Report Overview
Visitedpublic
2025-08-06 11:21:45
Submit Tags
URL
9000-firebase-upgradewebmail40-1753446631738.cluster-f4iwdviaqvc2ct6pgytzw4xqy4.cloudworkstations.dev/
Finishing URL
9000-firebase-upgradewebmail40-1753446631738.cluster-f4iwdviaqvc2ct6pgytzw4xqy4.cloudworkstations.dev/
IP / ASN
35.199.40.91
Title
9000-firebase-upgradewebmail40-1753446631738.cluster-f4iwdviaqvc2ct6pgytzw4xqy4.cloudworkstations.dev/
Phishing - Generic phishing
Suspicious - Suspicious Javascript code
Phishing - Known Phishing Kit detected
Detections
urlquery
13
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
code.jquery.com | 634 | 2005-12-10 | 2012-05-21 | 2025-07-30 | 618 B | 70 kB | 151.101.2.137 |   |
maxcdn.bootstrapcdn.com | 724 | 2012-05-25 | 2014-06-18 | 2025-07-30 | 637 B | 50 kB |  104.18.11.207 |  |
9000-firebase-upgradewebmail40-1753446631738.cluster-f4iwdviaqvc2ct6pgytzw4xqy4.cloudworkstations.dev 5 alert(s) on this Domain | unknown | 2022-01-14 | 2025-08-05 | 2025-08-05 | 1.8 kB | 46 kB | 35.199.40.91 |   |
stackpath.bootstrapcdn.com | 2467 | 2012-05-25 | 2018-04-05 | 2025-07-30 | 1.1 kB | 213 kB | 104.18.10.207 | |
ajax.googleapis.com | 12905 | 2005-01-25 | 2012-05-22 | 2025-07-30 | 518 B | 87 kB | 142.250.178.74 | |
cdn.jsdelivr.net | 439 | 2012-05-16 | 2012-09-30 | 2025-07-30 | 525 B | 3.5 kB | 104.16.175.226 | |
cdnjs.cloudflare.com | 235 | 2009-02-17 | 2012-05-23 | 2025-07-30 | 643 B | 20 kB | 104.17.24.14 | |
Nginx (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Varnish (Caching)
Varnish is a reverse caching proxy.Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Nginx:1.26.3 (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Express (Web frameworks, Web servers)
Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.Node.js (Programming languages)
Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
No alerts detected
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | 9000-firebase-upgradewebmail40-1753446631738.cluster-f4iwdviaqvc2ct6pgytzw4xqy4.cloudworkstations.dev/ | malware | Detects file containing Telegram Bot API |
JavaScript (9)
| HASH | FROM | Size | First Seen | Last Seen | |||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| 45f35510181b63a4f931e152dbd84211 | DocumentWrite | 14 kB | 2025-08-05 | 2025-08-13 | |||||||
Introduced by DocumentWrite First Seen 2025-08-05 Last Seen 2025-08-13 Times Seen 11 Size 14 kB (14107 bytes) MD5 45f35510181b63a4f931e152dbd84211 SHA1 85a16e3acfe22be1dfdb2e91af017bd2f743d7cd Detections
Loading... | |||||||||||
HTTP Transactions (10)
| URL | IP | Response | Size |
|---|