Report - urubu.host/

Report Overview

Visited public
2025-03-17 03:57:26
Tags
Submit Tags
URL
urubu.host/
Finishing URL
urubu.host/pt-BR
IP / ASN
104.21.38.122
#13335 CLOUDFLARENET
Title
Urubu Host | Hospedagem de Minecraft

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
client.crisp.chat	19483	2017-06-09	2017-07-02	2025-03-14	2.6 kB	527 kB	104.18.28.104
wss	unknown	unknown	2025-03-02	2025-03-16	589 B	440 B	134.209.238.18
urubu.host	unknown	2023-09-20	2025-03-17	2025-03-17	2.3 kB	786 kB	104.21.38.122

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-03-16	medium	wss	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	urubu.host/	ScriptElement	234 B	2025-03-17	2025-03-17
Pretty URL urubu.host/ IP 104.21.38.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-17 03:57 Last Seen2025-03-17 03:57 Times Seen1 Hash f3a01e3ffab329c9717bcb43ba9a4f99 1a6edbbf57021063824c9683d75fc8bfe6604362 ddba25480771585dd2995efa1b50ce88df1cfefcc290ea96bc7b75d6ec946732 Loading...

	client.crisp.chat/l.js	ScriptElement	9.2 kB	2025-02-27	2025-03-18
Pretty URL client.crisp.chat/l.js IP 104.18.28.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-27 21:24 Last Seen2025-03-18 09:36 Times Seen323 Hash 0fe30346e539663c22598a8bc4402a2a 80f063edc1221fc3ff5b36ffde06c330bed4ca8d e1cecb75f538fec07bddb52a8a8209d58b4e33f5c252604d2ae98042ad81faa9 Loading...

	client.crisp.chat/static/javascripts/client.js?b12523f	ScriptElement	385 kB	2025-02-27	2025-03-18
Pretty URL client.crisp.chat/static/javascripts/client.js?b12523f IP 104.18.28.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-27 21:24 Last Seen2025-03-18 09:36 Times Seen332 Hash ec7029de506f94e79686f03f7082e1ba f5f0d0b3309698255d01b73922aac2e62a355696 4257769646d93078595f9df639b232f91f80b6badb0ba7feba2642f455a7af4c Loading...

	client.crisp.chat/settings/website/cf887329-c0c6-4bd2-af92-52936a8292ab/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_prelude_handler&2025-2-17-3-57	ScriptElement	222 B	2025-03-17	2025-03-17
Pretty URL client.crisp.chat/settings/website/cf887329-c0c6-4bd2-af92-52936a8292ab/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_prelude_handler&2025-2-17-3-57 IP 104.18.28.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-17 03:57 Last Seen2025-03-17 03:57 Times Seen1 Hash 69e7e96741f363c1d8d651c42b86acf9 4702fcc239addb471d8f5cd8361db76679c5fe3c 10b1dfba4696952f433161b756ac3873f5ec04cfd38bae1a41c857ae1752d503 Loading...

	client.crisp.chat/settings/website/cf887329-c0c6-4bd2-af92-52936a8292ab/?callback=window.%24__CRISP_INSTANCE.__spool.website_settings_handler&1738340066919	ScriptElement	1.6 kB	2025-03-17	2025-03-17
Pretty URL client.crisp.chat/settings/website/cf887329-c0c6-4bd2-af92-52936a8292ab/?callback=window.%24__CRISP_INSTANCE.__spool.website_settings_handler&1738340066919 IP 104.18.28.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-17 03:57 Last Seen2025-03-17 03:57 Times Seen1 Hash 1c0731b54188afca55f344522bcf660b b5cf8ebc2f17418b3a393074756c114aebade551 0e1481ab3da0a8f9c58e922a9397d4b22f012662d7d45747404a3fab538082a1 Loading...

	client.crisp.chat/static/javascripts/locales/en.js?b12523f	ScriptElement	9.9 kB	2025-02-27	2025-03-18
Pretty URL client.crisp.chat/static/javascripts/locales/en.js?b12523f IP 104.18.28.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-27 21:24 Last Seen2025-03-18 08:46 Times Seen270 Hash b58ede44b6f9d1c4c6fef288076b9078 1af6ffb32fcb6e0a2eb146c51d7cef43f7cb420d 1b57a5e3144fbe052e5dcd57e22131a10113a2d4e8d83c10c49ec0b932207f94 Loading...

	urubu.host/assets/index-CyZCUyWe.js	ScriptElement	644 kB	2025-03-17	2025-03-17
Pretty URL urubu.host/assets/index-CyZCUyWe.js IP 104.21.38.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-17 03:57 Last Seen2025-03-17 03:57 Times Seen1 Hash 8c0c89768db888b2934ee7c54a4b5df6 3f94ef48c0bce3b8ab3d4f6c5b19405e8bbfe64b 89d55aa7c75bdccb713963a4ff9679e3f4ba3e3b0076a71a926cbee14f513498 Loading...

HTTP Transactions (12)

URL IP Response Size

GET client.crisp.chat/static/stylesheets/client_default.css?b12523f

104.18.28.104

200 OK

116 kB

URL GET
client.crisp.chat/static/stylesheets/client_default.css?b12523f
IP
104.18.28.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urubu.host/
Certificate
IssuerGoogle Trust Services
Subjectcrisp.chat
Fingerprint9A:93:CF:5C:12:BC:6F:94:D4:4D:98:D7:06:98:44:95:AE:37:3C:6E
ValiditySat, 08 Mar 2025 00:22:29 GMT - Fri, 06 Jun 2025 01:22:25 GMT

File type

Size
116 kB (116108 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/stylesheets/client_default.css?b12523f HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 17 Mar 2025 03:57:04 GMT
content-type: text/css
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
etag: W/"67c0afa1-1c58c"
expires: Thu, 15 Mar 2035 03:57:04 GMT
last-modified: Thu, 27 Feb 2025 18:32:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2159
priority: u=2,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 92199064ff4b5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET client.crisp.chat/static/javascripts/client.js?b12523f

104.18.28.104

200 OK

385 kB

URL GET
client.crisp.chat/static/javascripts/client.js?b12523f
IP
104.18.28.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urubu.host/
Certificate
IssuerGoogle Trust Services
Subjectcrisp.chat
Fingerprint9A:93:CF:5C:12:BC:6F:94:D4:4D:98:D7:06:98:44:95:AE:37:3C:6E
ValiditySat, 08 Mar 2025 00:22:29 GMT - Fri, 06 Jun 2025 01:22:25 GMT

File type

Size
385 kB (384836 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/javascripts/client.js?b12523f HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 17 Mar 2025 03:57:04 GMT
content-type: application/javascript
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
etag: W/"64e73b34-5df44"
expires: Thu, 15 Mar 2035 03:57:04 GMT
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 8243
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 92199064ff4a5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET wss://client.relay.crisp.chat/w/bca/?EIO=4&transport=websocket

134.209.238.18

101 Switching Protocols

0 B

URL GET
wss://client.relay.crisp.chat/w/bca/?EIO=4&transport=websocket
IP
134.209.238.18:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://urubu.host/
Certificate
IssuerSectigo Limited
Subjectclient.relay.crisp.chat
FingerprintDF:6F:A0:8C:DB:7B:A1:C5:17:DB:5F:E4:87:80:F8:44:5E:0F:59:4D
ValidityThu, 27 Jun 2024 00:00:00 GMT - Mon, 28 Jul 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /w/bca/?EIO=4&transport=websocket HTTP/1.1
Host: client.relay.crisp.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://urubu.host
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +VKx7xYU3TOlN5jLW5mS4w==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Mon, 17 Mar 2025 03:57:04 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qiOyMnjIT0ZE+k/KM9LJf4W13CI=
X-Crisp-Ray: website w:bca 10.133.35.18:3000
Access-Control-Allow-Headers: Content-Type, Origin, Upgrade
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Allow-Credentials: false
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300

GET client.crisp.chat/settings/website/cf887329-c0c6-4bd2-af92-52936a8292ab/?callback=window.%24__CRISP_INSTANCE.__spool.website_settings_handler&1738340066919

104.18.28.104

200 OK

1.6 kB

URL GET
client.crisp.chat/settings/website/cf887329-c0c6-4bd2-af92-52936a8292ab/?callback=window.%24__CRISP_INSTANCE.__spool.website_settings_handler&1738340066919
IP
104.18.28.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urubu.host/
Certificate
IssuerGoogle Trust Services
Subjectcrisp.chat
Fingerprint9A:93:CF:5C:12:BC:6F:94:D4:4D:98:D7:06:98:44:95:AE:37:3C:6E
ValiditySat, 08 Mar 2025 00:22:29 GMT - Fri, 06 Jun 2025 01:22:25 GMT

File type
ASCII text, with very long lines (1709), with no line terminators
Size
1.6 kB (1563 bytes)
Hash
282077fa5cdae7e06848778543c78c03
f8f7794bbe8e845ba7dc983eaba758a6fd949c17
e48eff3146713c11d7215cd90b0ddd3b0e1dd133f1fb35c38e27e931f89d6bcb

HTTP Headers

GET /settings/website/cf887329-c0c6-4bd2-af92-52936a8292ab/?callback=window.%24__CRISP_INSTANCE.__spool.website_settings_handler&1738340066919 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 17 Mar 2025 03:57:05 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
expires: Mon, 17 Mar 2025 07:57:05 GMT
vary: Accept-Encoding
last-modified: Mon, 17 Mar 2025 03:57:05 GMT
cf-cache-status: EXPIRED
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 9219906b38e35689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET client.crisp.chat/static/javascripts/locales/en.js?b12523f

104.18.28.104

200 OK

9.9 kB

URL GET
client.crisp.chat/static/javascripts/locales/en.js?b12523f
IP
104.18.28.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urubu.host/
Certificate
IssuerGoogle Trust Services
Subjectcrisp.chat
Fingerprint9A:93:CF:5C:12:BC:6F:94:D4:4D:98:D7:06:98:44:95:AE:37:3C:6E
ValiditySat, 08 Mar 2025 00:22:29 GMT - Fri, 06 Jun 2025 01:22:25 GMT

File type
ASCII text, with very long lines (10375), with no line terminators
Size
9.9 kB (9941 bytes)
Hash
3ff143c15f00b1f84986da5d779cec7c
8f0ffffa1a3d340455a4a33159a4e7f536551574
1130ae1bb255b2400422ce7f2a3c58450ceb864d829a0184cecfcae34f3fd695

HTTP Headers

GET /static/javascripts/locales/en.js?b12523f HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 17 Mar 2025 03:57:05 GMT
content-type: application/javascript
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
etag: W/"66759605-26d5"
expires: Thu, 15 Mar 2035 03:57:05 GMT
last-modified: Fri, 21 Jun 2024 15:02:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1222
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 9219906bd9315689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET urubu.host/

104.21.38.122

200 OK

3.7 kB

URL User Request GET
urubu.host/
IP
104.21.38.122:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecturubu.host
Fingerprint37:92:21:11:B2:32:ED:AA:56:8D:69:C2:50:8C:6A:4E:EC:51:8D:20
ValidityWed, 05 Mar 2025 21:04:21 GMT - Tue, 03 Jun 2025 22:02:46 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3849), with no line terminators
Size
3.7 kB (3665 bytes)
Hash
c3bb16209621ec6e1c76d0bee11d6f54
62fdd98d905599bcef44b98e01443acfb3cd5a7b
9f8790203b10f71efce34fbd8f231d4239bff6747f285fb64eeda1af19b31459

HTTP Headers

GET / HTTP/1.1
Host: urubu.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 17 Mar 2025 03:57:03 GMT
content-type: text/html
last-modified: Thu, 13 Mar 2025 03:10:42 GMT
cache-control: public, max-age=14400
strict-transport-security: max-age=15552000; preload
referrer-policy: no-referrer
permissions-policy: geolocation=(), microphone=()
content-security-policy: script-src 'self' 'unsafe-inline' https://client.crisp.chat https://settings.crisp.chat
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l2mL8aXux9ytMWAWY6XGIh%2BG%2BDwqugKha2I7L%2BTLx9Em%2Bkl6cy5LlGFwNUDj628Zv5cMbcCyTCa%2FGFto6rkJ3wxt6AntCJUbuvtyUz3MTgEDKl2tfkFPA5xrELu8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9219905e4c4b56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5496&min_rtt=455&rtt_var=10109&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3192&recv_bytes=1122&delivery_rate=8044444&cwnd=254&unsent_bytes=0&cid=a29a48504268c09f&ts=731&x=0"
X-Firefox-Spdy: h2

GET client.crisp.chat/l.js

104.18.28.104

200 OK

9.2 kB

URL GET
client.crisp.chat/l.js
IP
104.18.28.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urubu.host/
Certificate
IssuerGoogle Trust Services
Subjectcrisp.chat
Fingerprint9A:93:CF:5C:12:BC:6F:94:D4:4D:98:D7:06:98:44:95:AE:37:3C:6E
ValiditySat, 08 Mar 2025 00:22:29 GMT - Fri, 06 Jun 2025 01:22:25 GMT

File type
JavaScript source, ASCII text, with very long lines (9523), with no line terminators
Size
9.2 kB (9230 bytes)
Hash
3a2e2501d818de71fcb36a1b22f6eb50
afe6791c19c3593bf08cb6d42d2ec90da43dfad8
39a71464ae021d38d51c6c44b35b437e344d72ff371e0d668c5b08b0c344b8ed

HTTP Headers

GET /l.js HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 17 Mar 2025 03:57:04 GMT
content-type: application/javascript
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
etag: W/"64e73b34-240e"
expires: Tue, 18 Mar 2025 03:57:04 GMT
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 83269
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 921990646c6b712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET urubu.host/font/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

104.21.38.122

200 OK

48 kB

URL GET
urubu.host/font/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
104.21.38.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urubu.host/
Certificate
IssuerGoogle Trust Services
Subjecturubu.host
Fingerprint37:92:21:11:B2:32:ED:AA:56:8D:69:C2:50:8C:6A:4E:EC:51:8D:20
ValidityWed, 05 Mar 2025 21:04:21 GMT - Tue, 03 Jun 2025 22:02:46 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /font/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: urubu.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 17 Mar 2025 03:57:05 GMT
content-type: font/woff2
content-length: 48444
last-modified: Thu, 13 Mar 2025 03:10:41 GMT
etag: "67d24cb1-bd3c"
cache-control: public, max-age=31536000, immutable
cf-cache-status: MISS
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hp6Py6ctwtlMJb9ohup5kVBwhN%2Bq6SsLOW3PB4PCiairrVQqkIU4daLR7LLzNtwprIdsoAQ7KiQ7lEYtQ6KvE9gJwlAVQeB9cqhwyryh6Q3MU0RUkE04Lr9aHwW9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; preload
server: cloudflare
cf-ray: 921990642bafb511-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6669&min_rtt=2207&rtt_var=3252&sent=80&recv=13&lost=0&retrans=0&sent_bytes=81148&recv_bytes=1894&delivery_rate=4752101&cwnd=48000&unsent_bytes=0&cid=7be5b4e62fd6725c&ts=1432&x=1", cfExtPri, cfHdrFlush;dur=0

GET urubu.host/img/favicon.ico

104.21.38.122

200 OK

9.9 kB

URL GET
urubu.host/img/favicon.ico
IP
104.21.38.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urubu.host/
Certificate
IssuerGoogle Trust Services
Subjecturubu.host
Fingerprint37:92:21:11:B2:32:ED:AA:56:8D:69:C2:50:8C:6A:4E:EC:51:8D:20
ValidityWed, 05 Mar 2025 21:04:21 GMT - Tue, 03 Jun 2025 22:02:46 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 900x900, Scaling: [none]x[none], YUV color, decoders should clamp
Size
9.9 kB (9924 bytes)
Hash
6ef7fecd4955c04c85f70bd93f873014
e78da416adbd7e716ac28dbc01157e509a831179
52c843e83ff7c1c20cf29d7396261cf557ce543a419c2623a52e3fd411c8dac9

HTTP Headers

GET /img/favicon.ico HTTP/1.1
Host: urubu.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: crisp-client%2Fsession%2Fcf887329-c0c6-4bd2-af92-52936a8292ab=session_49fd472f-1dc0-4c33-a8c2-62eaabfedacf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 17 Mar 2025 03:57:06 GMT
content-type: image/x-icon
last-modified: Thu, 13 Mar 2025 03:10:41 GMT
etag: W/"67d24cb1-26c4"
cache-control: public, max-age=2592000
cf-cache-status: MISS
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y3DmXJ4lgfyhOoFqP8gGYwjmS5mmtA0KwZq8uTdOj20oeGXltztLNSZp5V%2FQ%2BGsmLjM8ju8VKYEoFPKJu6ljNn5SSWh%2ByZx6AP%2Bp2Is3r7ttGDSEfWZFAFPhtbh5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; preload
server: cloudflare
cf-ray: 921990714848b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4888&min_rtt=1406&rtt_var=3052&sent=300&recv=20&lost=0&retrans=0&sent_bytes=341832&recv_bytes=2505&delivery_rate=1327074&cwnd=259500&unsent_bytes=0&cid=7be5b4e62fd6725c&ts=3030&x=1", cfExtPri, cfHdrFlush;dur=0

GET urubu.host/font/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7SUc.woff2

104.21.38.122

200 OK

74 kB

URL GET
urubu.host/font/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7SUc.woff2
IP
104.21.38.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urubu.host/
Certificate
IssuerGoogle Trust Services
Subjecturubu.host
Fingerprint37:92:21:11:B2:32:ED:AA:56:8D:69:C2:50:8C:6A:4E:EC:51:8D:20
ValidityWed, 05 Mar 2025 21:04:21 GMT - Tue, 03 Jun 2025 22:02:46 GMT

File type
Web Open Font Format (Version 2), TrueType, length 74328, version 1.0
Size
74 kB (74328 bytes)
Hash
ad4eb06671be0ba6c91893d085122afd
ee0ebd2ef047937cd8ca547172229155813ff939
48f540fb71166bf65a0fe187a71fad500c43143d3e2e42038f527e38c786e90f

HTTP Headers

GET /font/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7SUc.woff2 HTTP/1.1
Host: urubu.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 17 Mar 2025 03:57:05 GMT
content-type: font/woff2
content-length: 74328
last-modified: Thu, 13 Mar 2025 03:10:41 GMT
etag: "67d24cb1-12258"
cache-control: public, max-age=31536000, immutable
cf-cache-status: MISS
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B10dh12O4znt19tfOCBKiQflnm5hsG2P4i%2FD8pkR38GGqStl5zP5TQU07%2BEM%2BApykO6wBn%2BIqV2fOR5rdtrdIWiHGisu2bi%2FDF%2B%2BpVj3OUFDoRSS%2BArGfzI6z4xW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; preload
server: cloudflare
cf-ray: 921990642ba6b511-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7436&min_rtt=6605&rtt_var=3070&sent=15&recv=10&lost=0&retrans=0&sent_bytes=4193&recv_bytes=1761&delivery_rate=89921&cwnd=12000&unsent_bytes=0&cid=7be5b4e62fd6725c&ts=1389&x=1", cfExtPri, cfHdrFlush;dur=0

GET urubu.host/assets/index-CyZCUyWe.js

104.21.38.122

200 OK

644 kB

URL GET
urubu.host/assets/index-CyZCUyWe.js
IP
104.21.38.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urubu.host/
Certificate
IssuerGoogle Trust Services
Subjecturubu.host
Fingerprint37:92:21:11:B2:32:ED:AA:56:8D:69:C2:50:8C:6A:4E:EC:51:8D:20
ValidityWed, 05 Mar 2025 21:04:21 GMT - Tue, 03 Jun 2025 22:02:46 GMT

File type

Size
644 kB (644435 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/index-CyZCUyWe.js HTTP/1.1
Host: urubu.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 17 Mar 2025 03:57:05 GMT
content-type: application/javascript
last-modified: Thu, 13 Mar 2025 03:10:42 GMT
etag: W/"67d24cb2-9d553"
cache-control: public, max-age=2592000
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ENlIMbufbt9TIAWqsp0OXgT2bcSveFRwXgw9m35cumqLZhA2g7ZLqmScAPLUQEEBUXs0s5h9CCP%2BMFcuIu3oOVHR1qY52b5fFWNFcIc%2FwCDYof%2ByAlZsgP2HNQ6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; preload
server: cloudflare
cf-ray: 921990643bb1b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6510&min_rtt=2207&rtt_var=3661&sent=122&recv=15&lost=0&retrans=0&sent_bytes=131498&recv_bytes=1986&delivery_rate=600800&cwnd=67200&unsent_bytes=0&cid=7be5b4e62fd6725c&ts=2168&x=1", cfExtPri, cfHdrFlush;dur=0

GET client.crisp.chat/settings/website/cf887329-c0c6-4bd2-af92-52936a8292ab/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_prelude_handler&2025-2-17-3-57

104.18.28.104

200 OK

222 B

URL GET
client.crisp.chat/settings/website/cf887329-c0c6-4bd2-af92-52936a8292ab/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_prelude_handler&2025-2-17-3-57
IP
104.18.28.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urubu.host/
Certificate
IssuerGoogle Trust Services
Subjectcrisp.chat
Fingerprint9A:93:CF:5C:12:BC:6F:94:D4:4D:98:D7:06:98:44:95:AE:37:3C:6E
ValiditySat, 08 Mar 2025 00:22:29 GMT - Fri, 06 Jun 2025 01:22:25 GMT

File type
ASCII text, with no line terminators
Size
222 B (222 bytes)
Hash
56c66b5a8ac11e99e96fc0942ac85f61
1c88e779df954f6c8b5b28f06d647787ca27378d
f892258b3fb35d327304b7aa28fcf1869d949adf8bcd235d14bf0ec2c000f50c

HTTP Headers

GET /settings/website/cf887329-c0c6-4bd2-af92-52936a8292ab/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_prelude_handler&2025-2-17-3-57 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 17 Mar 2025 03:57:04 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
expires: Mon, 17 Mar 2025 07:57:04 GMT
vary: Accept-Encoding
last-modified: Mon, 17 Mar 2025 03:57:04 GMT
cf-cache-status: MISS
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 921990666fa65689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (12)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers