cloudflare-ipfs.com Open in urlscan Pro
2606:4700::6811:600d  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://kiwi-brave-boat.glitch.me/ Page URL
2. https://cloudflare-ipfs.com/ipfs/bafkreignnbwtwhdnxh5wrr3bjhnmr5erj2xnhlma2hdgiyo6x6n6l3a4we Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response kiwi-brave-boat.glitch.me/	196 B 559 B	450ms 251ms	Document text/html	34.207.50.50 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://kiwi-brave-boat.glitch.me/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.207.50.50 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-207-50-50.compute-1.amazonaws.com Software AmazonS3 / Resource Hash ae0affeeba50d92b9cea4387176a63fd2b8669aac4e5771c1649a567ec455e9c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control no-cache content-length 196 content-type text/html; charset=utf-8 date Tue, 27 Feb 2024 10:26:27 GMT etag "db5023b384242a5a92f9b694c2b0d66d" last-modified Tue, 27 Feb 2024 03:01:11 GMT server AmazonS3 x-amz-id-2 qVL2qS/HIq8aOV6T3FjsfqjCIMpXeHzmZDR8onyoq77wk7SRx/39rSgwUPzf39HZOytcUZQd/3M= x-amz-request-id 7Y3ZSJP63PEKKJTC x-amz-server-side-encryption AES256 x-amz-version-id UuC.4qSyCvEw052YxH0VWN01awax_taN
GET H2	200	Primary Request bafkreignnbwtwhdnxh5wrr3bjhnmr5erj2xnhlma2hdgiyo6x6n6l3a4we Show response cloudflare-ipfs.com/ipfs/	7 KB 3 KB	121ms 93ms	Document text/html	2606:4700::6811:600d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cloudflare-ipfs.com/ipfs/bafkreignnbwtwhdnxh5wrr3bjhnmr5erj2xnhlma2hdgiyo6x6n6l3a4we Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:600d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd686d3b1c6db9fb68c76149dac8f4914eaed3ad80d1c66461debf9be5ec1cb1 Request headers Referer https://kiwi-brave-boat.glitch.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers Content-Type Range User-Agent X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-expose-headers Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output alt-svc h3=":443"; ma=86400 cache-control public, max-age=29030400, immutable cf-cache-status MISS cf-ray 85bfbac8799d916a-FRA content-encoding br content-type text/html date Tue, 27 Feb 2024 10:26:27 GMT etag W/"bafkreignnbwtwhdnxh5wrr3bjhnmr5erj2xnhlma2hdgiyo6x6n6l3a4we" server cloudflare vary Accept-Encoding x-cf-ipfs-cache-status miss x-ipfs-path /ipfs/bafkreignnbwtwhdnxh5wrr3bjhnmr5erj2xnhlma2hdgiyo6x6n6l3a4we x-ipfs-roots bafkreignnbwtwhdnxh5wrr3bjhnmr5erj2xnhlma2hdgiyo6x6n6l3a4we
GET H2	200	bootstrap.min.css www.stackmail.com/skins/elastic/deps/	157 KB 26 KB	126ms 74ms	Stylesheet text/css	45.8.227.100 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://www.stackmail.com/skins/elastic/deps/bootstrap.min.css?s=1640818044 Requested by Host: cloudflare-ipfs.com URL: https://cloudflare-ipfs.com/ipfs/bafkreignnbwtwhdnxh5wrr3bjhnmr5erj2xnhlma2hdgiyo6x6n6l3a4we Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.8.227.100 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 3cb5b7ae5053d743996378c35733560214d3d896ade5c0de0d8b13a97f43039e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cloudflare-ipfs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 10:26:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Sun, 26 Jun 2022 20:27:13 GMT server Apache etag "2725b-5e25fa0e9ca40-gzip" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css x-via LHR6 cache-control max-age=2592000 accept-ranges bytes content-length 25872 x-xss-protection 1; mode=block expires Thu, 28 Mar 2024 10:26:27 GMT
GET H2	200	styles.css www.stackmail.com/skins/elastic/styles/	101 KB 21 KB	98ms 45ms	Stylesheet text/css	45.8.227.100 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://www.stackmail.com/skins/elastic/styles/styles.css?s=1640818034 Requested by Host: cloudflare-ipfs.com URL: https://cloudflare-ipfs.com/ipfs/bafkreignnbwtwhdnxh5wrr3bjhnmr5erj2xnhlma2hdgiyo6x6n6l3a4we Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.8.227.100 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash e31b63f62d3dda0aeed0d1706e40d2728dc60adba73daab4cf96d9b911b11842 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cloudflare-ipfs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 10:26:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 29 Dec 2021 22:47:14 GMT server Apache etag "19560-5d450b80ec080-gzip" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css x-via LHR6 cache-control max-age=2592000 accept-ranges bytes content-length 21032 x-xss-protection 1; mode=block expires Thu, 28 Mar 2024 10:26:27 GMT
GET H2	200	jquery-ui.css www.stackmail.com/plugins/jqueryui/themes/elastic/	33 KB 9 KB	97ms 44ms	Stylesheet text/css	45.8.227.100 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://www.stackmail.com/plugins/jqueryui/themes/elastic/jquery-ui.css?s=1640818034 Requested by Host: cloudflare-ipfs.com URL: https://cloudflare-ipfs.com/ipfs/bafkreignnbwtwhdnxh5wrr3bjhnmr5erj2xnhlma2hdgiyo6x6n6l3a4we Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.8.227.100 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 85b2f3b581f149f013f76981f91e10519a609c1fa924c52df9efe677b94b4e84 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cloudflare-ipfs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 10:26:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Sun, 26 Jun 2022 20:26:57 GMT server Apache etag "85b1-5e25f9ff5a640-gzip" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css x-via LHR6 cache-control max-age=2592000 accept-ranges bytes content-length 8540 x-xss-protection 1; mode=block expires Thu, 28 Mar 2024 10:26:27 GMT
GET H2	200	jquery.min.js Show response www.stackmail.com/program/js/	89 KB 32 KB	108ms 55ms	Script text/javascript	45.8.227.100 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://www.stackmail.com/program/js/jquery.min.js?s=1640818040 Requested by Host: cloudflare-ipfs.com URL: https://cloudflare-ipfs.com/ipfs/bafkreignnbwtwhdnxh5wrr3bjhnmr5erj2xnhlma2hdgiyo6x6n6l3a4we Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.8.227.100 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 5641ed21773230a8110279658abac57bb5b4abc7bf4091946c5e61e8f0021f55 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cloudflare-ipfs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 10:26:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Sun, 26 Jun 2022 20:27:01 GMT server Apache etag "1632e-5e25fa032af40-gzip" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript x-via LHR6 cache-control max-age=2592000 accept-ranges bytes content-length 32861 x-xss-protection 1; mode=block expires Thu, 28 Mar 2024 10:26:27 GMT
GET H2	200	common.min.js Show response www.stackmail.com/program/js/	12 KB 5 KB	88ms 36ms	Script text/javascript	45.8.227.100 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://www.stackmail.com/program/js/common.min.js?s=1640818035 Requested by Host: cloudflare-ipfs.com URL: https://cloudflare-ipfs.com/ipfs/bafkreignnbwtwhdnxh5wrr3bjhnmr5erj2xnhlma2hdgiyo6x6n6l3a4we Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.8.227.100 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 2b7935accebcd1d8f4629f854c8b70a50c107cd7e2b9e75b707ddbafa007a1b1 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cloudflare-ipfs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 10:26:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Sun, 26 Jun 2022 20:26:58 GMT server Apache etag "31d9-5e25fa004e880-gzip" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript x-via LHR6 cache-control max-age=2592000 accept-ranges bytes content-length 4960 x-xss-protection 1; mode=block expires Thu, 28 Mar 2024 10:26:27 GMT
GET H2	200	app.min.js Show response www.stackmail.com/program/js/	170 KB 51 KB	144ms 91ms	Script text/javascript	45.8.227.100 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://www.stackmail.com/program/js/app.min.js?s=1640818035 Requested by Host: cloudflare-ipfs.com URL: https://cloudflare-ipfs.com/ipfs/bafkreignnbwtwhdnxh5wrr3bjhnmr5erj2xnhlma2hdgiyo6x6n6l3a4we Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.8.227.100 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 5cdc6e632001b9614dba3952e9646f9adadc5e8eeeead130349712df745a8837 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cloudflare-ipfs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 10:26:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Sun, 26 Jun 2022 20:26:58 GMT server Apache etag "2a921-5e25fa004e880-gzip" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript x-via LHR6 cache-control max-age=2592000 accept-ranges bytes content-length 51395 x-xss-protection 1; mode=block expires Thu, 28 Mar 2024 10:26:27 GMT
GET H2	200	jstz.min.js Show response www.stackmail.com/program/js/	14 KB 5 KB	78ms 26ms	Script text/javascript	45.8.227.100 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://www.stackmail.com/program/js/jstz.min.js?s=1640818040 Requested by Host: cloudflare-ipfs.com URL: https://cloudflare-ipfs.com/ipfs/bafkreignnbwtwhdnxh5wrr3bjhnmr5erj2xnhlma2hdgiyo6x6n6l3a4we Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.8.227.100 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 716ece8deb8412f7ec95ab395c92f6515bb8d8b792fd7480c014cdc6f063452a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cloudflare-ipfs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 10:26:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Sun, 26 Jun 2022 20:27:02 GMT server Apache etag "360b-5e25fa041f180-gzip" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript x-via LHR6 cache-control max-age=2592000 accept-ranges bytes content-length 5140 x-xss-protection 1; mode=block expires Thu, 28 Mar 2024 10:26:27 GMT
GET H2	200	jquery-ui.min.js Show response www.stackmail.com/plugins/jqueryui/js/	254 KB 72 KB	115ms 63ms	Script text/javascript	45.8.227.100 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://www.stackmail.com/plugins/jqueryui/js/jquery-ui.min.js?s=1640818034 Requested by Host: cloudflare-ipfs.com URL: https://cloudflare-ipfs.com/ipfs/bafkreignnbwtwhdnxh5wrr3bjhnmr5erj2xnhlma2hdgiyo6x6n6l3a4we Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.8.227.100 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 59a4c9a75c48cf979e66c5641230bda0e15dfff292666e56ffb52a5a96d78834 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cloudflare-ipfs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 10:26:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Sun, 26 Jun 2022 20:26:57 GMT server Apache etag "3f6c0-5e25f9ff5a640-gzip" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript x-via LHR6 cache-control max-age=2592000 accept-ranges bytes x-xss-protection 1; mode=block expires Thu, 28 Mar 2024 10:26:27 GMT
GET H/1.1	200 OK	webmail-logo.svg webmail.clyn.co.za/cPanel_magic_revision_1522251304/unprotected/cpanel/images/	5 KB 3 KB	898ms 219ms	Image image/svg+xml	197.242.151.49 Afrihost
General Check archive.org Show headers Download Go to Show image Full URL https://webmail.clyn.co.za/cPanel_magic_revision_1522251304/unprotected/cpanel/images/webmail-logo.svg Requested by Host: cloudflare-ipfs.com URL: https://cloudflare-ipfs.com/ipfs/bafkreignnbwtwhdnxh5wrr3bjhnmr5erj2xnhlma2hdgiyo6x6n6l3a4we Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 197.242.151.49 , South Africa, ASN37611 (Afrihost, ZA), Reverse DNS convexchart1.dedicated.co.za Software Apache / Resource Hash 998cd48cdc0414f694d0a3a299dd2beb1134769d5666c7e5567e7d20b4174ef8 Request headers accept-language de-DE,de;q=0.9 Referer https://cloudflare-ipfs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Date Tue, 27 Feb 2024 10:26:28 GMT Content-Encoding gzip Last-Modified Wed, 28 Mar 2018 15:35:04 GMT Server Apache Content-Type image/svg+xml Cache-Control max-age=5184000, public Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 2399 Expires Sat, 27 Apr 2024 10:26:28 GMT
GET H2	200	th th.bing.com/	8 KB 9 KB	54ms 11ms	Image image/jpeg	2a02:26f0:3500:1b::1724:a38e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://th.bing.com/th?id=OIP.haOhf_h1khZYVacdnInPLgHaHa&w=250&h=250&c=8&rs=1&qlt=90&o=6&dpr=1.5&pid=3.1&rm=2 Requested by Host: cloudflare-ipfs.com URL: https://cloudflare-ipfs.com/ipfs/bafkreignnbwtwhdnxh5wrr3bjhnmr5erj2xnhlma2hdgiyo6x6n6l3a4we Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:1b::1724:a38e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash be3fb3fdbbc609e8cce13f5f57c13b3ce6ce38e12addc774064f306447feea2f Request headers accept-language de-DE,de;q=0.9 Referer https://cloudflare-ipfs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 10:26:27 GMT nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0} x-check-cacheable YES akamai-grn 0.8ea12417.1709029587.2f2cdef report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]} access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * x-cache TCP_MISS from a23-36-161-142.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-) content-type image/jpeg cache-control public, max-age=250463 timing-allow-origin * access-control-allow-headers * content-length 8545 alt-svc h3=":443"; ma=93600
GET H2	200	bootstrap.bundle.min.js Show response www.stackmail.com/skins/elastic/deps/	82 KB 23 KB	94ms 94ms	Script text/javascript	45.8.227.100 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://www.stackmail.com/skins/elastic/deps/bootstrap.bundle.min.js?s=1640818044 Requested by Host: cloudflare-ipfs.com URL: https://cloudflare-ipfs.com/ipfs/bafkreignnbwtwhdnxh5wrr3bjhnmr5erj2xnhlma2hdgiyo6x6n6l3a4we Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.8.227.100 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 19b51730c10082760e6d9b82c1342e60855f98d2666c64e4eb758d26b1a0c840 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cloudflare-ipfs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 10:26:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Sun, 26 Jun 2022 20:27:13 GMT server Apache etag "14888-5e25fa0e9ca40-gzip" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript x-via LHR6 cache-control max-age=2592000 accept-ranges bytes content-length 23047 x-xss-protection 1; mode=block expires Thu, 28 Mar 2024 10:26:27 GMT
GET H2	200	ui.min.js Show response www.stackmail.com/skins/elastic/	60 KB 20 KB	27ms 27ms	Script text/javascript	45.8.227.100 TWENTYI
General Check archive.org Show headers Download Go to Full URL https://www.stackmail.com/skins/elastic/ui.min.js?s=1640818034 Requested by Host: cloudflare-ipfs.com URL: https://cloudflare-ipfs.com/ipfs/bafkreignnbwtwhdnxh5wrr3bjhnmr5erj2xnhlma2hdgiyo6x6n6l3a4we Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.8.227.100 , United Kingdom, ASN48254 (TWENTYI, GB), Reverse DNS Software Apache / Resource Hash 3920ab3f4447ca12e1a4e4e9c48b0878ba9f742cbfc9b0063975e643addeb4fe Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cloudflare-ipfs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 10:26:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Sun, 26 Jun 2022 20:26:58 GMT server Apache etag "ee19-5e25fa004e880-gzip" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript x-via LHR6 cache-control max-age=2592000 accept-ranges bytes content-length 20326 x-xss-protection 1; mode=block expires Thu, 28 Mar 2024 10:26:27 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| CONTROL_KEY number| SHIFT_KEY number| CONTROL_SHIFT_KEY function| roundcube_browser object| rcube_event function| rcube_event_engine function| rcube_check_email function| rcube_clone_object function| urlencode function| rcube_find_object function| rcube_mouse_is_over function| setCookie function| getCookie object| bw function| rcube_parse_query object| Base64 object| pattern function| rcube_webmail object| jstz object| rcmail undefined| element object| bootstrap function| rcube_elastic_ui function| __newInst object| UI

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cloudflare-ipfs.com/	1970-01-20 18:43:51	Name: __cf_bm Value: 9oaAko22bxPm7cCsf6sLrBHOpdXce7wT3ggRRgp.JfM-1709029587-1.0-ASyRSkYUUHeKoqtEULelT0WNvUDoLmVOy9+ZlkOis2gxsSK4lsZHHwxPcpTYcPL6B+DuMH4OPQwxOt6EiF8Ghok=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloudflare-ipfs.com
kiwi-brave-boat.glitch.me
th.bing.com
webmail.clyn.co.za
www.stackmail.com
197.242.151.49
2606:4700::6811:600d
2a02:26f0:3500:1b::1724:a38e
34.207.50.50
45.8.227.100
19b51730c10082760e6d9b82c1342e60855f98d2666c64e4eb758d26b1a0c840
2b7935accebcd1d8f4629f854c8b70a50c107cd7e2b9e75b707ddbafa007a1b1
3920ab3f4447ca12e1a4e4e9c48b0878ba9f742cbfc9b0063975e643addeb4fe
3cb5b7ae5053d743996378c35733560214d3d896ade5c0de0d8b13a97f43039e
5641ed21773230a8110279658abac57bb5b4abc7bf4091946c5e61e8f0021f55
59a4c9a75c48cf979e66c5641230bda0e15dfff292666e56ffb52a5a96d78834
5cdc6e632001b9614dba3952e9646f9adadc5e8eeeead130349712df745a8837
716ece8deb8412f7ec95ab395c92f6515bb8d8b792fd7480c014cdc6f063452a
85b2f3b581f149f013f76981f91e10519a609c1fa924c52df9efe677b94b4e84
998cd48cdc0414f694d0a3a299dd2beb1134769d5666c7e5567e7d20b4174ef8
ae0affeeba50d92b9cea4387176a63fd2b8669aac4e5771c1649a567ec455e9c
be3fb3fdbbc609e8cce13f5f57c13b3ce6ce38e12addc774064f306447feea2f
cd686d3b1c6db9fb68c76149dac8f4914eaed3ad80d1c66461debf9be5ec1cb1
e31b63f62d3dda0aeed0d1706e40d2728dc60adba73daab4cf96d9b911b11842