6 662afa0bdc25c475328cf169a5c8275179817663 2839e4584618ed9523df556d5e9871b1f54dbde740492f065e2da88ded79e2e2 Loading...

	aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js	439 B	2023-03-07	2024-05-03
Pretty URL aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06:30 Last Seen2024-05-03 18:58:37 Times Seen170 Hash df7e7ceeb2b6ff35f105522bddc42b4e 62d3ccb61459b0a4300e750e7bcfd00b7a341fb6 f993342d5cd18721230d5fc85c444af9cd94fd6ea5b391951f250663c8c9f4d5 Loading...

HTTP Transactions (9)

URL IP Response Size

www.instagram.com/static/images/ico/favicon-192.png/b407fa101800.png

31.13.72.174

35 kB

URL
www.instagram.com/static/images/ico/favicon-192.png/b407fa101800.png
IP
31.13.72.174:0
ASN
#32934 FACEBOOK

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
35 kB (34719 bytes)
Hash
b407fa101800e44839743a60e6078ed3
18fea4ad0371ed6cd21007f24a47812ba09b8fa1
8878662ce6afc4a995bd80c67652a72642c9564b40cfc5ac94a802d7e0f8b6b1

HTTP Headers

GET /static/images/ico/favicon-192.png/b407fa101800.png HTTP/1.1
Host: www.instagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aiwebbyvotettytryr6.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-encoding: br
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
etag: "b407fa101800"
cache-control: public,max-age=31536000,immutable
edge-control: max-age=1209600, no-transform
date: Sat, 20 Apr 2024 02:10:20 GMT
x-fb-load: 442
content-length: 34719
X-Firefox-Spdy: h2

aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/8e2c2a606042.download

172.66.44.245

77 kB

URL
aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/8e2c2a606042.download
IP
172.66.44.245:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (54252)
Size
77 kB (76979 bytes)
Hash
eb8f03a1669602bbabd2636b1bf57e56
7ca6711de64f52410ff1594bc1aed798c8c5612d
986ffc1f4f305240e85784d24dd82e4f6c5b7ade35e6fc565285e7643b4540ed

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram
OpenPhish	phishing	Instagram
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/index_files/index_files/index_files/8e2c2a606042.download HTTP/1.1
Host: aiwebbyvotettytryr6.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:57:32 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7da1829cc821da446e150a386f097b5a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E7xEAWpq%2FomsEeOqexmAruVWWIcJLUSqMnQMyksDiJjC3JAK0KBh2feIzh2gCNxST%2BTkWkmtkfHnFtB16TFDCoCC9HXJ4GTB3%2BiUDRfkOO7azTNydIFlr9mToYVVeWvXXdb0umwe%2F3Hw7fii8%2FQjBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c18a0bc86b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/b67d172d5783.asc

172.66.44.245

33 kB

URL
aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/b67d172d5783.asc
IP
172.66.44.245:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (54252)
Size
33 kB (33050 bytes)
Hash
eb8f03a1669602bbabd2636b1bf57e56
7ca6711de64f52410ff1594bc1aed798c8c5612d
986ffc1f4f305240e85784d24dd82e4f6c5b7ade35e6fc565285e7643b4540ed

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram
OpenPhish	phishing	Instagram
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/index_files/index_files/index_files/b67d172d5783.asc HTTP/1.1
Host: aiwebbyvotettytryr6.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:57:32 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7da1829cc821da446e150a386f097b5a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z0QF7O5UiEiHx389acb3y7eV4adS4iU9OThhzic%2BuLEFNJndftvBWcB1KJkhJpsXrHnXiRKqul4FHn%2F%2BCV4sVYQD6jGpiFySKbjsJlyLD7VJqDHqZK1IUoYw9IXzSOKRQVqnkOnG8gPPniGqNtVO2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c18a0ac6eb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/eventcheck.js

172.66.44.245

33 kB

URL
aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/eventcheck.js
IP
172.66.44.245:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (54252)
Size
33 kB (33047 bytes)
Hash
eb8f03a1669602bbabd2636b1bf57e56
7ca6711de64f52410ff1594bc1aed798c8c5612d
986ffc1f4f305240e85784d24dd82e4f6c5b7ade35e6fc565285e7643b4540ed

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram
OpenPhish	phishing	Instagram
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/index_files/index_files/eventcheck.js HTTP/1.1
Host: aiwebbyvotettytryr6.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:57:32 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7da1829cc821da446e150a386f097b5a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cG9x3Rnq5NYklhkBht%2ByjxUFSNeUb%2B%2Fa4gDkaJOf8oQSmnRqXPnroLC%2BrtVzmi4WEWnlwgxMclYvkaAoSIBO8JT%2B3uDdtZeDJMY6CoSgnusPKm62XZzmBUFpyx3Ma9drJfvreZX0w0EWrG2fR4JDWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c18a09c67b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/96f2557117a2.asc

172.66.44.245

33 kB

URL
aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/96f2557117a2.asc
IP
172.66.44.245:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (54252)
Size
33 kB (33041 bytes)
Hash
eb8f03a1669602bbabd2636b1bf57e56
7ca6711de64f52410ff1594bc1aed798c8c5612d
986ffc1f4f305240e85784d24dd82e4f6c5b7ade35e6fc565285e7643b4540ed

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram
OpenPhish	phishing	Instagram
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/index_files/index_files/index_files/96f2557117a2.asc HTTP/1.1
Host: aiwebbyvotettytryr6.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:57:32 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7da1829cc821da446e150a386f097b5a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JTZVg3xkvy6Ig9ladGRrMwbQFwg5l4UgevY8WgB25793Bnt2SZXN3dUTmM3g%2FRO2Bkh9AVn9mDPGh%2F09mqtSuTWdVP2x6YZHsz0bIJl0DQ%2B8oykXV6wW6BuE5CIQrd5WfQAsC3LYPEu3g8o%2F9mvDGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c18a0bc83b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/001bc33056c1.jpg

172.66.44.245

40 kB

URL
aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/001bc33056c1.jpg
IP
172.66.44.245:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (54252)
Size
40 kB (39948 bytes)
Hash
eb8f03a1669602bbabd2636b1bf57e56
7ca6711de64f52410ff1594bc1aed798c8c5612d
986ffc1f4f305240e85784d24dd82e4f6c5b7ade35e6fc565285e7643b4540ed

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram
OpenPhish	phishing	Instagram
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/index_files/index_files/index_files/001bc33056c1.jpg HTTP/1.1
Host: aiwebbyvotettytryr6.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:57:33 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7da1829cc821da446e150a386f097b5a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CRW1nIBqYwpy1G%2BbaQk6eAQkjfNgFfenQb6DMRi%2B2QPw%2FCOAQ1Kay9Xp%2BiO%2BWxsPE5nptjedw8aX4Qd2nemqbbyg6avVuZTnckJVNpvS4FztPSOHFCBvGgqJjFeg9pHCe33BK0zvHV0SA5rWGWYTSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c18a22e87b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/629d23a3c7b2.jpg

172.66.44.245

200 OK

42 kB

URL GET HTTP/3
aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/629d23a3c7b2.jpg
IP
172.66.44.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js
Certificate
IssuerLet's Encrypt
Subjectaiwebbyvotettytryr6.pages.dev
FingerprintB2:4A:5F:A5:A6:CF:9F:32:17:83:5A:97:2B:1D:EA:A7:FF:49:24:62
ValiditySat, 09 Mar 2024 20:06:26 GMT - Fri, 07 Jun 2024 20:06:25 GMT

File type
HTML document, ASCII text, with very long lines (54252)
Size
42 kB (41946 bytes)
Hash
eb8f03a1669602bbabd2636b1bf57e56
7ca6711de64f52410ff1594bc1aed798c8c5612d
986ffc1f4f305240e85784d24dd82e4f6c5b7ade35e6fc565285e7643b4540ed

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram
OpenPhish	phishing	Instagram
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/index_files/index_files/index_files/629d23a3c7b2.jpg HTTP/1.1
Host: aiwebbyvotettytryr6.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:57:32 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7da1829cc821da446e150a386f097b5a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SmnqO0%2BJRwodSlnyDdpc1QE1TPXTUcq%2Fw18A1SzZbrB%2FBYHuCqAcz7Tg9PHhGmgVsNN0ha9n42Njo6JURI8LdY8%2FbTX3aIm%2Fbdzj94gQMeGwmt3VO7lsOEDW0fqWnwRJ8j5r3sv5RRmeQtFNYdXogg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c18a0ac73b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/fbevents.js

172.66.44.245

36 kB

URL
aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/fbevents.js
IP
172.66.44.245:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (54252)
Size
36 kB (36339 bytes)
Hash
eb8f03a1669602bbabd2636b1bf57e56
7ca6711de64f52410ff1594bc1aed798c8c5612d
986ffc1f4f305240e85784d24dd82e4f6c5b7ade35e6fc565285e7643b4540ed

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram
OpenPhish	phishing	Instagram
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/index_files/index_files/index_files/fbevents.js HTTP/1.1
Host: aiwebbyvotettytryr6.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:57:32 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7da1829cc821da446e150a386f097b5a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fopeNP%2FbE%2F4QfaI11CH04hpDKAUuZKt9ZfpfPJbOzipdEK7WAwaww2vtJbmXw4P6dMI%2B657tU3SewH%2FqxlyKlluP8hV%2BPs6MvL%2F%2F4fckKti5tbblGr6nDPEV7HGr8LH6ds7MUN6I1BXz4pI7%2BucOnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c18a09c61b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/f55c258e826e.png

172.66.44.245

42 kB

URL
aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/index_files/f55c258e826e.png
IP
172.66.44.245:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (54252)
Size
42 kB (41620 bytes)
Hash
eb8f03a1669602bbabd2636b1bf57e56
7ca6711de64f52410ff1594bc1aed798c8c5612d
986ffc1f4f305240e85784d24dd82e4f6c5b7ade35e6fc565285e7643b4540ed

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram
OpenPhish	phishing	Instagram
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/index_files/index_files/index_files/f55c258e826e.png HTTP/1.1
Host: aiwebbyvotettytryr6.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aiwebbyvotettytryr6.pages.dev/index_files/index_files/index_files/fbevents.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:57:33 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7da1829cc821da446e150a386f097b5a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5rNVJwJINSAUp0Oh1MyHsoMYGtJv9zEO6rtB7%2FiT8mPZ7ZJOmeVvW8DK3sn1kygbxhOm7sCmD8FEH2s1hPYTka%2F9UQUI%2FzGzgdvYilJn0UWhCqxg6EFG9ynStYZzlxr3ATLFXLeo%2Fk0bcn199Zr1Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c18a23e93b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (9)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN