Report - bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/

Report Overview

Submitted URL
bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/
IP
104.17.64.14
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-09 02:21:26
Access
public
Website Title
Roundcube Webmail :: Welcome to Roundcube Webmail
Final URL
bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-08	512 B	24 kB	104.17.24.14
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-05-08	1.1 kB	69 kB	104.18.11.207
webmail.roundcube.101.hostinglogin.net	unknown	2014-03-05	2019-12-02	2024-03-08	537 B	825 B	148.251.96.139
bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com	unknown	unknown	No data	No data	1.2 kB	11 kB	104.17.64.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

Scan Date	Severity	Indicator	Alert
2023-09-12	medium	bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/favicon.ico	Other
2023-09-12	medium	bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/	0 B	2023-03-07	2024-05-20
Pretty URL bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/ IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 04:41:50 Times Seen37855758 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/	0 B	2023-03-07	2024-05-20
Pretty URL bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/ IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 04:41:50 Times Seen37855758 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (6)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.1/css/bootstrap.min.css

104.17.24.14

200 OK

23 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.1/css/bootstrap.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65342)
Size
23 kB (22879 bytes)
Hash
896192cc65e20f1fcc6d792b5b9a4626
b13ef70543d70c1ec7fdd56a5ebc9d7d64023851
d939d21f27010c09b6c2966681d8b4cfcd64ca418f240922518f967fded16ef6

HTTP Headers

GET /ajax/libs/bootstrap/5.3.1/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 02:21:01 GMT
content-type: text/css; charset=utf-8
content-length: 22879
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64c0eef2-595f"
last-modified: Wed, 26 Jul 2023 10:01:22 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 29368
expires: Tue, 29 Apr 2025 02:21:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hWgrvfrEWar2jkSm9xemYMIt5glrK5IKFkKsRlfZyQcMMvBiYuUJDEZ9UebHh45T6qAhF3Ju7qrveK%2F4b%2BoO5o1bP8Kgo6qrIjQmr9Ya%2F7q%2Ft2g8VxaPLAc%2BuBJ0bpKgvPOBc2LO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880e36b4ecac5699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

104.18.11.207

200 OK

11 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (23577)
Size
11 kB (10718 bytes)
Hash
04425bbdc6243fc6e54bf8984fe50330
8c15c6bd82c71e9ef1bb11cf24e502fe07518ac5
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

HTTP Headers

GET /font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 02:21:01 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 21:08:57
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 713353
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880e36b4eb54b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

104.18.11.207

200 OK

57 kB

URL GET HTTP/3
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 56780, version 4.197
Size
57 kB (56780 bytes)
Hash
97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

HTTP Headers

GET /font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:21:01 GMT
content-type: font/woff2
content-length: 56780
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "97493d3f11c0a3bd5cbd959f5d19b699"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 10/31/2023 18:48:19
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: ca656f737a810d89819c7160203800b7
cdn-cache: HIT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880e36b618b5b500-OSL
alt-svc: h3=":443"; ma=86400

webmail.roundcube.101.hostinglogin.net/skins/elastic/images/logo.svg?s=1691401755

148.251.96.139

200 OK

395 B

URL GET HTTP/2
webmail.roundcube.101.hostinglogin.net/skins/elastic/images/logo.svg?s=1691401755
IP
148.251.96.139:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectroundcube.101.hostinglogin.net
Fingerprint15:E2:73:E3:CB:B5:F8:BD:D9:66:E2:B5:5D:34:3E:10:0B:77:F8:13
ValidityMon, 29 Apr 2024 21:43:36 GMT - Sun, 28 Jul 2024 21:43:35 GMT

File type
SVG Scalable Vector Graphics image
Size
395 B (395 bytes)
Hash
ddeffd34eae92b1b9b9c636636e4b9c8
19cb881a5d08d31db933da6440595767d0a02d94
2b2d9c7a82f92976268b03e13c61f64ead91a3c63b97c59cef2acbf501f67618

HTTP Headers

GET /skins/elastic/images/logo.svg?s=1691401755 HTTP/1.1
Host: webmail.roundcube.101.hostinglogin.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 02:21:01 GMT
server: Apache
last-modified: Tue, 30 Jan 2024 13:24:50 GMT
etag: "378-61029afd5ec80-gzip"
accept-ranges: bytes
cache-control: max-age=1209600
expires: Thu, 23 May 2024 02:21:01 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 395
content-type: image/svg+xml
X-Firefox-Spdy: h2

bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/favicon.ico

104.17.64.14

404 Not Found

191 B

URL GET HTTP/2
bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/favicon.ico
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint46:AD:9B:E1:02:E3:A8:FE:9B:E2:86:B5:A1:5C:07:B9:B7:3B:17:14
ValiditySat, 16 Mar 2024 23:28:47 GMT - Fri, 14 Jun 2024 23:28:46 GMT

File type
ASCII text, with no line terminators
Size
191 B (191 bytes)
Hash
fd39bfe9f1fb580649b6ead07519b5fb
894b4a896808ef3eb2c67997cbe926e1485b5756
b8b5b20b0ec384f08f827162c316ed7451a5eb6a9a754d51437a76b254622ec2

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/
Cookie: __cf_bm=MqdY.jPTYESQH6UckeLmUIrvvSNkMGV.OyODGOSbKj0-1715221261-1.0.1.1-O03NAjFForIaRiQkSaH3XjJsB8z34cRHozSCBKUbDXJn1ymbKsX5dk0kAqQmqVZsKXvYqrZ_oJS5FNAIU7e6sg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Thu, 09 May 2024 02:21:02 GMT
content-type: text/plain; charset=utf-8
cf-ray: 880e36b71ba65691-OSL
cf-cache-status: EXPIRED
access-control-allow-origin: *
cache-control: no-store
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
x-ipfs-path: /ipfs/bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy/favicon.ico
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/

104.17.64.14

200 OK

9.0 kB

URL User Request GET HTTP/2
bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com/
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint46:AD:9B:E1:02:E3:A8:FE:9B:E2:86:B5:A1:5C:07:B9:B7:3B:17:14
ValiditySat, 16 Mar 2024 23:28:47 GMT - Fri, 14 Jun 2024 23:28:46 GMT

File type
HTML document, ASCII text, with very long lines (9712), with no line terminators
Size
9.0 kB (8964 bytes)
Hash
144bde3cbad4bc70ede8415bfef2bda0
9d80a57d7b48b4bdae90040848abedef6e0c897f
731c34d0ccef6b36445ea9027105dfe40c44394006ce1827a2d43196e4b1cabf

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET / HTTP/1.1
Host: bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 02:21:01 GMT
content-type: text/html
cf-ray: 880e36b03f415691-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy/
x-ipfs-roots: bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy
set-cookie: __cf_bm=MqdY.jPTYESQH6UckeLmUIrvvSNkMGV.OyODGOSbKj0-1715221261-1.0.1.1-O03NAjFForIaRiQkSaH3XjJsB8z34cRHozSCBKUbDXJn1ymbKsX5dk0kAqQmqVZsKXvYqrZ_oJS5FNAIU7e6sg; path=/; expires=Thu, 09-May-24 02:51:01 GMT; domain=.bafybeid3zl2zumucau3btfdk676rawsov4bauryqdguu34sct5ks46eozy.ipfs.cf-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (6)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN