Report - bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/

Report Overview

Submitted URL
bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
IP
104.17.64.14
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 19:08:50
Access
public
Website Title
Webmail Login | IONOS by 1&1
Final URL
bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/#cmd=login_submit&id=1395723413.709508&session=487f7b22f68312d2c1bbc93b1aea445b487f7b22f68312d2c1bbc93b1aea445b
Tags
suspicious
urlquery detections
Suspicious - Suspicious Javascript code

Detections

urlquery
3
Network Intrusion Detection
1
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com	unknown	2018-12-05	2023-06-09	2024-03-04	3.0 kB	2.1 MB	104.17.64.14
mail.ionos.com	354481	2000-02-29	2018-11-01	2024-03-26	981 B	1.1 kB	74.208.255.201
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-18	983 B	5.1 kB	104.17.24.14
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-18	566 B	25 kB	151.101.130.137
tif.ionos.com	202641	2000-02-29	2018-12-21	2024-03-25	460 B	2.2 kB	195.20.251.98
ce1.uicdn.net	136303	2010-08-25	2017-02-01	2024-04-17	4.4 kB	369 kB	213.165.66.58

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-18 19:08:22	low	Client IP	104.17.64.14	ET INFO Peer to Peer File Sharing Service Domain in TLS SNI (cf-ipfs .com)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/	1&1 Ionos
2024-04-18	medium	bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/	1&1 Ionos
2024-04-18	medium	bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/	1&1 Ionos
2024-04-18	medium	bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/	1&1 Ionos

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	unknown	121 B	2023-06-10	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-10 13:07:12 Last Seen2024-04-18 21:08:52 Times Seen10 Hash d352e4e7f249a0eb243e228cdc0aefac 5337367b0c98600bb195b37a891fd30a7460e6af 994af9b047be64ac4ab280354fbfe47334a02322a678218e2586bcbe9358bc52 Loading...

	unknown	16 kB	2023-06-10	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-10 13:07:12 Last Seen2024-04-18 21:08:52 Times Seen10 Hash 23021bc5ddfcf8e58f277932d74e94a4 974c32e65a15ad04a2227c627ec067082225408b 619f4c2798483aa5c2a55915b7265994d0eb63498eb1d2b0197c6b053cd5dbcb Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/md5.js	9.4 kB	2023-03-08	2024-04-29
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/md5.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:04:53 Last Seen2024-04-29 18:52:04 Times Seen370 Hash 349498f298a6e6e6a85789d637e89109 e626c530154c07527abcfb1f83b9ec578a81b234 97dc67431dbd3360ea838fecad611a30f540f8389bbd15b89a1e14ba8dbb54aa Loading...

	unknown	477 B	2023-06-10	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-10 13:07:11 Last Seen2024-04-18 21:08:52 Times Seen10 Hash c638875f3f858e49c68c50fffb85a3aa c91173933f048e4945f3387de760225755b93260 d7c41b4a69077783cb4545918fed72c4f6a1c00d6155a5833e1cf91b6a53b689 Loading...

	unknown	839 B	2023-06-10	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-10 13:07:11 Last Seen2024-04-18 21:08:52 Times Seen10 Hash 2611853dfe025215322d849572af84fb 485a520ca8ad3bbdfd8ab300b36014a0afd900ec 911afa3b6994a8d56f277683ae42c2bfcdc3070b07df7fd6c8311dea967b224d Loading...

	bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/	2.0 MB	2023-06-10	2024-04-18
Pretty URL bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/ IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-10 13:07:12 Last Seen2024-04-18 21:08:52 Times Seen10 Hash f2630a17a98d575a9a559c04557d3976 5e4210e872b81ce05fba8ad3701e975bd619f9e4 3aeb2cbf824aafb180d1fa404cb5a95b6e9c539996ae3526ee0942b924498198 Loading...

	tif.ionos.com/js/70000.js	5.3 kB	2023-03-07	2024-04-29
Pretty URL tif.ionos.com/js/70000.js IP 195.20.251.98 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:38 Last Seen2024-04-29 20:29:52 Times Seen424 Hash cd058171d6318fe5aa257cd0922e1382 7231753f18cfb547aa40962f1e0400a568705903 ac93a0b9313837ed6b0b119de837a620de8440aa2a859ed2f182310a03cd251e Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/core.min.js	3.9 kB	2023-03-07	2024-04-29
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/core.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:54 Last Seen2024-04-29 18:52:04 Times Seen331 Hash e9325f1aece67b8282928d85f07de758 94c8b9cb36019463170593f85569b607b0722da3 80d0635fe9783bec07a43419deb4e9969bf30a78f008386826c9723b7651f43c Loading...

	code.jquery.com/jquery-3.3.1.slim.min.js	70 kB	2023-03-07	2024-05-01
Pretty URL code.jquery.com/jquery-3.3.1.slim.min.js IP 151.101.130.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-05-01 16:00:41 Times Seen8454 Hash 99b0a83cf1b0b1e2cb16041520e87641 bc5836992c0b260496ba520fe1336d499bf06eb7 dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1 Loading...

	unknown	3.3 kB	2023-06-10	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-10 13:07:11 Last Seen2024-04-18 21:08:52 Times Seen10 Hash e97f5828cff9f770af08440d76502f7b 79e6450df981eab4095c3401a00a35aa72684caa a91274b63782ea1160427fabdf319b996bd8f1baec9fc8a8762e1e5381b97190 Loading...

	unknown	1.5 MB	2023-06-10	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-10 13:07:12 Last Seen2024-04-18 21:08:52 Times Seen10 Hash e99df4754470cc05aebc0a1ffb0693c4 8ce9b50da8b3b0bd8e28351e94c5b41ad44b9ca0 a047f5424839bc607a6c9c973cc525dd222a78989e4e1ca752a1e8999641c074 Loading...

		Size	First Seen	Last Seen
	#1 Write - f9b69ebb4ae16112b475f6045d76f078	503 kB	2023-06-10	2024-04-18
Pretty Observations First Seen2023-06-10 13:07:12 Last Seen2024-04-18 21:08:52 Times Seen9 Hash f9b69ebb4ae16112b475f6045d76f078 06c14ba0a8dc088a7183917e5cb4c86f08f859d0 03ce1d7f5aee547e7ac4137994016f4b09267af42dae5411e34891ba3548bbbf Loading...

	#2 Write - 92346fc844a4638f15a9b03f9ded2997	1.5 MB	2023-06-10	2024-04-18
Pretty Observations First Seen2023-06-10 13:07:12 Last Seen2024-04-18 21:08:52 Times Seen10 Hash 92346fc844a4638f15a9b03f9ded2997 14f8d06da72fcfb3ec4b919e1ce60fa1f3406d8f b5f95a0b7c245b7959de4e7d0b7e411542a81df34aae579fd7546a2e6622d75c Loading...

HTTP Transactions (17)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/md5.js

104.17.24.14

200 OK

1.7 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/md5.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
1.7 kB (1699 bytes)
Hash
349498f298a6e6e6a85789d637e89109
e626c530154c07527abcfb1f83b9ec578a81b234
97dc67431dbd3360ea838fecad611a30f540f8389bbd15b89a1e14ba8dbb54aa

HTTP Headers

GET /ajax/libs/crypto-js/3.1.9-1/md5.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:08:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 1699
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-24ca"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 268507
expires: Tue, 08 Apr 2025 19:08:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AOmfN%2FMc7NetPMTJy2JkothGMRblMeBnTHB59aVVmB2Kfn2lksl9Vr%2BGB2MPQ8HU7j%2F484%2FilavObdqlFHFafrDikPlZ8r4xhhRzfnhFN4mkE44vK6cIw8mgrYFHrdwIXYP4R1Ly"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8766f182eb4456c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/core.min.js

104.17.24.14

200 OK

1.4 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/core.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (3891), with no line terminators
Size
1.4 kB (1387 bytes)
Hash
e9325f1aece67b8282928d85f07de758
94c8b9cb36019463170593f85569b607b0722da3
80d0635fe9783bec07a43419deb4e9969bf30a78f008386826c9723b7651f43c

HTTP Headers

GET /ajax/libs/crypto-js/4.0.0/core.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:08:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 1387
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-f33"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3529786
expires: Tue, 08 Apr 2025 19:08:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pIGT0BCnaXqk2Gwr5PlcXtRFQfjBSa9k9EsxPaQRahzG7Bntadz60LUS%2F0XKNoSlHlXugo%2FUPYIbfrnW0s1mN1fA6YxRSOxajis4JV2rWQIpTtq4XEYkNvuiMy13cLPiSKUdF1OU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8766f182eb4156c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.3.1.slim.min.js

151.101.130.137

200 OK

24 kB

URL GET HTTP/2
code.jquery.com/jquery-3.3.1.slim.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65247)
Size
24 kB (24038 bytes)
Hash
99b0a83cf1b0b1e2cb16041520e87641
bc5836992c0b260496ba520fe1336d499bf06eb7
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

HTTP Headers

GET /jquery-3.3.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1111d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 19:08:25 GMT
age: 18666704
x-served-by: cache-lga21982-LGA, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 97, 157995
x-timer: S1713467305.460286,VS0,VE1
vary: Accept-Encoding
content-length: 24038
X-Firefox-Spdy: h2

tif.ionos.com/js/70000.js

195.20.251.98

200 OK

1.9 kB

URL GET HTTP/1.1
tif.ionos.com/js/70000.js
IP
195.20.251.98:443
ASN
#8560 IONOS SE

Requested by
https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Certificate
IssuerDigiCert Inc
Subject*.ionos.com
Fingerprint05:82:75:91:25:D9:0F:E8:48:0E:6A:24:FC:15:96:C9:C9:30:24:24
ValidityFri, 18 Aug 2023 00:00:00 GMT - Tue, 17 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (614)
Size
1.9 kB (1906 bytes)
Hash
cd058171d6318fe5aa257cd0922e1382
7231753f18cfb547aa40962f1e0400a568705903
ac93a0b9313837ed6b0b119de837a620de8440aa2a859ed2f182310a03cd251e

HTTP Headers

GET /js/70000.js HTTP/1.1
Host: tif.ionos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 19:08:25 GMT
Server: Apache
Last-Modified: Mon, 14 Feb 2022 15:30:09 GMT
ETag: "1486-5d7fc1777a240-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=86400, public
Content-Length: 1906
Connection: close
Content-Type: application/javascript

ce1.uicdn.net/exos/fonts/open-sans/opensans-regular.woff

213.165.66.58

200 OK

64 kB

URL GET HTTP/2
ce1.uicdn.net/exos/fonts/open-sans/opensans-regular.woff
IP
213.165.66.58:443
ASN
#8560 IONOS SE

Requested by
https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Certificate
IssuerDigiCert Inc
Subjectce1.uicdn.net
Fingerprint23:9A:4F:D8:18:A2:18:75:FC:81:10:E0:72:BF:A3:AD:9D:1C:B7:04
ValidityWed, 20 Mar 2024 00:00:00 GMT - Sun, 09 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 63712, version 1.0
Size
64 kB (63712 bytes)
Hash
ac327c4db6284ef64ebe872b6308f5da
7dd17593d3947f4ea10be937634ef8f553443e5a
2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b

HTTP Headers

GET /exos/fonts/open-sans/opensans-regular.woff HTTP/1.1
Host: ce1.uicdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:08:25 GMT
content-type: application/font-woff
content-length: 63712
set-cookie: DPX=v1:kXqvZJlo42:2k3lTA4X:66217dbe:gb; Path=/; Expires=Thu, 18-Apr-24 20:08:25 GMT; HttpOnly; Secure; SameSite=Lax
server: Apache
last-modified: Tue, 12 Jun 2018 09:26:07 GMT
cache-control: max-age=31536000
expires: Thu, 30 Jan 2025 22:04:30 GMT
access-control-allow-origin: *
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ce1.uicdn.net/exos/icons/exos-icon-font.woff?v=5

213.165.66.58

200 OK

51 kB

URL GET HTTP/2
ce1.uicdn.net/exos/icons/exos-icon-font.woff?v=5
IP
213.165.66.58:443
ASN
#8560 IONOS SE

Requested by
https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Certificate
IssuerDigiCert Inc
Subjectce1.uicdn.net
Fingerprint23:9A:4F:D8:18:A2:18:75:FC:81:10:E0:72:BF:A3:AD:9D:1C:B7:04
ValidityWed, 20 Mar 2024 00:00:00 GMT - Sun, 09 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 51184, version 1.0
Size
51 kB (51184 bytes)
Hash
04b9a31827558a700e709459a1d758dd
31412850a250fd4a6565c58f9a3481c384c33ab4
db4f875bd60c7c59abb060b14e38f9473adcd4b3913208ba2fa3cb498a6dcd6d

HTTP Headers

GET /exos/icons/exos-icon-font.woff?v=5 HTTP/1.1
Host: ce1.uicdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:08:25 GMT
content-type: application/font-woff
content-length: 51184
set-cookie: DPX=v1:vzyTJPWHAj:q1G7SpZ2:66217dbe:gb; Path=/; Expires=Thu, 18-Apr-24 20:08:25 GMT; HttpOnly; Secure; SameSite=Lax
server: Apache
last-modified: Mon, 13 Nov 2023 08:00:02 GMT
cache-control: max-age=31536000
expires: Thu, 30 Jan 2025 22:22:56 GMT
access-control-allow-origin: *
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ce1.uicdn.net/exos/fonts/open-sans/opensans-bold.woff

213.165.66.58

200 OK

64 kB

URL GET HTTP/2
ce1.uicdn.net/exos/fonts/open-sans/opensans-bold.woff
IP
213.165.66.58:443
ASN
#8560 IONOS SE

Requested by
https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Certificate
IssuerDigiCert Inc
Subjectce1.uicdn.net
Fingerprint23:9A:4F:D8:18:A2:18:75:FC:81:10:E0:72:BF:A3:AD:9D:1C:B7:04
ValidityWed, 20 Mar 2024 00:00:00 GMT - Sun, 09 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 63564, version 1.0
Size
64 kB (63564 bytes)
Hash
892667349c5cff6fcf7e40439596b97c
7956fd048338c3c6253aa58f65442441866d4b4e
7d7a1a8ec55f31a6674fd2e2c41bcc6421a9aeb5cf161c6e93363f31347160f9

HTTP Headers

GET /exos/fonts/open-sans/opensans-bold.woff HTTP/1.1
Host: ce1.uicdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:08:25 GMT
content-type: application/font-woff
content-length: 63564
set-cookie: DPX=v1:pua5jnwLDC:wU4rkCOt:66217dbe:gb; Path=/; Expires=Thu, 18-Apr-24 20:08:25 GMT; HttpOnly; Secure; SameSite=Lax
server: Apache
last-modified: Tue, 12 Jun 2018 09:26:07 GMT
cache-control: max-age=31536000
expires: Thu, 30 Jan 2025 22:06:52 GMT
access-control-allow-origin: *
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ce1.uicdn.net/exos/fonts/overpass/overpass-regular.woff

213.165.66.58

200 OK

43 kB

URL GET HTTP/2
ce1.uicdn.net/exos/fonts/overpass/overpass-regular.woff
IP
213.165.66.58:443
ASN
#8560 IONOS SE

Requested by
https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Certificate
IssuerDigiCert Inc
Subjectce1.uicdn.net
Fingerprint23:9A:4F:D8:18:A2:18:75:FC:81:10:E0:72:BF:A3:AD:9D:1C:B7:04
ValidityWed, 20 Mar 2024 00:00:00 GMT - Sun, 09 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 42580, version 0.0
Size
43 kB (42580 bytes)
Hash
ff37bc2bf376202dde890cc12b0fd0f9
f30c16ece8af43a25a46d7bd4e3ec95199fa6a55
d78e7ad4838a9fb4db11451b1db78ccd0b0c7b28f5787684ce2870918ce27bb5

HTTP Headers

GET /exos/fonts/overpass/overpass-regular.woff HTTP/1.1
Host: ce1.uicdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:08:25 GMT
content-type: application/font-woff
content-length: 42580
set-cookie: DPX=v1:oO2FP6Nm0U:3sXhRpqW:66217dbe:gb; Path=/; Expires=Thu, 18-Apr-24 20:08:25 GMT; HttpOnly; Secure; SameSite=Lax
server: Apache
last-modified: Tue, 12 Jun 2018 09:26:06 GMT
cache-control: max-age=31536000
expires: Thu, 30 Jan 2025 22:04:30 GMT
access-control-allow-origin: *
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/Webmail%20Login%20_%20IONOS%20by%201&1_files/mail-archiving-de-warning-promo.svg

104.17.64.14

404 Not Found

42 kB

URL GET HTTP/2
bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/Webmail%20Login%20_%20IONOS%20by%201&1_files/mail-archiving-de-warning-promo.svg
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint46:AD:9B:E1:02:E3:A8:FE:9B:E2:86:B5:A1:5C:07:B9:B7:3B:17:14
ValiditySat, 16 Mar 2024 23:28:47 GMT - Fri, 14 Jun 2024 23:28:46 GMT

File type
ASCII text
Size
42 kB (42257 bytes)
Hash
eb350ab3a3743cd520d1acf4c36bacf1
554533e2555aa4e7ed45161774cd7edbd5ab23b7
dbd7fd8ba09b7deebf7eceb49f4f860dff71dfcba06a000aa454f83edeed416d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	1&1 Ionos

HTTP Headers

GET /Webmail%20Login%20_%20IONOS%20by%201&1_files/mail-archiving-de-warning-promo.svg HTTP/1.1
Host: bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Cookie: __cf_bm=VrAFqzHZUSlq1TgjUfFeNUb0k4jr9uatflTWixNF5ws-1713467304-1.0.1.1-or6Z6jqVXjr.7NpZyJe2fTgLit7ufodb2mm88JWwhE2_mY.pcZdzx9toSMiA7A2.jRHQ5AYKXnXy5_lrS_uxRQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Thu, 18 Apr 2024 19:08:25 GMT
content-type: text/plain; charset=utf-8
cf-ray: 8766f1850e4056a8-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 0
cache-control: no-store
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
x-ipfs-path: /ipfs/bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue/Webmail Login _ IONOS by 1&1_files/mail-archiving-de-warning-promo.svg
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ce1.uicdn.net/exos/icons/exos-icon-font.woff?v=5

213.165.66.58

200 OK

51 kB

URL GET HTTP/2
ce1.uicdn.net/exos/icons/exos-icon-font.woff?v=5
IP
213.165.66.58:443
ASN
#8560 IONOS SE

Requested by
https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Certificate
IssuerDigiCert Inc
Subjectce1.uicdn.net
Fingerprint23:9A:4F:D8:18:A2:18:75:FC:81:10:E0:72:BF:A3:AD:9D:1C:B7:04
ValidityWed, 20 Mar 2024 00:00:00 GMT - Sun, 09 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 51184, version 1.0
Size
51 kB (51184 bytes)
Hash
04b9a31827558a700e709459a1d758dd
31412850a250fd4a6565c58f9a3481c384c33ab4
db4f875bd60c7c59abb060b14e38f9473adcd4b3913208ba2fa3cb498a6dcd6d

HTTP Headers

GET /exos/icons/exos-icon-font.woff?v=5 HTTP/1.1
Host: ce1.uicdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:08:26 GMT
content-type: application/font-woff
content-length: 51184
set-cookie: DPX=v1:6r/lpp3bdB:uSy6XURN:66217dbf:gb; Path=/; Expires=Thu, 18-Apr-24 20:08:26 GMT; HttpOnly; Secure; SameSite=Lax
server: Apache
last-modified: Mon, 13 Nov 2023 08:00:02 GMT
cache-control: max-age=31536000
expires: Thu, 30 Jan 2025 22:22:56 GMT
access-control-allow-origin: *
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ce1.uicdn.net/exos/icons/exos-icon-font.woff?v=2

213.165.66.58

200 OK

51 kB

URL GET HTTP/2
ce1.uicdn.net/exos/icons/exos-icon-font.woff?v=2
IP
213.165.66.58:443
ASN
#8560 IONOS SE

Requested by
https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Certificate
IssuerDigiCert Inc
Subjectce1.uicdn.net
Fingerprint23:9A:4F:D8:18:A2:18:75:FC:81:10:E0:72:BF:A3:AD:9D:1C:B7:04
ValidityWed, 20 Mar 2024 00:00:00 GMT - Sun, 09 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 51232, version 1.0
Size
51 kB (51232 bytes)
Hash
4fd551272a67eaadb6b699558530633a
a3a8ea8e7eec3ec8fbec569cbfe4641ad8020a77
85085f8cf9223948b53c8cb078c82408c3aee2827bf478f45d5fe4334b87c8ac

HTTP Headers

GET /exos/icons/exos-icon-font.woff?v=2 HTTP/1.1
Host: ce1.uicdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:08:26 GMT
content-type: application/font-woff
content-length: 51232
set-cookie: DPX=v1:yVGFDG/Uw8:qBdv9aEL:66217dbf:gb; Path=/; Expires=Thu, 18-Apr-24 20:08:26 GMT; HttpOnly; Secure; SameSite=Lax
server: Apache
last-modified: Tue, 12 Mar 2024 13:06:29 GMT
cache-control: max-age=31536000
expires: Fri, 18 Apr 2025 09:14:43 GMT
access-control-allow-origin: *
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

mail.ionos.com/img/favicon.ico

74.208.255.201

404 Not Found

172 B

URL GET HTTP/1.1
mail.ionos.com/img/favicon.ico
IP
74.208.255.201:443
ASN
#8560 IONOS SE

Requested by
https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Certificate
IssuerDigiCert Inc
Subjectmail.ionos.com
FingerprintDC:BC:33:C0:EF:2D:89:CE:D3:5F:B9:E4:4F:B2:39:54:53:62:CF:6D
ValidityTue, 19 Sep 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
172 B (172 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

HTTP Headers

GET /img/favicon.ico HTTP/1.1
Host: mail.ionos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Thu, 18 Apr 2024 19:08:26 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: DPX=v1:xRvmvnUZdj:mlNq76fo:66217dbf:us; Path=/; Expires=Thu, 18-Apr-24 20:08:26 GMT; HttpOnly; Secure; SameSite=Lax
Server: Apache/2.4.38 (Debian)
Content-Encoding: gzip

mail.ionos.com/img/apple-touch-icon.png

74.208.255.201

404 Not Found

172 B

URL GET HTTP/1.1
mail.ionos.com/img/apple-touch-icon.png
IP
74.208.255.201:443
ASN
#8560 IONOS SE

Requested by
https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Certificate
IssuerDigiCert Inc
Subjectmail.ionos.com
FingerprintDC:BC:33:C0:EF:2D:89:CE:D3:5F:B9:E4:4F:B2:39:54:53:62:CF:6D
ValidityTue, 19 Sep 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
172 B (172 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

HTTP Headers

GET /img/apple-touch-icon.png HTTP/1.1
Host: mail.ionos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Thu, 18 Apr 2024 19:08:26 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: DPX=v1:asTh8gybFg:MIPG3ljA:66217dbf:us; Path=/; Expires=Thu, 18-Apr-24 20:08:26 GMT; HttpOnly; Secure; SameSite=Lax
Server: Apache/2.4.38 (Debian)
Content-Encoding: gzip

bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/Webmail%20Login%20_%20IONOS%20by%201&1_files/mail-archiving-de-warning-promo.svg

104.17.64.14

404 Not Found

9.4 kB

URL GET HTTP/2
bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/Webmail%20Login%20_%20IONOS%20by%201&1_files/mail-archiving-de-warning-promo.svg
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint46:AD:9B:E1:02:E3:A8:FE:9B:E2:86:B5:A1:5C:07:B9:B7:3B:17:14
ValiditySat, 16 Mar 2024 23:28:47 GMT - Fri, 14 Jun 2024 23:28:46 GMT

File type
ASCII text
Size
9.4 kB (9422 bytes)
Hash
eb350ab3a3743cd520d1acf4c36bacf1
554533e2555aa4e7ed45161774cd7edbd5ab23b7
dbd7fd8ba09b7deebf7eceb49f4f860dff71dfcba06a000aa454f83edeed416d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	1&1 Ionos

HTTP Headers

GET /Webmail%20Login%20_%20IONOS%20by%201&1_files/mail-archiving-de-warning-promo.svg HTTP/1.1
Host: bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Cookie: __cf_bm=VrAFqzHZUSlq1TgjUfFeNUb0k4jr9uatflTWixNF5ws-1713467304-1.0.1.1-or6Z6jqVXjr.7NpZyJe2fTgLit7ufodb2mm88JWwhE2_mY.pcZdzx9toSMiA7A2.jRHQ5AYKXnXy5_lrS_uxRQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Thu, 18 Apr 2024 19:08:25 GMT
content-type: text/plain; charset=utf-8
cf-ray: 8766f182cb7f56a8-OSL
cf-cache-status: EXPIRED
access-control-allow-origin: *
cache-control: no-store
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
x-ipfs-path: /ipfs/bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue/Webmail Login _ IONOS by 1&1_files/mail-archiving-de-warning-promo.svg
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/Webmail%20Login%20_%20IONOS%20by%201&1_files/robots.html

104.17.64.14

404 Not Found

249 B

URL GET HTTP/2
bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/Webmail%20Login%20_%20IONOS%20by%201&1_files/robots.html
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint46:AD:9B:E1:02:E3:A8:FE:9B:E2:86:B5:A1:5C:07:B9:B7:3B:17:14
ValiditySat, 16 Mar 2024 23:28:47 GMT - Fri, 14 Jun 2024 23:28:46 GMT

File type
ASCII text, with no line terminators
Size
249 B (249 bytes)
Hash
56b985f15208596b0d4607d2093305cb
d8e74745e9587f02b35db8a8122798e7bf03e447
f927bbbf6ee48eedac4c40b1db7c93b5a5543b0f5b0db75d609aeda1e33cfd8d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	1&1 Ionos

HTTP Headers

GET /Webmail%20Login%20_%20IONOS%20by%201&1_files/robots.html HTTP/1.1
Host: bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Cookie: __cf_bm=VrAFqzHZUSlq1TgjUfFeNUb0k4jr9uatflTWixNF5ws-1713467304-1.0.1.1-or6Z6jqVXjr.7NpZyJe2fTgLit7ufodb2mm88JWwhE2_mY.pcZdzx9toSMiA7A2.jRHQ5AYKXnXy5_lrS_uxRQ
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Thu, 18 Apr 2024 19:08:26 GMT
content-type: text/plain; charset=utf-8
cf-ray: 8766f1851e4556a8-OSL
cf-cache-status: EXPIRED
access-control-allow-origin: *
cache-control: no-store
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
x-ipfs-path: /ipfs/bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue/Webmail Login _ IONOS by 1&1_files/robots.html
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/

104.17.64.14

200 OK

2.0 MB

URL User Request GET HTTP/2
bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint46:AD:9B:E1:02:E3:A8:FE:9B:E2:86:B5:A1:5C:07:B9:B7:3B:17:14
ValiditySat, 16 Mar 2024 23:28:47 GMT - Fri, 14 Jun 2024 23:28:46 GMT

File type

Size
2.0 MB (2024707 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	1&1 Ionos

HTTP Headers

GET / HTTP/1.1
Host: bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:08:24 GMT
content-type: text/html
cf-ray: 8766f1723eae56a8-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue/
x-ipfs-roots: bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue
set-cookie: __cf_bm=VrAFqzHZUSlq1TgjUfFeNUb0k4jr9uatflTWixNF5ws-1713467304-1.0.1.1-or6Z6jqVXjr.7NpZyJe2fTgLit7ufodb2mm88JWwhE2_mY.pcZdzx9toSMiA7A2.jRHQ5AYKXnXy5_lrS_uxRQ; path=/; expires=Thu, 18-Apr-24 19:38:24 GMT; domain=.bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ce1.uicdn.net/exos/fonts/overpass/overpass-bold.woff

213.165.66.58

200 OK

42 kB

URL GET HTTP/2
ce1.uicdn.net/exos/fonts/overpass/overpass-bold.woff
IP
213.165.66.58:443
ASN
#8560 IONOS SE

Requested by
https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Certificate
IssuerDigiCert Inc
Subjectce1.uicdn.net
Fingerprint23:9A:4F:D8:18:A2:18:75:FC:81:10:E0:72:BF:A3:AD:9D:1C:B7:04
ValidityWed, 20 Mar 2024 00:00:00 GMT - Sun, 09 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 42092, version 0.0
Size
42 kB (42092 bytes)
Hash
998074293ec8cdc0e43e3d3add3b523e
c6b7b07672e36062a9d647295d85644b170ba5b2
7afccd9150b0fcbf1a1056e6cc6051c9b6d85a55da7bf1a7fb0f475c0b22facc

HTTP Headers

GET /exos/fonts/overpass/overpass-bold.woff HTTP/1.1
Host: ce1.uicdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeif2f42dmcatcx2iutypwiipcdafmwxlu7hu43zolf7w6yf47fclue.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:08:25 GMT
content-type: application/font-woff
content-length: 42092
set-cookie: DPX=v1:ob3dW4S//K:1Eb9fO4j:66217dbe:gb; Path=/; Expires=Thu, 18-Apr-24 20:08:25 GMT; HttpOnly; Secure; SameSite=Lax
server: Apache
last-modified: Tue, 12 Jun 2018 09:26:06 GMT
cache-control: max-age=31536000
expires: Thu, 30 Jan 2025 22:06:52 GMT
access-control-allow-origin: *
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations