Report - aru.pages.dev/

Report Overview

Submitted URL
aru.pages.dev/
IP
172.66.47.63
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-26 17:47:20
Access
public
Website Title
check
Final URL
aru.pages.dev/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
api.db-ip.com	98326	2010-05-18	2017-01-30	2024-04-25	470 B	987 B	104.26.4.15
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-25	429 B	28 kB	104.17.24.14
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-26	428 B	32 kB	142.250.74.138
aru.pages.dev	unknown	2020-09-02	2022-08-28	2024-03-25	2.1 kB	26 kB	172.66.44.193
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-04-26	878 B	48 kB	104.18.10.207
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	437 B	12 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	aru.pages.dev/	Facebook, Inc.
2024-04-26	medium	aru.pages.dev/	Facebook, Inc.
2024-04-26	medium	aru.pages.dev/	Facebook, Inc.
2024-04-26	medium	aru.pages.dev/	Facebook, Inc.
2024-04-26	medium	aru.pages.dev/	Facebook, Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	aru.pages.dev/js.js	3.5 kB	2024-01-27	2024-04-26
Pretty URL aru.pages.dev/js.js IP 172.66.44.193 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-27 03:54:11 Last Seen2024-04-26 19:47:21 Times Seen3 Hash 976977ffe8a617a1342c4651e5918764 5811d4d18035b547a4285d2da4900a219460f9ad 03b764aac10c0c4551985ef046073912829ff503236112aba152ad76f4ba2bf8 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-05-07
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-07 16:53:10 Times Seen267401 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js	40 kB	2023-03-07	2024-05-07
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-07 13:18:32 Times Seen12332 Hash 2f34b630ffe30ba2ff2b91e3f3c322a1 b16fd8226bd6bfb08e568f1b1d0a21d60247cefb 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-05-07
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-07 16:33:16 Times Seen389113 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

HTTP Transactions (11)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

104.17.24.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aru.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
27 kB (26909 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aru.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 26909
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e4a"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 159910
expires: Wed, 16 Apr 2025 17:46:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xB9wPr0cjw%2FJ5Edm%2BcxISInLsqOoybkwdNGEtZE2uOKL2dL1UCcS0fTVV0TrgfRodLoICVNLRNdfiHJP5MYp1ed37Z28UTQsM1lRpxvQ96h2hanuvxmBlTtm%2FTmNyl5ME1gUbnYX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a86521ce9556c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

142.250.74.138

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://aru.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31017 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aru.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:03:38 GMT
expires: Sat, 26 Apr 2025 06:03:38 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 42197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

aru.pages.dev/image/favicon.png

172.66.44.193

200 OK

404 B

URL GET HTTP/3
aru.pages.dev/image/favicon.png
IP
172.66.44.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aru.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectaru.pages.dev
Fingerprint83:B2:C7:81:78:35:91:AD:35:AE:BF:BD:21:50:26:2B:7F:8B:98:AB
ValiditySat, 13 Apr 2024 16:20:32 GMT - Fri, 12 Jul 2024 16:20:31 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
404 B (404 bytes)
Hash
fab462d133a52f83d568e5d45409225a
9383db570dd96e2120e2fa30bca54faf99f9493e
e4262072fd2e9ad103d4d43be4334ffcad014d799a9eb97aeaa14d266b656adf

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /image/favicon.png HTTP/1.1
Host: aru.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aru.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:56 GMT
content-type: image/png
content-length: 404
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e618600c4369ecc28b8fd08fb6b90b5e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z4bMEvX9X%2B2rk1IrORYmBlWyIrGgm5O7YmhNyVehgUPuAGA7u3gI5nhxQNwOfqVuAEBn5QmTlLDVd9Zr4krUXgIEiyBrJJ1Cg6Oyf3bx0DvHa5fUmDhrJ4kdhyTfoetq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a86524ee7f56cc-OSL
alt-svc: h3=":443"; ma=86400

maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

104.18.10.207

200 OK

19 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aru.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (39553)
Size
19 kB (18603 bytes)
Hash
2f34b630ffe30ba2ff2b91e3f3c322a1
b16fd8226bd6bfb08e568f1b1d0a21d60247cefb
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

HTTP Headers

GET /bootstrap/3.4.1/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aru.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:55 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"2f34b630ffe30ba2ff2b91e3f3c322a1"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 08/07/2023 07:43:09
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: ccdae395c8fac62a9761a41a12e73ecc
cdn-cache: HIT
cf-cache-status: HIT
age: 12442672
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a86521c9f3712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

aru.pages.dev/css.css

172.66.44.193

200 OK

10 kB

URL GET HTTP/3
aru.pages.dev/css.css
IP
172.66.44.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aru.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectaru.pages.dev
Fingerprint83:B2:C7:81:78:35:91:AD:35:AE:BF:BD:21:50:26:2B:7F:8B:98:AB
ValiditySat, 13 Apr 2024 16:20:32 GMT - Fri, 12 Jul 2024 16:20:31 GMT

File type
ASCII text
Size
10 kB (10319 bytes)
Hash
07f10d054eae27b4c627c5486834a32a
5e29e0bfc4781ac7ad05da40bce67246ef79a000
bfba5b761ed48314c48152371b90509fb56bdb8582c4b6b9f8b11e00723cde88

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /css.css HTTP/1.1
Host: aru.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aru.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:55 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"dade7a93ef5f7172b5c24266cd97f691"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=19ETEuR0bfx7tcI8nG6o3wqvCHEneR8xrEbB26IdR70FhMheN3oPNQBFLrEgI6Ex5zpbXqNZSi4END%2BQA4C5%2FaNsO7JPBGPiaGUoz4nuHO8YA1Xu97IvtcQpXM18o%2BqX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a86521899856cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

104.18.10.207

200 OK

27 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aru.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65369)
Size
27 kB (27121 bytes)
Hash
7f89537eaf606bff49f5cc1a7c24dbca
b0972fdcce82fd583d4c2ccc3f2e3df7404a19d0
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

HTTP Headers

GET /bootstrap/3.4.1/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aru.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:55 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"7f89537eaf606bff49f5cc1a7c24dbca"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 01/04/2023 09:19:49
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1077
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: c4c41752933dcbde14fb1886b996d88f
cdn-cache: HIT
cf-cache-status: HIT
age: 13351822
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a86521b9f0712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

aru.pages.dev/

172.66.44.193

200 OK

6.1 kB

URL User Request GET HTTP/2
aru.pages.dev/
IP
172.66.44.193:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectaru.pages.dev
Fingerprint83:B2:C7:81:78:35:91:AD:35:AE:BF:BD:21:50:26:2B:7F:8B:98:AB
ValiditySat, 13 Apr 2024 16:20:32 GMT - Fri, 12 Jul 2024 16:20:31 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (6448), with no line terminators
Size
6.1 kB (6059 bytes)
Hash
059cbc1651ce0cd7222c1816ef1caacf
40d73fe5bd1dec634308dd343232e250ca1be5da
feebad03a7bac4f8f2783c3a3f3b1fdf63124a04736caa1028422cb856520644

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET / HTTP/1.1
Host: aru.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:55 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"6bbd50b67a6e7b47c3b18ca3e8b96855"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8lYNwWIDB25xFZj%2FeypmSsHUxbAwbVzBFVFFL1G9nN%2BFkNqokBURhXUF30rzrDvk8mmTFAfH6KaGvDjCFFTxa%2BE8SgXPRKpz7pwWpPSrv1YFFAiSg8qVYeCbnzmcSS0l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8651edf63b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,700

142.250.74.106

200 OK

11 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://aru.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (1572)
Size
11 kB (11194 bytes)
Hash
b69c29c8c917c014d6f4b79752d8ce0b
71a580b2e8792ba930815bcca3bda73e7715ca3f
5cccc465f4c8cdcec789a0b28846823f18646206351bc9ff794f1aec7f58f5b0

HTTP Headers

GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aru.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 17:46:55 GMT
date: Fri, 26 Apr 2024 17:46:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

aru.pages.dev/image/log.svg

172.66.44.193

200 OK

2.4 kB

URL GET HTTP/3
aru.pages.dev/image/log.svg
IP
172.66.44.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aru.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectaru.pages.dev
Fingerprint83:B2:C7:81:78:35:91:AD:35:AE:BF:BD:21:50:26:2B:7F:8B:98:AB
ValiditySat, 13 Apr 2024 16:20:32 GMT - Fri, 12 Jul 2024 16:20:31 GMT

File type
SVG Scalable Vector Graphics image
Size
2.4 kB (2385 bytes)
Hash
eb0a14e57c75805425e06bc50456a61c
a7c045d08836b0a70a986d2af5a2fc0424f0950b
ba6c92cb2d954d476bb4ebe83719b8ab5f9abff03d85d5644ff922066715fae6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /image/log.svg HTTP/1.1
Host: aru.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aru.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:55 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"75f8e43fed0f8776701fdc026fe1d15f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X4I0vnKRHa7nRkepHPy0TKyDvPAmTxrHrUr%2BxmtmP9zxuup86wacQkCE1A1ImEUPCO2i%2BMRnd1OoXXE6Uf7Zj%2B9oWiYOWwcIkOavkYiqyCR6jBvQPDGXXnkOyahJBHur"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8652199d656cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.db-ip.com/v2/free/self

104.26.4.15

200 OK

208 B

URL GET HTTP/2
api.db-ip.com/v2/free/self
IP
104.26.4.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aru.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectdb-ip.com
Fingerprint65:B1:27:2E:35:D2:F7:1F:20:04:C5:CA:EA:4E:7A:B4:69:6A:83:00
ValiditySun, 17 Mar 2024 01:33:55 GMT - Sat, 15 Jun 2024 01:33:54 GMT

File type
ASCII text, with no line terminators
Size
208 B (208 bytes)
Hash
e2ea99ca1d96662642f646c869f26478
dce337b8ee27800bd6be9649fab5260842f24cc3
fd99bbe3834f47290bc2ae7e0a311ce6e284cbf4f76e8b099f549a4c3a6b740f

HTTP Headers

GET /v2/free/self HTTP/1.1
Host: api.db-ip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aru.pages.dev/
Origin: https://aru.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:56 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
x-iplb-request-id: A29EDE49:AEBE_93878F2E:0050_662BE890_14AE0084:5647
x-iplb-instance: 54033
cf-cache-status: MISS
last-modified: Fri, 26 Apr 2024 17:46:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rUe0aJtyMgAZnFnUK2qSOZjRGuTCdphuQiAUyQ9UcQQ43%2B%2BETrVt5yQRZLRcj6saPGSiXw7UDhEEan5T5ofqI7C6aqwpG4%2BFisXBVNtzkVkD%2BahpeaUllaknVlLPMj8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a865243a2256ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

aru.pages.dev/js.js

172.66.44.193

200 OK

3.5 kB

URL GET HTTP/3
aru.pages.dev/js.js
IP
172.66.44.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aru.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectaru.pages.dev
Fingerprint83:B2:C7:81:78:35:91:AD:35:AE:BF:BD:21:50:26:2B:7F:8B:98:AB
ValiditySat, 13 Apr 2024 16:20:32 GMT - Fri, 12 Jul 2024 16:20:31 GMT

File type
ASCII text, with very long lines (3893), with no line terminators
Size
3.5 kB (3460 bytes)
Hash
cdd1514f261409f32c975239ce68f47f
7ae73725b812f070e3f91531bc6da78f1d544cf6
334e133815efb10cf375495c516cf6a2833178ee80c98051e5279d03cf64bb44

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /js.js HTTP/1.1
Host: aru.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aru.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:55 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2cf3b0604b00c375c7b22b8090f0f69a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qm%2FiGmiDosjgEpmo%2BKkwfxs0P7N%2FNM6JFFOzLyr7IButYZQNGyyDIVqWgI8RT28c762VXwifYtdHgHOXx17qcwLut6LNmsqd7%2Fcy4UdSCrP1Z%2FU5s1%2BjxHd81DfO5wr2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a86521a9e756cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (11)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size