Report - bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/

Report Overview

Submitted URL
bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/
IP
104.17.96.13
ASN
#13335 CLOUDFLARENET
Submitted
2024-03-29 05:50:10
Access
public
Website Title
Sharing Link Validation
Final URL
bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/
Tags
suspicious
urlquery detections
Suspicious - Suspicious Javascript code

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-03-29	1.0 kB	5.4 kB	142.250.74.170
bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com	unknown	2018-12-05	2024-02-10	2024-02-16	1.2 kB	1.9 MB	104.17.96.13
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-03-28	603 B	146 kB	104.18.11.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-28	medium	bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/	Office365
2024-03-28	medium	bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/	Office365

PhishTank

Scan Date	Severity	Indicator	Alert
2024-02-10	medium	bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/	Other
2024-02-10	medium	bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/favicon.ico	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/	1.9 MB	2024-02-10	2024-04-26
Pretty URL bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/ IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-10 14:32:07 Last Seen2024-04-26 06:47:38 Times Seen9 Hash e10021746e3c8615d1a5ca2703443212 bc7565a8e5295fc1af7648487ec0a00d09ef282b bfd1b2e49c91d45350a3d54ae12a6f2f24f276380b7dd12ebd621669abab8d28 Loading...

	unknown	285 B	2024-01-11	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-11 04:48:06 Last Seen2024-04-26 06:47:38 Times Seen15 Hash 3cbda0a675ee2fc6e4a9ded23bdcbcda 4d100180089f2ba7c1ff81c3f4b00df09142f588 b54c6d7e4f7d5b8e21f0d991d991534afcda432f1fc4d2f8e286df0b9d6b8d93 Loading...

	unknown	1.9 kB	2024-02-10	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-10 14:32:07 Last Seen2024-04-26 06:47:38 Times Seen9 Hash 32a80ed68e242667c8d7a71fcafabfa0 4b8c48d46692f573117466b68d5e7437c2bddd2e c44668e44d801cd3ae2cf07d3e97b4e71454d4d5f49410de29f8f46ebf434cad Loading...

	unknown	511 B	2024-01-23	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-23 02:41:25 Last Seen2024-04-26 06:47:38 Times Seen11 Hash 2bc4da8094c897dc155da6935d5c11d9 292eb732a5fb9bd33b5c4c720d62516095b0f4cd 0c39d89c5996007d8fda9b1d2089f58d227984b9a7903f8473d8bedfd3ce53e1 Loading...

		Size	First Seen	Last Seen
	#1 Write - 8ec87180968d07a2b640b998fe69c419	630 kB	2024-02-10	2024-04-26
Pretty Observations First Seen2024-02-10 14:32:07 Last Seen2024-04-26 06:47:38 Times Seen9 Hash 8ec87180968d07a2b640b998fe69c419 4ecd4050b26092144941f682259d9c4440498429 df4d10fa509af0a6e693009cf06f83ff1eb9b74f7791d7ec8661c7960f3e9381 Loading...

HTTP Transactions (5)

URL IP Response Size

fonts.googleapis.com/css?family=Open+Sans:600

142.250.74.170

200 OK

2.0 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Open+Sans:600
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
gzip compressed data, max compression
Size
2.0 kB (1971 bytes)
Hash
7e90f3df2ce1dad80670cfabb7ca9cfb
c37a5c8ec7ee52b83304b1e60bb7f51c4eb684dc
186cd21b394175324b396fa9d7d0a419d8b6efc12a87329b44e87012a057778d

HTTP Headers

GET /css?family=Open+Sans:600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 29 Mar 2024 05:49:45 GMT
date: Fri, 29 Mar 2024 05:49:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:600

142.250.74.170

200 OK

2.0 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Open+Sans:600
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
gzip compressed data, max compression
Size
2.0 kB (2002 bytes)
Hash
3935915086f983e35094c24af29334bd
405894422fa6a6a0254d4dc72edc08a2c00a3a6a
14a146deb21f717af964fd3de731fba757cfa6c9680533928d201775703c20d3

HTTP Headers

GET /css?family=Open+Sans:600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 29 Mar 2024 05:49:45 GMT
date: Fri, 29 Mar 2024 05:49:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/

104.17.96.13

200 OK

1.9 MB

URL User Request GET HTTP/2
bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint46:AD:9B:E1:02:E3:A8:FE:9B:E2:86:B5:A1:5C:07:B9:B7:3B:17:14
ValiditySat, 16 Mar 2024 23:28:47 GMT - Fri, 14 Jun 2024 23:28:46 GMT

File type

Size
1.9 MB (1889281 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Suspicious Javascript code
OpenPhish	phishing	Office365
PhishTank	phishing	Other

HTTP Headers

GET / HTTP/1.1
Host: bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 05:49:44 GMT
content-type: text/html
cf-ray: 86bd94113a75b512-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe/
x-ipfs-roots: bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe
set-cookie: __cf_bm=v7zGFgtniIWeQcCmNEq6qjAhbGgXBf.CUOiX3X4RO90-1711691384-1.0.1.1-a9jvIFxH2SQWdua49leJ_Xo4jr7pg_.DbPyUsc_BwJ5OxgBLCWfd7azG3z29YrQbF_NiYuE4LghNuF501a4ovQ; path=/; expires=Fri, 29-Mar-24 06:19:44 GMT; domain=.bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

104.18.11.207

200 OK

145 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65325)
Size
145 kB (144877 bytes)
Hash
450fc463b8b1a349df717056fbb3e078
895125a4522a3b10ee7ada06ee6503587cbf95c5
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

HTTP Headers

GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 05:49:45 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/18/2024 12:51:41
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 2744018eedf3ae51fb8e3d0abd361da2
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 86bd94175f8eb4ee-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/favicon.ico

104.17.96.13

404 Not Found

191 B

URL GET HTTP/2
bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/favicon.ico
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint46:AD:9B:E1:02:E3:A8:FE:9B:E2:86:B5:A1:5C:07:B9:B7:3B:17:14
ValiditySat, 16 Mar 2024 23:28:47 GMT - Fri, 14 Jun 2024 23:28:46 GMT

File type
ASCII text, with no line terminators
Size
191 B (191 bytes)
Hash
398006340608844138c9cf1aad45a91e
fe9409665f0dd7af9a409fc4d7be54dbbb479ba1
7d4435288e9ffbb176b57495573cdc6fbe91dc3cc82b234a056b1852c53c12f8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
PhishTank	phishing	Other

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe.ipfs.cf-ipfs.com/
Cookie: __cf_bm=v7zGFgtniIWeQcCmNEq6qjAhbGgXBf.CUOiX3X4RO90-1711691384-1.0.1.1-a9jvIFxH2SQWdua49leJ_Xo4jr7pg_.DbPyUsc_BwJ5OxgBLCWfd7azG3z29YrQbF_NiYuE4LghNuF501a4ovQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Fri, 29 Mar 2024 05:49:45 GMT
content-type: text/plain; charset=utf-8
cf-ray: 86bd94184dc0b512-OSL
cf-cache-status: EXPIRED
access-control-allow-origin: *
cache-control: no-store
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
x-ipfs-path: /ipfs/bafybeibgzqtorxqdbg2n3tjniohkp6a5ypwi6a3duzkzvr3lkvxl5t5eqe/favicon.ico
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (5)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate