Submitted URL: https://patch.arocs2.com/
Effective URL: https://patch.arocs2.com/admin/
Submission Tags: phishingrod
Submission: On July 27 via api from DE — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 2606:4700:3037::ac43:df2d, located in United States and belongs to CLOUDFLARENET, US. The main domain is patch.arocs2.com.
TLS certificate: Issued by WE1 on July 20th 2024. Valid for: 3 months.
This is the only time patch.arocs2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2606:4700:303... 13335 (CLOUDFLAR...)
6 1
Apex Domain
Subdomains
Transfer
7 arocs2.com
patch.arocs2.com
96 KB
6 1
Domain Requested by
7 patch.arocs2.com 1 redirects patch.arocs2.com
6 1

This site contains no links.

Subject Issuer Validity Valid
arocs2.com
WE1
2024-07-20 -
2024-10-18
3 months crt.sh

This page contains 1 frames:

Primary Page: https://patch.arocs2.com/admin/
Frame ID: E9E165F9CC89A7B3F64443681313DB50
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

Patcher - Login

Page URL History Show full URLs

  1. https://patch.arocs2.com/ HTTP 302
    https://patch.arocs2.com/admin/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

6
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

95 kB
Transfer

318 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://patch.arocs2.com/ HTTP 302
    https://patch.arocs2.com/admin/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
patch.arocs2.com/admin/
Redirect Chain
  • https://patch.arocs2.com/
  • https://patch.arocs2.com/admin/
1003 B
865 B
Document
General
Full URL
https://patch.arocs2.com/admin/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:df2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63c2cd95241406ffcbec6b94812591e6e9a815e5fb7c41965c105fa570c0e1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a9b2ddc4d769b3f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 27 Jul 2024 08:15:00 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v8rj388I2kuKeJ3e2A44nlbXagvfZqZjm%2BP1WboHLa5ri2H%2BRfCRMQ6Gkh2sg52KWGFsuDzhxday9gLyDmtd5AfE4DOwd9G6cFaP%2FZIrt8EKGODUeAm0%2BmSl4IRSA%2FoedRyHhcuDf2wDvSEwnzBG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a9b2dc298549b3f-FRA
content-type
text/html; charset=UTF-8
date
Sat, 27 Jul 2024 08:15:00 GMT
location
admin/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NWO25JDx2DeB1gjT0pgl%2BIA1B0KmrCuFbtOwzgOX9C0HXz524UF%2BxwP0wYAihkIxdaka4UTLqH66WzLT7aShNilTFdEToUl3w1sr7aX9K%2BAYn1NVHMrM5EaPwWiOzm182G1wMDCJCcMh5EV%2FJETb"}],"group":"cf-nel","max_age":604800}
server
cloudflare
login.css
patch.arocs2.com/admin/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://patch.arocs2.com/admin/css/login.css
Requested by
Host: patch.arocs2.com
URL: https://patch.arocs2.com/admin/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:df2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05a26790874c08f4de725b943fac79b4fac188f4361c7c6653ef1b2716a69979

Request headers

Referer
https://patch.arocs2.com/admin/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 08:15:00 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 21 Feb 2017 12:11:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a72-5490947b30080-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1lUesf5tgXHN6tbgLAsYSbTlLatoVALf8s0JsdHFvjiE6I5EIhGqMxFYmZQKqN7MEQ0xvfTmRenMYDYSi7faTxqn%2FdTuVnRqzN%2Fl2Ud8MGtBjvaUd06wG6jSZ2bcH6EWxMU25VHsgieHhgqRYrJZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a9b2ddc9dcb9b3f-FRA
alt-svc
h3=":443"; ma=86400
content-length
774
jquery.js
patch.arocs2.com/admin/js/
90 KB
32 KB
Script
General
Full URL
https://patch.arocs2.com/admin/js/jquery.js
Requested by
Host: patch.arocs2.com
URL: https://patch.arocs2.com/admin/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:df2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://patch.arocs2.com/admin/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 08:15:00 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 21 Feb 2017 12:11:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"169d5-5490947b30080-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0asPwXmeQunFuM9z0oXHi7vKrSw%2B5mQMfiubRnZhMB9rHv6UicNR6DyYwGQNdzgfmbWSQbbwrEy0OyFpTGoBHja49n%2BtFcWS2%2B4xmKN7fDd2%2BklVMLGCqceCZcDiYFXQYATj2ILiinwHSuMDnOgc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a9b2ddc9dce9b3f-FRA
alt-svc
h3=":443"; ma=86400
content-length
32775
jquery-ui.js
patch.arocs2.com/admin/js/
223 KB
59 KB
Script
General
Full URL
https://patch.arocs2.com/admin/js/jquery-ui.js
Requested by
Host: patch.arocs2.com
URL: https://patch.arocs2.com/admin/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:df2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d3a04bde0fc35f35de14cd70510a896a2cd653d73fd86fc73ead7a116b9d4c4

Request headers

Referer
https://patch.arocs2.com/admin/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 08:15:01 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 21 Feb 2017 12:11:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"37b33-5490947b30080-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LJqrvSbD6O4jg6zs5kTE4X4he85LwPkvR65hX38RdTgoM4MRQtc9HP3LxhvnZMcbWvXQhbcuWxRG5aFTXJZmAjdXvGK0OH2AxnCnCui5CTn9ix0AirZMnkfsloXx4P13LBJIjEZuqkxQ%2Bdx3P%2BOT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a9b2ddc9dcf9b3f-FRA
alt-svc
h3=":443"; ma=86400
content-length
60210
login.js
patch.arocs2.com/admin/js/
782 B
891 B
Script
General
Full URL
https://patch.arocs2.com/admin/js/login.js
Requested by
Host: patch.arocs2.com
URL: https://patch.arocs2.com/admin/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:df2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4419e2c35437415e43e0fde711f481ca4be2c47dfc0c85e4f2def0f7703964c

Request headers

Referer
https://patch.arocs2.com/admin/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 08:15:00 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 21 Feb 2017 12:11:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"30e-5490947b30080-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RK50Wlwe%2BkZwffgUn9nGNQuh6Lbqcv3QHR8HQW%2BmUqH3%2FoAIBSoKV39%2FQ%2FnhiiWWdbagyUKyMeDfyc7u12UVtMWsfhSvirPFJGwwMnmHvlbAgPDvp3mp%2FJ501sL8G0PON1ONQhq7aU771jzHyRwp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a9b2ddc9dd09b3f-FRA
alt-svc
h3=":443"; ma=86400
content-length
422
favicon.ico
patch.arocs2.com/
279 B
653 B
Other
General
Full URL
https://patch.arocs2.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:df2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f499d8b957918732d90ae4911bc753a36771b60c21fe4724164155af3a68f3f2

Request headers

Referer
https://patch.arocs2.com/admin/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 08:15:02 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=07YZQty6%2Fqal8BzDwz%2FXSDqjmt%2Bb5GUTQJ88UOa6811hhVo5rq7WhsJxwSFF%2FnILjc%2BudlBVtFKaAxFd5kV7YsPjTW0AtCjHfCGoiqD78UgPQDNUtcNZ68gz2PeuplyOGtsFe5Yj1sjKPb7l5nxS"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8a9b2de1eb4f9b3f-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| DP_jQuery_1722068101404 function| DoLogin

1 Cookies

Domain/Path Name / Value
patch.arocs2.com/ Name: PHPSESSID
Value: ebt7dtjn85pocm7bdlj0apeenb

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://patch.arocs2.com/admin/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://patch.arocs2.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()