ipfs.io
209.94.90.1 Malicious Activity! Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

URL:
https://ipfs.io/ipfs/bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu 11yr old
Submission: On April 13 via automatic, source phishtank (April 13th 2026, 10:00:03 pm UTC) — Scanned from CA

Summary HTTP 21 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 21 HTTP transactions. The main IP is 209.94.90.1, located in United States and belongs to PROTOCOL - Protocol Labs, US. The main domain is ipfs.io. The Cisco Umbrella rank of the primary domain is 137675. 11yr old
TLS certificate: Issued by WE1 on March 27th 2026. Valid for: 3mo.

This is the only time ipfs.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Aruba (Online) Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 3	209.94.90.1 209.94.90.1	40680 (PROTOCOL) (PROTOCOL - Protocol Labs)
1	142.251.211.74 142.251.211.74	15169 (GOOGLE) (GOOGLE - Google LLC)
9	62.149.158.90 62.149.158.90	31034 (ARUBA-ASN...) (ARUBA-ASN Aruba S.p.A.)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY - Fastly)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	142.250.190.234 142.250.190.234	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	104.16.175.226 104.16.175.226	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	142.250.65.227 142.250.65.227	15169 (GOOGLE) (GOOGLE - Google LLC)
1	185.199.110.153 185.199.110.153	54113 (FASTLY) (FASTLY - Fastly)
21	11

3 209.94.90.1 (United States) 1 redirects

ASN40680 (PROTOCOL - Protocol Labs, US)

ipfs.io 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.211.74 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: pnlgaa-av-in-f10.1e100.net

fonts.googleapis.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

9 62.149.158.90 (Arezzo, Italy)

ASN31034 (ARUBA-ASN Aruba S.p.A., IT)
PTR: webmaildomini.aruba.it

webmail.aruba.it 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY - Fastly, Inc., US)

code.jquery.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.17.25.14 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.18.10.207 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

maxcdn.bootstrapcdn.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.190.234 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: pnlgaa-aw-in-f10.1e100.net

ajax.googleapis.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.18.11.207 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

stackpath.bootstrapcdn.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.16.175.226 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.jsdelivr.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.250.65.227 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: lclgaa-bc-in-f3.1e100.net

fonts.gstatic.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 185.199.110.153 (United States)

ASN54113 (FASTLY - Fastly, Inc., US)
PTR: cdn-185-199-110-153.github.com

ipfs.tech 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
9	aruba.it webmail.aruba.it — Cisco Umbrella Rank: 375402 9yr old	46 KB
3	ipfs.io 1 redirects ipfs.io — Cisco Umbrella Rank: 137675 11yr old	11 KB
2	gstatic.com fonts.gstatic.com — Cisco Umbrella Rank: 56 9yr old	46 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1757 9yr old stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4601 8yr old	29 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79 56yr old ajax.googleapis.com — Cisco Umbrella Rank: 683 9yr old	31 KB
1	ipfs.tech ipfs.tech — Cisco Umbrella Rank: 977481 5yr old	4 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 322 13yr old	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 309 13yr old	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 980 13yr old	24 KB
21	9

	Domain	Requested by
9	webmail.aruba.it	ipfs.io webmail.aruba.it
3	ipfs.io	1 redirects ipfs.io
2	fonts.gstatic.com	fonts.googleapis.com
1	ipfs.tech
1	cdn.jsdelivr.net	ipfs.io
1	stackpath.bootstrapcdn.com	ipfs.io
1	ajax.googleapis.com	ipfs.io
1	maxcdn.bootstrapcdn.com	ipfs.io
1	cdnjs.cloudflare.com	ipfs.io
1	code.jquery.com	ipfs.io
1	fonts.googleapis.com	ipfs.io
21	11

This site contains links to these domains. Also see Links.

Domain
ipfs.tech
docs.ipfs.tech
cid.ipfs.tech
explore.ipld.io
guide.hosting.aruba.it
www.aruba.it

Subject Issuer	Validity	Valid
ipfs.io WE1	`2026-03-27` - `2026-06-25`	3mo	crt.sh
upload.video.google.com WR2	`2026-03-23` - `2026-06-15`	3mo	crt.sh
webmail.aruba.it Actalis Organization Validated Server CA G3	`2025-12-29` - `2026-12-29`	1yr	crt.sh
*.jquery.com Sectigo Public Server Authentication CA DV E36	`2025-06-12` - `2026-06-26`	1yr	crt.sh
cdnjs.cloudflare.com WE1	`2026-03-14` - `2026-06-12`	3mo	crt.sh
bootstrapcdn.com WE1	`2026-03-05` - `2026-06-03`	3mo	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2025-04-25` - `2026-05-04`	1yr	crt.sh
*.gstatic.com WR2	`2026-03-23` - `2026-06-15`	3mo	crt.sh

This page contains 2 frames:

Primary Page: https://ipfs.io/ipfs/bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu
Frame ID: 97D3D242D905D9B83925D9BB7082E68D
Requests: 20 HTTP requests in this frame

Frame: https://ipfs.io/ipfs/left_block.html
Frame ID: E1EBC0D0A20C65D78571CE42DA8C7CDF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (UI frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery
/jquery(?:-(\d+\.\d+\.\d+))[/.-]
/(\d+\.\d+\.\d+)/jquery(?!\.popupoverlay\.js)[/.-][^u]

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

cdn\.jsdelivr\.net

cdnjs (CDN) Expand

Overall confidence: 100%
Detected patterns

cdnjs\.cloudflare\.com

Google Hosted Libraries (CDN) Expand

Overall confidence: 100%
Detected patterns

ajax\.googleapis\.com/ajax/libs/

jQuery CDN (CDN) Expand

Overall confidence: 100%
Detected patterns

code\.jquery\.com/

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper(?:\.min)?\.js(?:/([0-9.]+))?

Page Statistics

21
Requests

95 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

198 kB
Transfer

474 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://ipfs.tech/
Title: About IPFS

Search URL Search Domain Scan URL

URL: https://docs.ipfs.tech/install/
Title: Install IPFS

Search URL Search Domain Scan URL

URL: https://docs.ipfs.tech/concepts/ipfs-implementations/
Title: IPFS client

Search URL Search Domain Scan URL

URL: https://docs.ipfs.tech/reference/diagnostic-tools/
Title: IPFS diagnostic tools

Search URL Search Domain Scan URL

URL: https://cid.ipfs.tech/
Title: CID

Search URL Search Domain Scan URL

URL: https://explore.ipld.io/
Title: DAG

Search URL Search Domain Scan URL

URL: https://guide.hosting.aruba.it/email/email-modifica-ripristino-password/recupero-e-modifica-password-tutte-le-caselle.aspx
Title: Forgotten your password?

Search URL Search Domain Scan URL

URL: https://www.aruba.it/informativa_arubaspa.pdf
Title: Privacy policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://ipfs.io/favicon.ico HTTP 301
https://ipfs.tech/favicon.ico

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu Show response
ipfs.io/ipfs/ 12 KB
4 KB 199ms
185ms Document
text/html 209.94.90.1
Protocol Labs

General

Check archive.org

Download Go to

Full URL: https://ipfs.io/ipfs/bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 209.94.90.1 , United States, ASN40680 (PROTOCOL - Protocol Labs, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c62fcf8e3002413d7ee01ea901b90ab2fb26c02e9daeadd7f83df40df9841015

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

access-control-allow-headers: Content-Type Range User-Agent X-Requested-With
access-control-allow-methods: GET HEAD OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output
age: 26737
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=29030400, immutable
cf-cache-status: HIT
cf-ray: 9ebdbdceef35a284-YUL
content-encoding: br
content-type: text/html
date: Mon, 13 Apr 2026 22:00:03 GMT
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
vary: accept-encoding
x-ipfs-path: /ipfs/bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu
x-ipfs-pop: rainbow-bhs-72-179
x-ipfs-roots: bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu
x-robots-tag: noindex, nofollow

GET
H2 200 css
fonts.googleapis.com/ 2 KB
895 B 133ms
61ms Stylesheet
text/css 142.251.211.74
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700&subset=latin,latin-ext

Requested by

Host: ipfs.io
URL: https://ipfs.io/ipfs/bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

142.251.211.74 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

pnlgaa-av-in-f10.1e100.net

Software

ESF /

Resource Hash

2ee9a2e1d70e54507bead416d305bd6d6ac85f5aa13b4237691761e40158907e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://ipfs.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 22:00:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 13 Apr 2026 22:00:03 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 13 Apr 2026 22:00:03 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 login.css
webmail.aruba.it/web_imgs/login/css/ 13 KB
3 KB 453ms
136ms Stylesheet
text/css 62.149.158.90
ARUBA-ASN Aruba S...

General

Check archive.org

Download Go to

Full URL

https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745

Requested by

Host: ipfs.io
URL: https://ipfs.io/ipfs/bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN Aruba S.p.A., IT),

Reverse DNS

webmaildomini.aruba.it

Software

openresty /

Resource Hash

0e5969684d79bc04ff5475fe6a691a3de3afdb2277506ad676e282f6bad84138

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://ipfs.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-max-age: 1000
content-encoding: gzip
etag: W/"35f4-64d4d7f15cbce"
access-control-allow-methods: GET, POST
x-content-type-options: nosniff
date: Mon, 13 Apr 2026 22:00:04 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 18 Mar 2026 14:45:00 GMT
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self'
x-fe: webxmaildh12.ad.aruba.it
access-control-allow-origin: https://webmail.aruba.it
x-xss-protection: 1; mode=block
server: openresty

GET
H2 200 dojo.js Show response
webmail.aruba.it/javascript/startup/dojo/dojo/ 88 KB
31 KB 573ms
257ms Script
application/javascript 62.149.158.90
ARUBA-ASN Aruba S...

General

Check archive.org

Download Go to

Full URL

https://webmail.aruba.it/javascript/startup/dojo/dojo/dojo.js?_v_=v4r2b65pl4.20210517_1745

Requested by

Host: ipfs.io
URL: https://ipfs.io/ipfs/bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN Aruba S.p.A., IT),

Reverse DNS

webmaildomini.aruba.it

Software

openresty /

Resource Hash

7afc9948fd7de6f923f7b2487c245bc616942cdce31d0e348a59dc28f6d7404f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://ipfs.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-max-age: 1000
content-encoding: gzip
etag: W/"161cc-64d4d7e8b277d"
access-control-allow-methods: GET, POST
x-content-type-options: nosniff
date: Mon, 13 Apr 2026 22:00:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Mar 2026 14:44:51 GMT
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self'
x-fe: webxmaildh12.ad.aruba.it
access-control-allow-origin: https://webmail.aruba.it
x-xss-protection: 1; mode=block
server: openresty

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 44ms
12ms Script
application/javascript 151.101.66.137
Fastly

General

Check archive.org

Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: ipfs.io
URL: https://ipfs.io/ipfs/bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Origin: https://ipfs.io
sec-ch-ua-platform: "Linux"
Referer: https://ipfs.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
etag: W/"28feccc0-10fdd"
age: 1844644
x-cache: HIT, HIT
date: Mon, 13 Apr 2026 22:00:03 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 78308, 1874
x-served-by: cache-lga21984-LGA, cache-yul1970031-YUL
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1776117604.894289,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23856
server: nginx

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 82ms
30ms Script
application/javascript 104.17.25.14
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: ipfs.io
URL: https://ipfs.io/ipfs/bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://ipfs.io
sec-ch-ua-platform: "Linux"
Referer: https://ipfs.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03fa9-4af4"
age: 2335607
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=sQ70upbzaV6O3LKi5jW0XwmDi6YuthXxWAnDJuot%2FgdQHgkBvp8iXeeM%2FrDvKMZnowGb4mMFFeV6z1MUeh%2BwDjlGazLYX9eZC9u5JG15KMMYzu0E9pyqBSM2%2Bfb2b3DTUH3S7MKP"}]}
x-content-type-options: nosniff
expires: Sat, 03 Apr 2027 22:00:03 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 13 Apr 2026 22:00:03 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:15:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
cache-control: public, max-age=30672000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cf-ray: 9ebdbdd0799a36eb-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6157
server: cloudflare

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 65ms
27ms Script
application/javascript 104.18.10.207
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: ipfs.io
URL: https://ipfs.io/ipfs/bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://ipfs.io
sec-ch-ua-platform: "Linux"
Referer: https://ipfs.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "14d449eb8876fa55e1ef3c2cc52b0c17"
age: 3419365
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 13 Apr 2026 22:00:03 GMT
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 10/12/2025 11:38:02
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cdn-requestpullcode: 200
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-cache: HIT
cdn-requestid: 10dbc0c13b01a65f440c65dab80735ac
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.38
cf-ray: 9ebdbdd0689fac7c-YYZ
access-control-allow-origin: *
cdn-edgestorageid: 1348
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 102ms
32ms Script
text/javascript 142.250.190.234
Google LLC

General

Check archive.org

Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: ipfs.io
URL: https://ipfs.io/ipfs/bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

142.250.190.234 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

pnlgaa-aw-in-f10.1e100.net

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://ipfs.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
age: 336273
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sat, 10 Apr 2027 00:35:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Apr 2026 00:35:30 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30028
x-xss-protection: 0
server: sffe

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
15 KB 66ms
28ms Script
application/javascript 104.18.11.207
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: ipfs.io
URL: https://ipfs.io/ipfs/bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://ipfs.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "67176c242e1bdc20603c878dee836df3"
age: 2282026
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 13 Apr 2026 22:00:03 GMT
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 10/12/2025 11:38:00
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cdn-requestpullcode: 200
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-cache: HIT
cdn-requestid: 8a6d4f8fe87fbc1a8cc30e58587b90f7
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.38
cf-ray: 9ebdbdd06dc136b3-YYZ
access-control-allow-origin: *
cdn-edgestorageid: 1347
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 jquery.session.min.js Show response
cdn.jsdelivr.net/npm/jquery.session@1.0.0/ 2 KB
2 KB 75ms
26ms Script
application/javascript 104.16.175.226
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js

Requested by

Host: ipfs.io
URL: https://ipfs.io/ipfs/bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.175.226 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d43e4670bc3638ff2357c5dbb0e6c478e408a52bf9ac89ae42d63aa2d4c8fa1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://ipfs.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"918-wXm3/iSuv1g6oEcbNISsBuNbQV0"
age: 2856480
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Y2P3YFq4YxJrPsPI1dGalWspli5IcE%2F7unQVLLYJB%2B36%2FV7vNkv4zRi04oSRNI6a5WvyS3Q6IDRqXOWT8IaPUU30JT0RRoNOPT6JsJJDKH5G2HTxwcntRaO5WKRchD7SufI%3D"}]}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Mon, 13 Apr 2026 22:00:03 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230047-FRA, cache-pdk-kfty8610072-PDK
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9ebdbdd078d31185-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 897
server: cloudflare
x-jsd-version: 1.0.0

GET
H2 200 obsolete.css
webmail.aruba.it/web_imgs/login/css/ 2 KB
910 B 224ms
223ms Stylesheet
text/css 62.149.158.90
ARUBA-ASN Aruba S...

General

Check archive.org

Download Go to

Full URL

https://webmail.aruba.it/web_imgs/login/css/obsolete.css

Requested by

Host: webmail.aruba.it
URL: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN Aruba S.p.A., IT),

Reverse DNS

webmaildomini.aruba.it

Software

openresty /

Resource Hash

76028640158507a979cddc5e84c5dd2c28858dc359d645630df5d4e20c7674b7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-max-age: 1000
content-encoding: gzip
etag: W/"671-64d4d7f15d39e"
access-control-allow-methods: GET, POST
x-content-type-options: nosniff
date: Mon, 13 Apr 2026 22:00:04 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 18 Mar 2026 14:45:00 GMT
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self'
x-fe: webxmaildh12.ad.aruba.it
access-control-allow-origin: https://webmail.aruba.it
x-xss-protection: 1; mode=block
server: openresty

GET
H3 422 left_block.html Show response
ipfs.io/ipfs/ Frame E1EB 7 KB
7 KB 98ms
98ms Document
text/html 209.94.90.1
Protocol Labs

General

Check archive.org

Download Go to

Full URL: https://ipfs.io/ipfs/left_block.html
Requested by: Host: ipfs.io
URL: https://ipfs.io/ipfs/bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 209.94.90.1 , United States, ASN40680 (PROTOCOL - Protocol Labs, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea96f9a1cc734018325fdc102504ce9fcf749f7a96ab15ff2ce5cdd7edab90be

Request headers

Referer: https://ipfs.io/ipfs/bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 9ebdbdd48f91a284-YUL
content-type: text/html
date: Mon, 13 Apr 2026 22:00:04 GMT
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding
x-robots-tag: noindex, nofollow

GET
H2 200 aruba-logo.svg
webmail.aruba.it/web_imgs/login/images/ 15 KB
6 KB 140ms
138ms Image
image/svg+xml 62.149.158.90
ARUBA-ASN Aruba S...

General

Check archive.org

Download Go to Show image

Full URL

https://webmail.aruba.it/web_imgs/login/images/aruba-logo.svg?_v_=4.2.119.20260306_1510

Requested by

Host: webmail.aruba.it
URL: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN Aruba S.p.A., IT),

Reverse DNS

webmaildomini.aruba.it

Software

openresty /

Resource Hash

a32e14929dae4030d8fe0164ac57453ec28a2927b4e6f22d445934b829f6df14

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-max-age: 1000
content-encoding: gzip
etag: W/"3b00-64d4d7e8cf085"
access-control-allow-methods: GET, POST
x-content-type-options: nosniff
date: Mon, 13 Apr 2026 22:00:04 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Wed, 18 Mar 2026 14:44:51 GMT
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self'
x-fe: webxmaildh12.ad.aruba.it
access-control-allow-origin: https://webmail.aruba.it
x-xss-protection: 1; mode=block
server: openresty

GET
H2 200 envelope.svg
webmail.aruba.it/web_imgs/login/images/ 681 B
914 B 144ms
142ms Image
image/svg+xml 62.149.158.90
ARUBA-ASN Aruba S...

General

Check archive.org

Download Go to Show image

Full URL

https://webmail.aruba.it/web_imgs/login/images/envelope.svg?_v_=4.2.119.20260306_1510

Requested by

Host: webmail.aruba.it
URL: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN Aruba S.p.A., IT),

Reverse DNS

webmaildomini.aruba.it

Software

openresty /

Resource Hash

5e96c408271ce2999c052da5821e78872d784aa9a08b87fc6f4fb036e46eab99

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-max-age: 1000
content-encoding: gzip
etag: W/"2a9-64d4d7e8cf46d"
access-control-allow-methods: GET, POST
x-content-type-options: nosniff
date: Mon, 13 Apr 2026 22:00:04 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Wed, 18 Mar 2026 14:44:51 GMT
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self'
x-fe: webxmaildh12.ad.aruba.it
access-control-allow-origin: https://webmail.aruba.it
x-xss-protection: 1; mode=block
server: openresty

GET
H2 200 gb.png
webmail.aruba.it/web_imgs/login/images/flag/ 599 B
1 KB 141ms
139ms Image
image/png 62.149.158.90
ARUBA-ASN Aruba S...

General

Check archive.org

Download Go to Show image

Full URL

https://webmail.aruba.it/web_imgs/login/images/flag/gb.png?_v_=4.2.119.20260306_1510

Requested by

Host: webmail.aruba.it
URL: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN Aruba S.p.A., IT),

Reverse DNS

webmaildomini.aruba.it

Software

openresty /

Resource Hash

5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-max-age: 1000
etag: "257-64d4d7e8cfc3d"
access-control-allow-methods: GET, POST
x-content-type-options: nosniff
date: Mon, 13 Apr 2026 22:00:04 GMT
content-type: image/png
last-modified: Wed, 18 Mar 2026 14:44:51 GMT
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self'
x-fe: webxmaildh12.ad.aruba.it
accept-ranges: bytes
access-control-allow-origin: https://webmail.aruba.it
content-length: 599
x-xss-protection: 1; mode=block
server: openresty

GET
H2 200 login-icon.svg
webmail.aruba.it/web_imgs/login/images/ 666 B
858 B 140ms
139ms Image
image/svg+xml 62.149.158.90
ARUBA-ASN Aruba S...

General

Check archive.org

Download Go to Show image

Full URL

https://webmail.aruba.it/web_imgs/login/images/login-icon.svg?_v_=4.2.119.20260306_1510

Requested by

Host: webmail.aruba.it
URL: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN Aruba S.p.A., IT),

Reverse DNS

webmaildomini.aruba.it

Software

openresty /

Resource Hash

c7eca97d84ed3469e7d1a20a8c28ef7177270b93a2d9913a0adad9a3e4bdfc9a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-max-age: 1000
content-encoding: gzip
etag: W/"29a-64d4d7e8d0bdd"
access-control-allow-methods: GET, POST
x-content-type-options: nosniff
date: Mon, 13 Apr 2026 22:00:04 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Wed, 18 Mar 2026 14:44:51 GMT
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self'
x-fe: webxmaildh12.ad.aruba.it
access-control-allow-origin: https://webmail.aruba.it
x-xss-protection: 1; mode=block
server: openresty

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v25/ 23 KB
23 KB 132ms
72ms Font
font/woff2 142.250.65.227
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.227 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lclgaa-bc-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ipfs.io
sec-ch-ua-platform: "Linux"
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

age: 175121
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 11 Apr 2027 21:21:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 11 Apr 2026 21:21:23 GMT
last-modified: Mon, 15 Sep 2025 17:09:41 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H2 200 password-icon.svg
webmail.aruba.it/web_imgs/login/images/ 585 B
830 B 149ms
148ms Image
image/svg+xml 62.149.158.90
ARUBA-ASN Aruba S...

General

Check archive.org

Download Go to Show image

Full URL

https://webmail.aruba.it/web_imgs/login/images/password-icon.svg?_v_=4.2.119.20260306_1510

Requested by

Host: webmail.aruba.it
URL: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN Aruba S.p.A., IT),

Reverse DNS

webmaildomini.aruba.it

Software

openresty /

Resource Hash

d1a498e72f62f80af25d958364158a781a8cdee723e700756b28756c97ee2fa1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-max-age: 1000
content-encoding: gzip
etag: W/"249-64d4d7e8d0fc5"
access-control-allow-methods: GET, POST
x-content-type-options: nosniff
date: Mon, 13 Apr 2026 22:00:04 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Wed, 18 Mar 2026 14:44:51 GMT
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self'
x-fe: webxmaildh12.ad.aruba.it
access-control-allow-origin: https://webmail.aruba.it
x-xss-protection: 1; mode=block
server: openresty

GET
H2 200 password-icon-2.svg
webmail.aruba.it/web_imgs/login/images/ 947 B
889 B 149ms
148ms Image
image/svg+xml 62.149.158.90
ARUBA-ASN Aruba S...

General

Check archive.org

Download Go to Show image

Full URL

https://webmail.aruba.it/web_imgs/login/images/password-icon-2.svg?_v_=4.2.119.20260306_1510

Requested by

Host: webmail.aruba.it
URL: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN Aruba S.p.A., IT),

Reverse DNS

webmaildomini.aruba.it

Software

openresty /

Resource Hash

8955ee5e3071f91ed2460b5b634cdab6f6c15d5d8adefac0e3328de7f5889a97

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-max-age: 1000
content-encoding: gzip
etag: W/"3b3-64d4d7e8d0fc5"
access-control-allow-methods: GET, POST
x-content-type-options: nosniff
date: Mon, 13 Apr 2026 22:00:04 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Wed, 18 Mar 2026 14:44:51 GMT
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self'
x-fe: webxmaildh12.ad.aruba.it
access-control-allow-origin: https://webmail.aruba.it
x-xss-protection: 1; mode=block
server: openresty

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v25/ 23 KB
23 KB 114ms
54ms Font
font/woff2 142.250.65.227
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v25/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.227 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lclgaa-bc-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ipfs.io
sec-ch-ua-platform: "Linux"
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

age: 154108
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 12 Apr 2027 03:11:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 12 Apr 2026 03:11:36 GMT
last-modified: Mon, 15 Sep 2025 17:11:31 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23040
x-xss-protection: 0
server: sffe

GET
H2

200

favicon.ico
ipfs.tech/
Redirect Chain

https://ipfs.io/favicon.ico
https://ipfs.tech/favicon.ico

15 KB
4 KB

86ms
20ms

Other
image/vnd.microsoft.icon

185.199.110.153
Fastly

General

Check archive.org

Download Go to

Full URL: https://ipfs.tech/favicon.ico
Protocol: H2
Server: 185.199.110.153 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS: cdn-185-199-110-153.github.com
Software: GitHub.com /
Resource Hash: 94a9fefbbe42310c03ff1e52c1f753c21038805f632867ea78930a52c445a456

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://ipfs.io/

Response headers

x-fastly-request-id: 61882a7123790a37650f96ce13c66099b4aa5e78
content-encoding: gzip
etag: W/"69d5012b-3aee"
age: 550
x-github-request-id: 9BC0:2B5366:5BE41:62F68:69D502F4
expires: Tue, 07 Apr 2026 13:23:24 GMT
x-proxy-cache: MISS
x-cache: HIT
date: Mon, 13 Apr 2026 22:00:04 GMT
content-type: image/vnd.microsoft.icon
last-modified: Tue, 07 Apr 2026 13:05:47 GMT
x-served-by: cache-yul1970075-YUL
x-cache-hits: 0
vary: Accept-Encoding
cache-control: max-age=600
x-timer: S1776117605.891719,VS0,VE3
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3244
x-origin-cache: HIT
server: GitHub.com

Redirect headers

location: https://ipfs.tech/favicon.ico
cf-cache-status: HIT
cf-ray: 9ebdbdd5c979a284-YUL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 13 Apr 2026 22:00:04 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare
x-ipfs-pop: rainbow-bhs-78-165
priority: u=1,i

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Aruba (Online) Generic Email (Online)

8 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ipfs.io/	1970-01-21 13:21:57	Name: __session:0.3526738384240491: Value: https:

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://ipfs.io/ipfs/bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://ipfs.io/ipfs/bafkreiggf7hy4macie6x5ya6vea3scvs7mtmalu5v2w5p6b56qg7tbaqcu Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://ipfs.io/ipfs/left_block.html Message: Failed to load resource: the server responded with a status of 422 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
ipfs.io
ipfs.tech
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
webmail.aruba.it
104.16.175.226
104.17.25.14
104.18.10.207
104.18.11.207
142.250.190.234
142.250.65.227
142.251.211.74
151.101.66.137
185.199.110.153
209.94.90.1
62.149.158.90
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0e5969684d79bc04ff5475fe6a691a3de3afdb2277506ad676e282f6bad84138
2ee9a2e1d70e54507bead416d305bd6d6ac85f5aa13b4237691761e40158907e
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc
5e96c408271ce2999c052da5821e78872d784aa9a08b87fc6f4fb036e46eab99
76028640158507a979cddc5e84c5dd2c28858dc359d645630df5d4e20c7674b7
7afc9948fd7de6f923f7b2487c245bc616942cdce31d0e348a59dc28f6d7404f
8955ee5e3071f91ed2460b5b634cdab6f6c15d5d8adefac0e3328de7f5889a97
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
94a9fefbbe42310c03ff1e52c1f753c21038805f632867ea78930a52c445a456
a32e14929dae4030d8fe0164ac57453ec28a2927b4e6f22d445934b829f6df14
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c62fcf8e3002413d7ee01ea901b90ab2fb26c02e9daeadd7f83df40df9841015
c7eca97d84ed3469e7d1a20a8c28ef7177270b93a2d9913a0adad9a3e4bdfc9a
d1a498e72f62f80af25d958364158a781a8cdee723e700756b28756c97ee2fa1
d43e4670bc3638ff2357c5dbb0e6c478e408a52bf9ac89ae42d63aa2d4c8fa1c
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ea96f9a1cc734018325fdc102504ce9fcf749f7a96ab15ff2ce5cdd7edab90be

ipfs.io 209.94.90.1 Malicious Activity! Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

21 Requests

95 %HTTPS

0 %IPv6

9 Domains

11 Subdomains

11 IPs

3 Countries

198 kBTransfer

474 kBSize

1 Cookies

8 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Window variables

1 Cookies

3 Console Messages

Indicators

ipfs.io
209.94.90.1 Malicious Activity! Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

21
Requests

95 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

198 kB
Transfer

474 kB
Size

1
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!