Submitted URL: https://e143-marketing.systeme.io/proxy/request/2870648120face23cec291e99f1583712e249
Effective URL: https://aruuliket.xyz/ithosliiintss/areautenti/login.php
Submission: On April 06 via manual from IT — Scanned from IT

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is aruuliket.xyz.
TLS certificate: Issued by GTS CA 1P5 on April 2nd 2024. Valid for: 3 months.
This is the only time aruuliket.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 65.9.95.106 16509 (AMAZON-02)
1 6 188.114.96.3 13335 (CLOUDFLAR...)
5 1
Apex Domain
Subdomains
Transfer
6 aruuliket.xyz
aruuliket.xyz
26 KB
1 systeme.io
e143-marketing.systeme.io
346 B
5 2
Domain Requested by
6 aruuliket.xyz 1 redirects aruuliket.xyz
1 e143-marketing.systeme.io 1 redirects
5 2

This site contains no links.

Subject Issuer Validity Valid
aruuliket.xyz
GTS CA 1P5
2024-04-02 -
2024-07-01
3 months crt.sh

This page contains 2 frames:

Primary Page: https://aruuliket.xyz/ithosliiintss/areautenti/login.php
Frame ID: B87883552E566E93409E44C4C6449B66
Requests: 3 HTTP requests in this frame

Frame: https://aruuliket.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: 5211AD1B8692CE2B75162104327F451A
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

404 Not Found

Page URL History Show full URLs

  1. https://e143-marketing.systeme.io/proxy/request/2870648120face23cec291e99f1583712e249 HTTP 302
    https://aruuliket.xyz/ithosliiintss/areautenti/login.php Page URL
  2. https://aruuliket.xyz/ithosliiintss/areautenti/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

25 kB
Transfer

27 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://e143-marketing.systeme.io/proxy/request/2870648120face23cec291e99f1583712e249 HTTP 302
    https://aruuliket.xyz/ithosliiintss/areautenti/login.php Page URL
  2. https://aruuliket.xyz/ithosliiintss/areautenti/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://e143-marketing.systeme.io/proxy/request/2870648120face23cec291e99f1583712e249 HTTP 302
  • https://aruuliket.xyz/ithosliiintss/areautenti/login.php
Request Chain 2
  • https://aruuliket.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://aruuliket.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
login.php
aruuliket.xyz/ithosliiintss/areautenti/
Redirect Chain
  • https://e143-marketing.systeme.io/proxy/request/2870648120face23cec291e99f1583712e249
  • https://aruuliket.xyz/ithosliiintss/areautenti/login.php
19 KB
20 KB
Document
General
Full URL
https://aruuliket.xyz/ithosliiintss/areautenti/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f71e7ba554c3a414f1691403d80294b55b906c8c2090bc8b94a2cd9106f5a0d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
it-IT,it;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
87021e1799fe59d1-MXP
content-type
text/html; charset=utf-8
date
Sat, 06 Apr 2024 13:27:49 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fe4GAEdDAK3qZw2qZRtinOufh9fwT%2BHkRXZuX3MEKfAoogdaZUSdzMmRvwa0i%2FDGlj0PhOh3%2Beotxj1bim4uhpZ1G4q2%2B5ez3TodSv1wUbCzCwQkfprWi5%2FlFqz3eufe"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Sat, 06 Apr 2024 13:27:49 GMT
location
https://aruuliket.xyz/ithosliiintss/areautenti/login.php
server
nginx/1.24.0
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-id
KguToDKGdpvvH5n6PSU1AapFSnlh6tNvRinZ6AXhIs3YsZdlAmjECQ==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
login.php
aruuliket.xyz/ithosliiintss/areautenti/
0
590 B
XHR
General
Full URL
https://aruuliket.xyz/ithosliiintss/areautenti/login.php
Requested by
Host: aruuliket.xyz
URL: https://aruuliket.xyz/ithosliiintss/areautenti/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Requested-TimeStamp-Expire
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
lVk89EW3EvAD-eRdoUMK8d-Hmg4
25282429
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://aruuliket.xyz/ithosliiintss/areautenti/login.php
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 13:27:50 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OAhfd7SxVfT0FohEDXdMFR%2BjoLkvWD%2BvZxuPjFcMPWh53PCBVyjhwjcf2Pe6p10LZyS8Hw5m0CUuprpmqTD1UjSSj7HG%2BXJu1h0IBbR91WQ1ca8kQf%2F%2FL7P01d17y7r0"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87021e1a4e9559d1-MXP
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
aruuliket.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame 5211
Redirect Chain
  • https://aruuliket.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://aruuliket.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
8 KB
4 KB
Script
General
Full URL
https://aruuliket.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Protocol
H2
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38f40f2c832a75f45d9d33a95d59fdf7296efbbe7fab3d610d6afd1de5e0cbd6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 13:27:50 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sAYngoS%2F9iUu4XRMI%2BbosEIiixAf6UsdQh02I7f9VkKqyZPmqiKReTLymsnXHEyr%2BXUf%2Fl8VdJfvJkQH3esUPi27IxkeftZbH1gDrcrW%2FIV10Qx8Gml5kUA8yYEEUxpP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
87021e1a6ed859d1-MXP
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 06 Apr 2024 13:27:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BabY8MQbxvZamngYiyFW%2FrSOFlue7O1zqiPveeEWHPXtJg%2Fz6UfrrnR9a6K%2BPElDigR2r0KC6Mtb4%2BxWRt1TmxrlFCaN%2FctOWa6askkFyg%2BBtUSaBCbUtxtpYQoAern6"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
cache-control
max-age=300, public
cf-ray
87021e1a4e9859d1-MXP
alt-svc
h3=":443"; ma=86400
content-length
0
87021e1799fe59d1
aruuliket.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 5211
0
620 B
XHR
General
Full URL
https://aruuliket.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/87021e1799fe59d1
Requested by
Host: aruuliket.xyz
URL: https://aruuliket.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Apr 2024 13:27:50 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2p%2BRD3Av0cmyXEoi0qQtwK3DGbD%2FKvDGvXm3VEvYGRA5OB%2F085wvuFeTj853%2Bnz0Tq1RHfCL6hk4IPkZDhXaloqk1Crih3Xn%2BLDaMU3bEgCe2HIie1DqdDVyTXh2dbiF"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
87021e1aeda73744-MXP
alt-svc
h3=":443"; ma=86400
Primary Request login.php
aruuliket.xyz/ithosliiintss/areautenti/
257 B
567 B
Document
General
Full URL
https://aruuliket.xyz/ithosliiintss/areautenti/login.php
Requested by
Host: aruuliket.xyz
URL: https://aruuliket.xyz/ithosliiintss/areautenti/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5128b5e331cad19df2f67041ffc85bf716d6e6106dea098c37524593fb268e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://aruuliket.xyz/ithosliiintss/areautenti/login.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
it-IT,it;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87021e1bae7d3744-MXP
content-encoding
br
content-type
text/html
date
Sat, 06 Apr 2024 13:27:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ZzumKG%2FdKDTEaIJu8Btb8wwNaExCa1IoWe899ucJyHLXAJsmeMf7I9p5ywdbxmgqvYkzzvUPPvNTozeFK4NTXBRUpMqMTi6u8sQHqpID35D0QJ7HI0SjQXJiXLftOvQ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block 1; mode=block

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Domain/Path Name / Value
aruuliket.xyz/ Name: pkocKZF5YTmwSIP2wkbJwbhvzu4
Value: o1UHh1sQAcWr17dzYp1_E41oJ9U
aruuliket.xyz/ Name: 9V_QAC9GC2VII28RvByL7G-sDdY
Value: 1712410065
aruuliket.xyz/ Name: QyB4LswfufO5LXXwGNP6rwxmpc0
Value: 1712496465
aruuliket.xyz/ Name: R6GjzjVRBQgzHejRi-KuegPfeS8
Value: WZmc6L-SOR8A4pDtC0Oou5S0C1M
aruuliket.xyz/ Name: rWY-kfotNsmAvp8I9MRAYkIqww0
Value: UBS3cePiyVsUHZdxe9pJBhGEah4
.aruuliket.xyz/ Name: cf_clearance
Value: mAFO4I6d0cs_anGYEOvcPq_uHKfsSk5PlQDv_ExG7R0-1712410070-1.0.1.1-Mjve323.nJoCooyJWF33Bm_bQs5Bs9iYP7uIOkmkZ3o4sitEZbs9NSWITD7C2svLZvDYBFq2ZMiLRnEatquQ5w
aruuliket.xyz/ Name: qJUde3caBNoL-o8TWS6Z0qxskxY
Value: 1712410067
aruuliket.xyz/ Name: KWBJgyCV1bZPGKT60jJ0nw2I0Oo
Value: 1712496467
aruuliket.xyz/ Name: jjJVyIiiNsFa1_L3qQelxr53c_4
Value: MAyonPlhnwAvztAtB1srTPLFZ9Q

2 Console Messages

Source Level URL
Text
network error URL: https://aruuliket.xyz/ithosliiintss/areautenti/login.php
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://aruuliket.xyz/ithosliiintss/areautenti/login.php
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block