aruba.id.cargopax.com Open in urlscan Pro
102.50.167.228  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://t.co/L5KYp1TcqC Page URL
2. https://aruba.id.cargopax.com/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	L5KYp1TcqC t.co/	241 B 610 B	231ms 151ms	Document text/html	104.244.42.133 TWITTER
General Check archive.org Show headers Download Go to Full URL https://t.co/L5KYp1TcqC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.133 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_f / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language it-IT,it;q=0.9 Response headers date Mon, 10 Jan 2022 14:42:45 GMT vary Origin server tsa_f expires Mon, 10 Jan 2022 14:47:45 GMT content-type text/html; charset=utf-8 cache-control private,max-age=300 content-length 173 content-encoding gzip x-xss-protection 0 strict-transport-security max-age=0 x-response-time 113 x-connection-hash 3a4c769ece4e43d56dfb32df0599bbbee246195de559486353d205f7e810721a
GET H/1.1	200 OK	Primary Request / Show response aruba.id.cargopax.com/	4 KB 2 KB	1945ms 1461ms	Document text/html	102.50.167.228 IAM-AS
General Check archive.org Show headers Download Go to Full URL https://aruba.id.cargopax.com/ Requested by Host: t.co URL: https://t.co/L5KYp1TcqC Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 102.50.167.228 , Morocco, ASN6713 (IAM-AS, MA), Reverse DNS Software nginx / Resource Hash 82b65d4eaea509c0114e441ea78d8447bc1a239e14194bed346b7c1c61b54739 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer https://t.co/ Response headers Server nginx Date Mon, 10 Jan 2022 14:42:45 GMT Content-Type text/html; charset=UTF-8 Content-Length 1595 Connection keep-alive Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 Pragma no-cache Access-Control-Allow-Origin * Vary Accept-Encoding Content-Encoding gzip Referrer-Policy no-referrer
GET H/1.1	200 OK	/ aruba.id.cargopax.com/	1 B 185 B	108ms 108ms	Image text/html	102.50.167.228 IAM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://aruba.id.cargopax.com/?securitas_brocken_image Requested by Host: aruba.id.cargopax.com URL: https://aruba.id.cargopax.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 102.50.167.228 , Morocco, ASN6713 (IAM-AS, MA), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Mon, 10 Jan 2022 14:42:45 GMT Referrer-Policy no-referrer Server nginx Connection keep-alive Content-Length 1 Content-Type text/html; charset=UTF-8
GET H2	200	main.js Show response cdnfilessc.xyz/	117 KB 43 KB	121ms 39ms	Script application/javascript	2606:4700:3036::6815:1962 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnfilessc.xyz/main.js Requested by Host: aruba.id.cargopax.com URL: https://aruba.id.cargopax.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:1962 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e663d3621198b3989263b8ae621794da1eef64eccf86d91385878bb6c29a44af Request headers Accept-Language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 10 Jan 2022 14:42:47 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 83420 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Sun, 09 Jan 2022 15:29:07 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOhRteGAZKG8yRv%2FfinZikSxP9VgUWeGCJoc7b9alymWIlNYNnJzoZdSHGa2v39IJKCp%2BoVZU3I0gpljxBUJVk7ZnwAtavIdyNyMTzupqBh61IQxpMIHU%2FMtbVwTteweDNvBBH1%2BapLJH1zNKw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 6cb6ac89e89f7a5e-DUS expires Sun, 16 Jan 2022 15:30:17 GMT
GET H/1.1	200 OK	iframe_challenge.html Show response aruba.id.cargopax.com/ Frame BB2E	2 KB 1 KB	105ms 105ms	Document text/html	102.50.167.228 IAM-AS
General Check archive.org Show headers Download Go to Full URL https://aruba.id.cargopax.com/iframe_challenge.html Requested by Host: aruba.id.cargopax.com URL: https://aruba.id.cargopax.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 102.50.167.228 , Morocco, ASN6713 (IAM-AS, MA), Reverse DNS Software nginx / Resource Hash eb62e6b97084afe01fd44a3eb2c3831ce4b007dc4dd7f693e75e1b2413d558d9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language it-IT,it;q=0.9 Response headers Server nginx Date Mon, 10 Jan 2022 14:42:45 GMT Content-Type text/html Content-Length 775 Connection keep-alive Last-Modified Wed, 10 Nov 2021 06:46:01 GMT ETag "7d1-5d069944158d4-gzip" Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Referrer-Policy no-referrer
GET H/1.1	200 OK	/ aruba.id.cargopax.com/	1 B 399 B	333ms 235ms	Image image/jpeg	102.50.167.228 IAM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://aruba.id.cargopax.com/?Secur_Check_Image Requested by Host: aruba.id.cargopax.com URL: https://aruba.id.cargopax.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 102.50.167.228 , Morocco, ASN6713 (IAM-AS, MA), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Mon, 10 Jan 2022 14:42:45 GMT Referrer-Policy no-referrer Server nginx Cache-directive no-cache Content-Type image/jpeg Cache-control no-cache Pragma-directive no-cache Connection keep-alive Content-Length 1 Expires 0
GET H/1.1	200 OK	none.png staticdata08.giize.com/	0 375 B	1131ms 383ms	Image text/html	102.50.167.228 IAM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://staticdata08.giize.com/none.png Requested by Host: aruba.id.cargopax.com URL: https://aruba.id.cargopax.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 102.50.167.228 , Morocco, ASN6713 (IAM-AS, MA), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Mon, 10 Jan 2022 14:42:46 GMT Referrer-Policy no-referrer Server nginx Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	/ f03321a9a94298e5243d66d2824c3259.edns.ip-api.com/	43 B 43 B	91ms 26ms	Image text/plain	51.68.181.23 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://f03321a9a94298e5243d66d2824c3259.edns.ip-api.com/ Requested by Host: aruba.id.cargopax.com URL: https://aruba.id.cargopax.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 51.68.181.23 , France, ASN16276 (OVH, FR), Reverse DNS c.ip-api.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 10 Jan 2022 14:42:47 GMT Cache-Control no-store Content-Length 43 Content-Type text/plain; charset=utf-8
GET H/1.1	200 OK	json Show response ja3er.com/	327 B 561 B	141ms 40ms	XHR application/json	160.85.255.180 SWITCH Peering re...
General Check archive.org Show headers Download Go to Full URL https://ja3er.com/json Requested by Host: cdnfilessc.xyz URL: https://cdnfilessc.xyz/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 160.85.255.180 , Switzerland, ASN559 (SWITCH Peering requests: peering@switch.ch, CH), Reverse DNS Software nginx / Resource Hash 993a501bcf53995396ae6ce7c7a5e803b473f97ea9b871853af92ad541f6dc4a Request headers Accept-Language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 10 Jan 2022 14:42:48 GMT Server nginx Connection keep-alive Content-Length 327 Content-Type application/json
GET BLOB	200 OK	682ab3d6-7ae6-48be-8249-5b0790b3d53e https://aruba.id.cargopax.com/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://aruba.id.cargopax.com/682ab3d6-7ae6-48be-8249-5b0790b3d53e Requested by Host: aruba.id.cargopax.com URL: https://aruba.id.cargopax.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4c5927d4848ada3482f2df84c17db6ec2f23729e541049e012ace96fb43d7337 Request headers Accept-Language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Length 1078 Content-Type text/javascript

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onsecuritypolicyviolation object| onslotchange number| loadscript string| urlOrigine string| timeOrigine boolean| isMobile string| url0 object| socket function| countWindowLoad function| counterLoadImages string| nx string| key object| iframeTest object| keyboard function| detectDeviceName function| reqListener function| errorJa3 object| xhr function| getDimImage function| isPrivateMode object| blob object| worker object| paramsCanvasFp number| numShapesCanvasFp function| picassoCanvas object| picassoCanvasList object| fingPrintL string| fg function| handleOrientation object| synth function| memoryBaseline number| baseStart number| baseTime function| localStorageOperation number| diffStart number| diffTime boolean| isWebRTCSupported function| findIP function| addIP number| dpi_x number| dpi_y number| width number| height function| is_touch_device function| Browser number| startWait function| isDOMLoaded function| strCde function| getVoicesList function| md5 string| fps boolean| charging number| chargelevel boolean| srcDocErr string| kbd boolean| useractivation boolean| webcam boolean| speaker boolean| micro number| nbwebcam number| nbspeaker number| nbmicro string| ja3h number| brokenImage function| $ function| jQuery boolean| ipad string| infoBrs string| smno object| fpcarrPicasso object| fpcarr number| speednet number| dCOrientation string| svoices number| csvoices number| RPLocalStorage boolean| supportRTC string| ipLeaks string| ipLeaks1 number| size boolean| private

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.t.co/	1970-01-20 17:34:57	Name: muc Value: dd324033-561e-4e74-b3fb-2b0440c1c467
			.t.co/	1970-01-20 17:34:57	Name: muc_ads Value: dd324033-561e-4e74-b3fb-2b0440c1c467
			aruba.id.cargopax.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4odpb6s9k5lbfn3eoqvd0pbr8h
			aruba.id.cargopax.com/	1970-01-20 00:03:46	Name: firewall_secret_code Value: c343e4cff2a7b9d6dd434acf6469d565
			aruba.id.cargopax.com/	1970-01-20 00:03:45	Name: loaded_image Value: 5b5dd60895576011461921b6a22ad000
			staticdata08.giize.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: d9eblp0rbo3kgda82kcse7l325

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://aruba.id.cargopax.com/(Line 50) Message: WebSocket connection to 'wss://aruba.id.cargopax.com:444/' failed: Error during WebSocket handshake: Unexpected response code: 200

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aruba.id.cargopax.com
cdnfilessc.xyz
f03321a9a94298e5243d66d2824c3259.edns.ip-api.com
ja3er.com
staticdata08.giize.com
t.co
102.50.167.228
104.244.42.133
160.85.255.180
2606:4700:3036::6815:1962
51.68.181.23
4c5927d4848ada3482f2df84c17db6ec2f23729e541049e012ace96fb43d7337
82b65d4eaea509c0114e441ea78d8447bc1a239e14194bed346b7c1c61b54739
993a501bcf53995396ae6ce7c7a5e803b473f97ea9b871853af92ad541f6dc4a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e663d3621198b3989263b8ae621794da1eef64eccf86d91385878bb6c29a44af
eb62e6b97084afe01fd44a3eb2c3831ce4b007dc4dd7f693e75e1b2413d558d9