urlscan.io logo urlscan.io
SecurityTrails logo

pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev Open in urlscan Pro
2606:4700::6812:323  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ilovedistar.com/frankfurt.html
Effective URL: https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/index.htm
Submission: On May 27 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 9 HTTP transactions. The main IP is 2606:4700::6812:323, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev.
TLS certificate: Issued by E1 on April 5th 2024. Valid for: 3 months.
This is the only time pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.67.179.237 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 141.2.22.86 20633 (UNIFFM-NE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.26.12.205 13335 (CLOUDFLAR...)
9 6
1    172.67.179.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ilovedistar.com
4    2606:4700::6812:323 (United States)

ASN13335 (CLOUDFLARENET, US)
pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev
2    141.2.22.86 (Frankfurt am Main, Germany)

ASN20633 (UNIFFM-NET cords@rz.uni-frankfurt.de 20101227, DE)
PTR: blade6b.rz.uni-frankfurt.de
webmail.uni-frankfurt.de
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    104.26.12.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
Apex Domain
Subdomains		 Transfer
4 r2.dev
pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev
37 KB
2 uni-frankfurt.de
webmail.uni-frankfurt.de
90 KB
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2924
152 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380
30 KB
1 ilovedistar.com
ilovedistar.com
620 B
9 5
Domain Requested by
4 pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev ilovedistar.com
pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev
2 webmail.uni-frankfurt.de pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev
1 api.ipify.org ajax.googleapis.com
1 ajax.googleapis.com pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev
1 ilovedistar.com
9 5

This site contains links to these domains. Also see Links.

Domain
www.rz.uni-frankfurt.de
www.uni-frankfurt.de
Subject Issuer Validity Valid
ilovedistar.com
GTS CA 1P5		 2024-04-22 -
2024-07-21		 3 months crt.sh
*.r2.dev
E1		 2024-04-05 -
2024-07-04		 3 months crt.sh
webmail.server.uni-frankfurt.de
GEANT OV RSA CA 4		 2023-08-22 -
2024-08-21		 a year crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
ipify.org
GTS CA 1P5		 2024-05-19 -
2024-08-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/index.htm
Frame ID: 812E09BBEE5B9D7D9EACB19C9BC1D2DF
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Horde :: Log in

Page URL History Show full URLs

  1. https://ilovedistar.com/frankfurt.html Page URL
  2. https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/index.htm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

158 kB
Transfer

211 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ilovedistar.com/frankfurt.html Page URL
  2. https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/index.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
frankfurt.html
ilovedistar.com/ 		132 B
620 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ilovedistar.com/frankfurt.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.179.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
88a50aa43e8430cf-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 27 May 2024 09:40:06 GMT
expires
Mon, 27 May 2024 10:40:06 GMT
last-modified
Mon, 27 May 2024 09:18:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GoKQddxuQaCc8irRCzO7iKbtVmtWSutWj3axDGsT71syD%2BXd09ybfgIaMVmUBCkDTeOcAtkE6Gn9G0%2BK8eMFtmYbnDpkqNkP7PnNlWJRfnk31uwGuoV9Y8PLSi6320b5SW8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
Primary Request index.htm
pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/ 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/index.htm
Requested by
Host: ilovedistar.com
URL: https://ilovedistar.com/frankfurt.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60e7d67eac1a4b9df4c0423cc079eadcfc87e8850fdc86b17e6419a85bd46234

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ilovedistar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
CF-RAY
88a50aa4eb7a2c18-FRA
Connection
keep-alive
Content-Length
9835
Content-Type
text/html
Date
Mon, 27 May 2024 09:40:06 GMT
ETag
"9f5fd92f66683b75b044a6a61ad61c52"
Last-Modified
Mon, 27 May 2024 08:59:41 GMT
Server
cloudflare
Vary
Accept-Encoding
05786e32fc54b74f.css
webmail.uni-frankfurt.de/static/ 		87 KB
88 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webmail.uni-frankfurt.de/static/05786e32fc54b74f.css
Requested by
Host: pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev
URL: https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.2.22.86 Frankfurt am Main, Germany, ASN20633 (UNIFFM-NET cords@rz.uni-frankfurt.de 20101227, DE),
Reverse DNS
blade6b.rz.uni-frankfurt.de
Software
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
45aaa353dec3404050774a1be9c9c29440afa2eb1945584afd7d1ea790d8940b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 27 May 2024 09:40:06 GMT
Last-Modified
Sun, 26 May 2024 18:01:46 GMT
Server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"15d34-6195f31a9709c"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
89396
horde-power1.png
webmail.uni-frankfurt.de/themes/default/graphics/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webmail.uni-frankfurt.de/themes/default/graphics/horde-power1.png
Requested by
Host: pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev
URL: https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.2.22.86 Frankfurt am Main, Germany, ASN20633 (UNIFFM-NET cords@rz.uni-frankfurt.de 20101227, DE),
Reverse DNS
blade6b.rz.uni-frankfurt.de
Software
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
e29ea99440ec2b111b937c92a4a9750a16b91504a47f2d9c45c4ae514da420c9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 27 May 2024 09:40:06 GMT
Last-Modified
Wed, 04 Nov 2020 07:52:13 GMT
Server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"8d2-5b34341ed9495"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2258
dd5fedaf05d99d6b.js
pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/static/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/static/dd5fedaf05d99d6b.js
Requested by
Host: pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev
URL: https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/index.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/index.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 27 May 2024 09:40:06 GMT
Server
cloudflare
Connection
keep-alive
CF-RAY
88a50aa5ccb52c18-FRA
Content-Length
27242
Vary
Accept-Encoding
Content-Type
text/html
acb090a8196d354b.js
pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/static/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/static/acb090a8196d354b.js
Requested by
Host: pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev
URL: https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/index.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/index.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 27 May 2024 09:40:06 GMT
Server
cloudflare
Connection
keep-alive
CF-RAY
88a50aa5ebc29b25-FRA
Content-Length
27242
Vary
Accept-Encoding
Content-Type
text/html
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev
URL: https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/index.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 10:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 May 2025 10:13:55 GMT
truncated
/ 		87 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66d26930f75f18c4c1880eef974e444857e7ff1e9e74fb34860fa2e7f7d3ba13

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
/
api.ipify.org/ 		19 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aecda7460d2763ca160b7c8197933b56105afff94441edbcf2afa911891b26b6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 09:40:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
88a50aa6cb966983-FRA
content-length
19
favicon.ico
pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/themes/default/graphics/ 		27 KB
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/themes/default/graphics/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/index.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 27 May 2024 09:40:06 GMT
Server
cloudflare
Connection
keep-alive
CF-RAY
88a50aa6ac6a9b25-FRA
Content-Length
27242
Vary
Accept-Encoding
Content-Type
text/html

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

0 Cookies

4 Console Messages

Source Level URL
Text
network error URL: https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/static/dd5fedaf05d99d6b.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/static/acb090a8196d354b.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
recommendation verbose URL: https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/index.htm
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://pub-7f3e2e0bf4164146bf637afd7bfa3e6b.r2.dev/themes/default/graphics/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block