Report - cf-ipfs.com/ipfs/QmYuaT57QXthse2FxAx8gX3wLxirNfoBAcyDazwXk9Tpx2/mail

Report Overview

Submitted URL
cf-ipfs.com/ipfs/QmYuaT57QXthse2FxAx8gX3wLxirNfoBAcyDazwXk9Tpx2/mail_deliverypil2205.html
IP
104.17.64.14
ASN
#13335 CLOUDFLARENET
Submitted
2024-03-29 16:02:31
Access
public
Website Title
PDF Online
Final URL
bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/mail_deliverypil2205.html
Tags
suspicious
urlquery detections
Suspicious - Anti-debugging code

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-03-28	470 B	22 kB	151.101.129.229
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-03-29	996 B	64 kB	142.250.74.10
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-03-28	510 B	24 kB	104.18.11.207
www.adobe.com	2202	unknown	2018-06-13	2024-03-28	532 B	1.7 kB	104.84.153.153
bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com	unknown	2018-12-05	2023-06-07	2024-03-12	558 B	32 kB	104.17.64.14
cf-ipfs.com	655312	2018-12-05	2018-12-20	2024-03-28	543 B	1.1 kB	104.17.96.13
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-03-28	520 B	3.4 kB	104.17.25.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-29	medium	cf-ipfs.com/ipfs/QmYuaT57QXthse2FxAx8gX3wLxirNfoBAcyDazwXk9Tpx2/mail_deliverypil2205.html	Adobe Inc.
2024-03-12	medium	bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/mail_deliverypil2205.html	Adobe Inc.

PhishTank

Scan Date	Severity	Indicator	Alert
2023-06-07	medium	cf-ipfs.com/ipfs/QmYuaT57QXthse2FxAx8gX3wLxirNfoBAcyDazwXk9Tpx2/mail_deliverypil2205.html	Other
2023-06-07	medium	bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/mail_deliverypil2205.html	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-29
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-29 02:57:41 Times Seen140057 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/mail_deliverypil2205.html	80 B	2023-03-07	2024-04-17
Pretty URL bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/mail_deliverypil2205.html IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 18:21:19 Last Seen2024-04-17 18:06:27 Times Seen103 Hash 89012a41e214770c70aa2653a8888df9 5e05aa63212b3c6cf6f06d7a96a9568ac2d361b0 0189b861ce100b297c946a22c735dcd11ded8b29927c1112025251f33142dd4a Loading...

	cdn.jsdelivr.net/npm/sweetalert2@11	76 kB	2024-03-23	2024-04-16
Pretty URL cdn.jsdelivr.net/npm/sweetalert2@11 IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-23 17:42:28 Last Seen2024-04-16 19:51:03 Times Seen76 Hash 416f94b5ea7fafe1cb4e2ab41996e533 fed81c13cdb5b4b18ce93897f89f2325f69cd191 3b5d7370611deb0e12405966f22fd493954007e12134d9b29d52f39f04ba4c9e Loading...

	bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/mail_deliverypil2205.html	2.9 kB	2023-06-07	2024-04-06
Pretty URL bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/mail_deliverypil2205.html IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-07 05:43:05 Last Seen2024-04-06 18:35:48 Times Seen31 Hash b6ab963cbe5dfd6e6b8a0ddae361dbf0 fe40b0e6c32a14716ee24a933d21a61108fbabf4 65e2f59c8f5d6587d277e889b871646d242aabae4d55264c903f93343f99d736 Loading...

	unknown	33 B	2023-04-28	2024-04-17
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-28 07:18:01 Last Seen2024-04-17 18:06:27 Times Seen80 Hash 17327ab9c86a2ca024d8ca66afc42537 7b7de953429cb85d35d4554d8607457e8f5a5f9e 80c5275fa757428eb2b075327597f9f2f3e7da9516167747c0669c11207c84c1 Loading...

HTTP Transactions (8)

URL IP Response Size

cf-ipfs.com/ipfs/QmYuaT57QXthse2FxAx8gX3wLxirNfoBAcyDazwXk9Tpx2/mail_deliverypil2205.html

104.17.96.13

301 Moved Permanently

145 B

URL User Request GET HTTP/2
cf-ipfs.com/ipfs/QmYuaT57QXthse2FxAx8gX3wLxirNfoBAcyDazwXk9Tpx2/mail_deliverypil2205.html
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectcf-ipfs.com
Fingerprint33:42:32:E5:22:DD:EC:B2:FA:AD:88:57:0E:97:21:CF:2E:C4:17:BA
ValiditySat, 06 May 2023 00:00:00 GMT - Sun, 05 May 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
145 B (145 bytes)
Hash
a5736ee8ecc053e1331f6898b581457f
24396a23a88e7831956673c0073916c97e200c8e
308b2365cb53f6da3f0363e598a1f2c130976779a4d40143ee7a6829ee68a0e0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Adobe Inc.
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/QmYuaT57QXthse2FxAx8gX3wLxirNfoBAcyDazwXk9Tpx2/mail_deliverypil2205.html HTTP/1.1
Host: cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 29 Mar 2024 16:02:06 GMT
content-type: text/html; charset=utf-8
content-length: 145
location: https://bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/mail_deliverypil2205.html
cf-ray: 86c11513fad1b4f4-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: no-store
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
set-cookie: __cf_bm=WaurTUyjdTX0VlE1x3gMskXIPCjwnqvKAXzX64fKndo-1711728126-1.0.1.1-YUA.X5bcFvuMEt6CwDDw4RZ2QpNfKRfcFuZt0j4Ibb03819QJhOwm8G9RNz7ewxLCozDS7AUuMEYzA6BaW71Zw; path=/; expires=Fri, 29-Mar-24 16:32:06 GMT; domain=.cf-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/6.6.8/sweetalert2.min.css

104.17.25.14

200 OK

2.4 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/6.6.8/sweetalert2.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/mail_deliverypil2205.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (15121), with no line terminators
Size
2.4 kB (2415 bytes)
Hash
854055db8a5ee35964e6bf8fa4dc7990
7c961aa32827f1c8b5da6f12762b36e9e3331d4c
7f3a692cfa76e5be66003c69a85431144dc1eeda8965499510b034bb8d925227

HTTP Headers

GET /ajax/libs/limonte-sweetalert2/6.6.8/sweetalert2.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 16:02:06 GMT
content-type: text/css; charset=utf-8
content-length: 2415
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed1-3b11"
last-modified: Mon, 04 May 2020 16:12:01 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 9961450
expires: Wed, 19 Mar 2025 16:02:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4m7ZQUEdhfpcUz1CGZfEwcWPH9j%2Bi4BtMl4%2B0B9xWZgPDTwehUASo%2Fttpf5%2F%2Brh1SH%2Bj68lGW2ZM6tD16FgGA5JFA5SCTbch4OjYNG05pvC3KP2EkKV04DBYfxq6Wbvq112%2F9RYw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 86c115181d63b505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/sweetalert2@11

151.101.129.229

200 OK

21 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/mail_deliverypil2205.html
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (52137)
Size
21 kB (21290 bytes)
Hash
416f94b5ea7fafe1cb4e2ab41996e533
fed81c13cdb5b4b18ce93897f89f2325f69cd191
3b5d7370611deb0e12405966f22fd493954007e12134d9b29d52f39f04ba4c9e

HTTP Headers

GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.10.7
x-jsd-version-type: version
etag: W/"12992-/tgcE821tLGM6TiX+J8jJfac0ZE"
content-encoding: br
accept-ranges: bytes
date: Fri, 29 Mar 2024 16:02:06 GMT
age: 39177
x-served-by: cache-fra-eddf8230029-FRA, cache-hel1410028-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21290
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.10

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/mail_deliverypil2205.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:35:21 GMT
expires: Fri, 28 Mar 2025 17:35:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 80805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

104.18.11.207

200 OK

23 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/mail_deliverypil2205.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65324)
Size
23 kB (22647 bytes)
Hash
04aca1f4cd3ec3c05a75a879f3be75a3
675fcf28f9fbf37139d3b2c0b676f96f601a4203
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

HTTP Headers

GET /bootstrap/4.1.3/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 16:02:06 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 10/31/2023 18:48:38
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: d92760ed6a1dac63dec1fb1d76198f43
cdn-cache: HIT
cf-cache-status: HIT
age: 1160383
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 86c115181ab056b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.10

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/mail_deliverypil2205.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:35:21 GMT
expires: Fri, 28 Mar 2025 17:35:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 80805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.adobe.com/content/dam/shared/images/product-icons/svg/acrobat-reader.svg

104.84.153.153

200 OK

834 B

URL GET HTTP/2
www.adobe.com/content/dam/shared/images/product-icons/svg/acrobat-reader.svg
IP
104.84.153.153:443
ASN
#20940 Akamai International B.V.

Requested by
https://bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/mail_deliverypil2205.html
Certificate
IssuerDigiCert Inc
Subject*.adobe.com
FingerprintB3:50:FB:1E:83:AF:74:EA:87:64:38:E3:6B:C4:7C:4E:DF:39:EE:6B
ValidityWed, 13 Sep 2023 00:00:00 GMT - Thu, 12 Sep 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
834 B (834 bytes)
Hash
325c8a2984f01a66681f42d5c7480dda
5985d9bea1fe85a2ac2787231c919893e2ad2e3b
d1e12c899e29f48adf45b0e2dabdc1c3eea604ccc833701f8590e8116efc19b1

HTTP Headers

GET /content/dam/shared/images/product-icons/svg/acrobat-reader.svg HTTP/1.1
Host: www.adobe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
server: Apache
x-adobe-content: AEM-Offers
x-frame-options: SAMEORIGIN
x-adobe-info: dd741a6e-76f2-4194-a204-20acd92c391c, dd741a6e-76f2-4194-a204-20acd92c391c
last-modified: Wed, 27 Mar 2024 17:57:32 GMT
x-adobe-loc: ew1
x-adobe-source: 128.80
x-content-type-options: nosniff
x-adobe-cache: MISS
accept-ranges: bytes
content-encoding: gzip
content-length: 834
cache-control: max-age=21600
expires: Fri, 29 Mar 2024 22:02:07 GMT
date: Fri, 29 Mar 2024 16:02:07 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711728127318_1750374805_35683901_76_8810_10_36_1";dur=1
alt-svc: h3=":443"; ma=93600
akamai-x-true-ttl: 31536000
akamai-grn-www.adobe.com: 0.95995468.1711728127.2207e3d
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/mail_deliverypil2205.html

104.17.64.14

200 OK

31 kB

URL User Request GET HTTP/2
bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com/mail_deliverypil2205.html
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint46:AD:9B:E1:02:E3:A8:FE:9B:E2:86:B5:A1:5C:07:B9:B7:3B:17:14
ValiditySat, 16 Mar 2024 23:28:47 GMT - Fri, 14 Jun 2024 23:28:46 GMT

File type
HTML document, ASCII text, with very long lines (22415), with CRLF line terminators
Size
31 kB (30603 bytes)
Hash
3b572487991a71f64058b2eff3483686
561ad8568393210934d9316e39f8d58eaddb7152
2d464ab62a8238e46c381ca294cc7a42d0811ab0b21a3f55ed72df4ca1f3fafd

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Anti-debugging code
OpenPhish	phishing	Adobe Inc.
PhishTank	phishing	Other

HTTP Headers

GET /mail_deliverypil2205.html HTTP/1.1
Host: bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 16:02:06 GMT
content-type: text/html
cf-ray: 86c115155a9bb4f1-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"Qmbzr8qJCBTTVwi3akD4HecyhPjmYwQWsSrcFEfdyWsTvV"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam/mail_deliverypil2205.html
x-ipfs-roots: bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam,Qmbzr8qJCBTTVwi3akD4HecyhPjmYwQWsSrcFEfdyWsTvV
set-cookie: __cf_bm=ASU.ZBU8zXfy1dZTL6lBdIA9U4FRw6I1c699UiX0BjQ-1711728126-1.0.1.1-RleMeyK0wx3FwRJ_LbqZ4S2r7_x7pafhtaeV3p2jOMU6U8z9NngksIAQQH6440ashu7gQuK8Col0CrkSOYTkHA; path=/; expires=Fri, 29-Mar-24 16:32:06 GMT; domain=.bafybeie5aq4fjst3jf72ili6mm322lfkjayodristrx7vhg4fjsvp4ioam.ipfs.cf-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (8)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN