aarav471471.github.io
185.199.111.153  Malicious Activity! Public Scan Open in urlscan Pro

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response aarav471471.github.io/FedXtract/	4 KB 2 KB	161ms 117ms	Document text/html	185.199.111.153 Fastly
General Check archive.org Show headers Download Go to Full URL https://aarav471471.github.io/FedXtract/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.111.153 , United States, ASN54113 (FASTLY - Fastly, Inc., US), Reverse DNS cdn-185-199-111-153.github.com Software GitHub.com / Resource Hash 914596592650b6b6bddd72b482459e21a15789135f9d03158c7be3a143a9072e Security Headers Name Value Strict-Transport-Security max-age=31556952 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 sec-ch-ua "Chromium";v="110", "Google Chrome";v="110", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 sec-ch-ua-platform "macOS" Response headers accept-ranges bytes access-control-allow-origin * age 0 cache-control max-age=600 content-encoding gzip content-length 1369 content-type text/html; charset=utf-8 date Tue, 14 Apr 2026 10:58:23 GMT etag W/"695f8c8e-108d" expires Tue, 14 Apr 2026 11:08:23 GMT last-modified Thu, 08 Jan 2026 10:53:02 GMT server GitHub.com strict-transport-security max-age=31556952 vary Accept-Encoding via 1.1 varnish x-cache MISS x-cache-hits 0 x-fastly-request-id a0eef50636ca876f07c983c1168ff5ea528b49ea x-github-request-id 3944:36FF34:303EFE:3096E1:69DE1DCF x-proxy-cache MISS x-served-by cache-fra-eddf8230132-FRA x-timer S1776164303.226673,VS0,VE108
GET H2	200	style.css aarav471471.github.io/FedXtract/	4 KB 2 KB	131ms 130ms	Stylesheet text/css	185.199.111.153 Fastly
General Check archive.org Show headers Download Go to Full URL https://aarav471471.github.io/FedXtract/style.css Requested by Host: aarav471471.github.io URL: https://aarav471471.github.io/FedXtract/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.111.153 , United States, ASN54113 (FASTLY - Fastly, Inc., US), Reverse DNS cdn-185-199-111-153.github.com Software GitHub.com / Resource Hash de1ef81e77e0e423aa8bc745eca9e2f6f712904f279c1ee0b7a8072d01a8e2dc Security Headers Name Value Strict-Transport-Security max-age=31556952 Request headers sec-ch-ua-platform "macOS" Referer https://aarav471471.github.io/FedXtract/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 sec-ch-ua "Chromium";v="110", "Google Chrome";v="110", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-fastly-request-id 7c72cab626c87c08bcf112f363cd75d824ebbb7d content-encoding gzip etag W/"695f8c8e-108e" age 0 x-github-request-id 9DCA:16F0E9:2EB7CE:2F0F05:69DE1DCF expires Tue, 14 Apr 2026 11:08:23 GMT x-proxy-cache MISS x-cache MISS date Tue, 14 Apr 2026 10:58:23 GMT content-type text/css; charset=utf-8 last-modified Thu, 08 Jan 2026 10:53:02 GMT x-served-by cache-fra-eddf8230132-FRA x-cache-hits 0 vary Accept-Encoding strict-transport-security max-age=31556952 cache-control max-age=600 x-timer S1776164303.347887,VS0,VE117 via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 1487 server GitHub.com
GET H2	200	script.js Show response aarav471471.github.io/FedXtract/	5 KB 2 KB	112ms 112ms	Script application/javascript	185.199.111.153 Fastly
General Check archive.org Show headers Download Go to Full URL https://aarav471471.github.io/FedXtract/script.js Requested by Host: aarav471471.github.io URL: https://aarav471471.github.io/FedXtract/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.111.153 , United States, ASN54113 (FASTLY - Fastly, Inc., US), Reverse DNS cdn-185-199-111-153.github.com Software GitHub.com / Resource Hash 3c7278a1ac45e80055a826564dcd3bfe94b09987fbb2c9148b7ba2af2e28fc59 Security Headers Name Value Strict-Transport-Security max-age=31556952 Request headers sec-ch-ua-platform "macOS" Referer https://aarav471471.github.io/FedXtract/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 sec-ch-ua "Chromium";v="110", "Google Chrome";v="110", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-fastly-request-id 82100c9a133fc157dd0bca4f944db33c9047a444 content-encoding gzip etag W/"695f8c8e-12d8" age 0 x-github-request-id D81E:F05C1:2FCB0D:302311:69DE1DCE expires Tue, 14 Apr 2026 11:08:23 GMT x-proxy-cache MISS x-cache MISS date Tue, 14 Apr 2026 10:58:23 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 08 Jan 2026 10:53:02 GMT x-served-by cache-fra-eddf8230132-FRA x-cache-hits 0 vary Accept-Encoding strict-transport-security max-age=31556952 cache-control max-age=600 x-timer S1776164303.348942,VS0,VE103 via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 1394 server GitHub.com
GET H2	200	css2 fonts.googleapis.com/	10 KB 1 KB	53ms 18ms	Stylesheet text/css	142.251.14.95 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700&display=swap Requested by Host: aarav471471.github.io URL: https://aarav471471.github.io/FedXtract/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 142.251.14.95 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS pm-in-f95.1e100.net Software ESF / Resource Hash 092199949ff7fd357d8e4dcb71e91957dc4128c47249635128ab223cd22b2c11 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua-platform "macOS" Referer https://aarav471471.github.io/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 sec-ch-ua "Chromium";v="110", "Google Chrome";v="110", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip x-content-type-options nosniff expires Tue, 14 Apr 2026 10:58:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 14 Apr 2026 10:58:23 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Tue, 14 Apr 2026 10:32:11 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	dcas Show response fedxtract-backend.onrender.com/	2 B 218 B	129ms 62ms	Fetch application/json	216.24.57.251 Render
General Check archive.org Show headers Download Go to Full URL https://fedxtract-backend.onrender.com/dcas Requested by Host: aarav471471.github.io URL: https://aarav471471.github.io/FedXtract/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.24.57.251 , United States, ASN397273 (RENDER - Render, US), Reverse DNS Software cloudflare / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers sec-ch-ua-platform "macOS" Referer https://aarav471471.github.io/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 sec-ch-ua "Chromium";v="110", "Google Chrome";v="110", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding br cf-cache-status DYNAMIC cf-ray 9ec231f1891ed34a-FRA access-control-allow-origin * rndr-id 50af32ef-4d54-41bf content-length 6 x-render-origin-server uvicorn date Tue, 14 Apr 2026 10:58:23 GMT content-type application/json vary Accept-Encoding server cloudflare alt-svc h3=":443"; ma=86400
GET H3	200	UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2 fonts.gstatic.com/s/inter/v20/	47 KB 47 KB	23ms 8ms	Font font/woff2	192.178.183.94 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.94 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f94.1e100.net Software sffe / Resource Hash c940764593d0fe5d596be327ca7558855e018039fb78509aa21921fd3644c3e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://aarav471471.github.io sec-ch-ua-platform "macOS" Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 sec-ch-ua "Chromium";v="110", "Google Chrome";v="110", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers age 389585 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 09 Apr 2027 22:45:18 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 09 Apr 2026 22:45:18 GMT last-modified Tue, 09 Sep 2025 18:40:32 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 48432 x-xss-protection 0 server sffe
GET H3	200	UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7W0Q5n-wU.woff2 fonts.gstatic.com/s/inter/v20/	83 KB 83 KB	28ms 13ms	Font font/woff2	192.178.183.94 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7W0Q5n-wU.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.94 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f94.1e100.net Software sffe / Resource Hash a28eb6d3ccb534ae0c94ca999371df024aab60b08c3c8a5720ee9e32fa0faaa2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://aarav471471.github.io sec-ch-ua-platform "macOS" Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 sec-ch-ua "Chromium";v="110", "Google Chrome";v="110", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers age 375760 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 10 Apr 2027 02:35:43 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 10 Apr 2026 02:35:43 GMT last-modified Tue, 09 Sep 2025 18:34:27 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 85272 x-xss-protection 0 server sffe
GET H2	404	favicon.ico aarav471471.github.io/	9 KB 5 KB	94ms 93ms	Other text/html	185.199.111.153 Fastly
General Check archive.org Show headers Download Go to Full URL https://aarav471471.github.io/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.111.153 , United States, ASN54113 (FASTLY - Fastly, Inc., US), Reverse DNS cdn-185-199-111-153.github.com Software GitHub.com / Resource Hash 70d613e3acfba24fd2876fcbacaf639e1e111ef4d54baf70761c47673f37d6a3 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self' Request headers sec-ch-ua-platform "macOS" Referer https://aarav471471.github.io/FedXtract/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666 sec-ch-ua "Chromium";v="110", "Google Chrome";v="110", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-fastly-request-id fb34089e7b5f4c52194799b5ae6a67911e2df573 content-encoding gzip etag W/"69dd6769-239b" age 0 x-github-request-id F8A4:13AE8A:302EAD:3085F1:69DE1DCF x-cache MISS date Tue, 14 Apr 2026 10:58:23 GMT content-type text/html; charset=utf-8 x-served-by cache-fra-eddf8230132-FRA x-cache-hits 0 vary Accept-Encoding content-security-policy default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self' x-timer S1776164304.606385,VS0,VE85 via 1.1 varnish accept-ranges bytes content-length 5142 server GitHub.com

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fedex (Transportation)

11 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

function| show function| toast function| registerDCA function| createCase function| loadCases function| loadDCAs function| assignCase function| recoverCase function| autopayCase function| loadLeaderboard function| loadDashboard

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://aarav471471.github.io/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aarav471471.github.io
fedxtract-backend.onrender.com
fonts.googleapis.com
fonts.gstatic.com
142.251.14.95
185.199.111.153
192.178.183.94
216.24.57.251
092199949ff7fd357d8e4dcb71e91957dc4128c47249635128ab223cd22b2c11
3c7278a1ac45e80055a826564dcd3bfe94b09987fbb2c9148b7ba2af2e28fc59
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
70d613e3acfba24fd2876fcbacaf639e1e111ef4d54baf70761c47673f37d6a3
914596592650b6b6bddd72b482459e21a15789135f9d03158c7be3a143a9072e
a28eb6d3ccb534ae0c94ca999371df024aab60b08c3c8a5720ee9e32fa0faaa2
c940764593d0fe5d596be327ca7558855e018039fb78509aa21921fd3644c3e4
de1ef81e77e0e423aa8bc745eca9e2f6f712904f279c1ee0b7a8072d01a8e2dc