Report - cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG

Report Overview

Submitted URL
cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG
IP
104.17.96.13
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-16 15:56:09
Access
public
Website Title
DocuSign Portal
Final URL
cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG
Tags
docusign phishing
urlquery detections
Phishing - Docusign

Detections

urlquery
4
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-16	413 B	32 kB	151.101.66.137
storageapi.fleek.co	533726	2020-03-06	2020-05-08	2024-03-26	2.0 kB	182 kB	104.18.7.145
i.gifer.com	37112	2003-04-27	2018-03-26	2024-03-26	457 B	46 kB	51.68.36.8
i.postimg.cc	23840	2016-06-11	2018-04-11	2024-04-16	1.8 kB	113 kB	162.19.88.69
cloudflare-ipfs.com	75147	2018-05-30	2021-01-20	2024-03-15	527 B	9.0 kB	104.17.96.13

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG	Adobe Inc.

PhishTank

Scan Date	Severity	Indicator	Alert
2024-02-21	medium	cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-04-29
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-29 23:55:48 Times Seen263305 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG	0 B	2023-03-07	2024-04-29
Pretty URL cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-29 23:57:45 Times Seen37193146 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (11)

URL IP Response Size

code.jquery.com/jquery-3.6.0.min.js

151.101.66.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 16 Apr 2024 15:55:43 GMT
age: 5740563
x-served-by: cache-lga21931-LGA, cache-hel1410023-HEL
x-cache: HIT, HIT
x-cache-hits: 22, 633321
x-timer: S1713282944.537169,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/css/checkbox.css

104.18.7.145

200 OK

1.0 kB

URL GET HTTP/2
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/css/checkbox.css
IP
104.18.7.145:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG
Certificate
IssuerCloudflare, Inc.
Subjectfleek.co
FingerprintBD:C3:14:20:96:F3:3B:08:04:17:AB:CB:46:08:C4:4F:D4:40:61:1F
ValidityMon, 29 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
1.0 kB (1025 bytes)
Hash
79cb4eee4c11b7f5aa102e7741491160
1139f1b912c97422fcf2b5340fd83979a1ed09a6
cd25870bf25d09ddfa89c2bfde9ef3cb87e04594b4921f7cc7a1154123623b15

HTTP Headers

GET /f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/css/checkbox.css HTTP/1.1
Host: storageapi.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 15:55:43 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"bafybeibgvokgwybajizqfuuzu6gipiom5pzaffhcexlefhw3bkehtidaq4"
last-modified: Sun, 11 Sep 2022 10:16:53 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17C633B66EF14B76
x-xss-protection: 1; mode=block
cf-cache-status: HIT
expires: Tue, 16 Apr 2024 19:55:43 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 87555c7d19791c06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/css/all.css

104.18.7.145

200 OK

93 kB

URL GET HTTP/2
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/css/all.css
IP
104.18.7.145:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG
Certificate
IssuerCloudflare, Inc.
Subjectfleek.co
FingerprintBD:C3:14:20:96:F3:3B:08:04:17:AB:CB:46:08:C4:4F:D4:40:61:1F
ValidityMon, 29 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
93 kB (93372 bytes)
Hash
0dc774397c4f5ae5bdd9418b87e96e0d
5daf9ca0b5671d9b45ff14ac5cbcbd13b4435557
87ccc8e06aae131cf1aea00dadecf6a394a00a495796ba11089d258bc7ff1946

HTTP Headers

GET /f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/css/all.css HTTP/1.1
Host: storageapi.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 15:55:43 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"bafybeifn25ou76enaoedkhqvxjgm7tpftkec5jjgdlvaxekmk26qx353qa"
last-modified: Sun, 11 Sep 2022 10:16:54 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17C633B673D3AB6D
x-xss-protection: 1; mode=block
cf-cache-status: HIT
expires: Tue, 16 Apr 2024 19:55:43 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 87555c7d19661c06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

i.gifer.com/origin/b4/b4d657e7ef262b88eb5f7ac021edda87.gif

51.68.36.8

200 OK

45 kB

URL GET HTTP/2
i.gifer.com/origin/b4/b4d657e7ef262b88eb5f7ac021edda87.gif
IP
51.68.36.8:443
ASN
#16276 OVH SAS

Requested by
https://cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG
Certificate
IssuerLet's Encrypt
Subjectgifer.com
FingerprintCC:29:4D:A0:4E:A2:86:85:76:B9:42:18:3E:81:61:2B:1D:BC:F8:05
ValidityMon, 26 Feb 2024 20:03:56 GMT - Sun, 26 May 2024 20:03:55 GMT

File type
GIF image data, version 89a, 256 x 256
Size
45 kB (45404 bytes)
Hash
3f2590067056b4f0630d5b360e694fce
8686bc4a12cc862516974c39080f89de85c21fa6
ba67f5cbb26d1c913527475815f0c8d4c4519b092a7544f015cc021360240275

HTTP Headers

GET /origin/b4/b4d657e7ef262b88eb5f7ac021edda87.gif HTTP/1.1
Host: i.gifer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 15:55:43 GMT
content-type: image/gif
content-length: 45404
last-modified: Wed, 22 Sep 2021 23:09:25 GMT
etag: "614bb7a5-b15c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/9QqPbyTc/wsa.png

162.19.88.69

200 OK

11 kB

URL GET HTTP/2
i.postimg.cc/9QqPbyTc/wsa.png
IP
162.19.88.69:443
ASN
#16276 OVH SAS

Requested by
https://cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13
ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT

File type
PNG image data, 500 x 491, 8-bit/color RGBA, non-interlaced
Size
11 kB (10801 bytes)
Hash
75e6efdb84f64201823e25630b6dec5d
18724438af3f7c71d9dd6b78a780cbf7d80b72fc
965bf9b16d00103bade48403513d5fa33515eba70584473e597afbaf55cfd77b

HTTP Headers

GET /9QqPbyTc/wsa.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 15:55:43 GMT
content-type: image/png
content-length: 10801
last-modified: Thu, 15 Jun 2023 18:05:26 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/N0s81F64/sw.png

162.19.88.69

200 OK

48 kB

URL GET HTTP/2
i.postimg.cc/N0s81F64/sw.png
IP
162.19.88.69:443
ASN
#16276 OVH SAS

Requested by
https://cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13
ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT

File type
PNG image data, 651 x 800, 8-bit/color RGBA, non-interlaced
Size
48 kB (47517 bytes)
Hash
46c313b21d113f87941c6ec7cd32cda3
4db5e507f860de2ea977093112df2486167d9651
cd775d53dd8f2ee27a2eb7da10d3261758e8b59e9712260bef8b6cebb04aa728

HTTP Headers

GET /N0s81F64/sw.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 15:55:43 GMT
content-type: image/png
content-length: 47517
last-modified: Thu, 15 Jun 2023 18:09:05 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/Wz3bn6d8/dddd.png

162.19.88.69

200 OK

49 kB

URL GET HTTP/2
i.postimg.cc/Wz3bn6d8/dddd.png
IP
162.19.88.69:443
ASN
#16276 OVH SAS

Requested by
https://cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13
ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT

File type
PNG image data, 1280 x 720, 8-bit/color RGBA, non-interlaced
Size
49 kB (49132 bytes)
Hash
a27ff715eed5114d8386e9d62e1523e0
f8233a0d31e77b93ad231f57a81ac311c625c9d7
e45dbcdf8cc2e67a8bf7f975497b73c7e791038036607647f6f5febecd2be708

HTTP Headers

GET /Wz3bn6d8/dddd.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 15:55:43 GMT
content-type: image/png
content-length: 49132
last-modified: Thu, 15 Jun 2023 17:58:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/4NwxY33Z/qz.png

162.19.88.69

200 OK

4.5 kB

URL GET HTTP/2
i.postimg.cc/4NwxY33Z/qz.png
IP
162.19.88.69:443
ASN
#16276 OVH SAS

Requested by
https://cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13
ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT

File type
PNG image data, 225 x 225, 8-bit colormap, non-interlaced
Size
4.5 kB (4469 bytes)
Hash
649a4efdf80427fa5f918d35786ce217
f2feb784615358f4e5ad4e2a79c51fba8e558ff6
2b4345fe40b4e2a0ef347157aa059877b0681902f13182eef67982be611722ef

HTTP Headers

GET /4NwxY33Z/qz.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 15:55:44 GMT
content-type: image/png
content-length: 4469
last-modified: Thu, 15 Jun 2023 18:10:55 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/fa-solid-900.woff2

104.18.7.145

200 OK

80 kB

URL GET HTTP/2
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/fa-solid-900.woff2
IP
104.18.7.145:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG
Certificate
IssuerCloudflare, Inc.
Subjectfleek.co
FingerprintBD:C3:14:20:96:F3:3B:08:04:17:AB:CB:46:08:C4:4F:D4:40:61:1F
ValidityMon, 29 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 80328, version 331.589
Size
80 kB (80328 bytes)
Hash
412a43d6840addd683665ec12c30f810
f3be6605dbff23cf22ec3abddd1141a81a99e3aa
0bf1b8d8ac1b4ef0caea0db8cbe1b6a35f8a84a2f5fffa2421936cc11a1a91fc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Docusign

HTTP Headers

GET /f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: storageapi.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudflare-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://storageapi.fleek.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 15:55:43 GMT
content-type: application/octet-stream
content-length: 80328
access-control-allow-credentials: true
access-control-allow-origin: https://cloudflare-ipfs.com
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
content-security-policy: block-all-mixed-content
etag: "bafybeifkavlgakrruhaay336uafatrfwenbeqlsf44p5xsjrki6coryyei"
last-modified: Sun, 11 Sep 2022 11:38:44 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17C633B6BB71EC6B
x-xss-protection: 1; mode=block
cf-cache-status: HIT
expires: Tue, 16 Apr 2024 19:55:43 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 87555c7e3af91c06-OSL
X-Firefox-Spdy: h2

cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG

104.17.96.13

200 OK

7.9 kB

URL User Request GET HTTP/2
cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
Fingerprint18:E5:C9:71:96:8A:A9:48:E2:79:2A:29:91:D2:4E:46:90:B7:5D:9F
ValiditySun, 25 Feb 2024 02:55:05 GMT - Sat, 25 May 2024 02:55:04 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (8706), with no line terminators
Size
7.9 kB (7927 bytes)
Hash
531f3e58d201f7a6eeeee7bde2154438
1a1d1c934d1975f053cee42be2930118080321db
bc0e3ee50843d37b2612030ba93690a2e9bf9a1f6286db9af1e54006b14b50ff

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Docusign
OpenPhish	phishing	Adobe Inc.
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 15:55:43 GMT
content-type: text/html
cf-ray: 87555c7a882c0b59-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG
x-ipfs-roots: QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG
set-cookie: __cf_bm=1IolXpSXJHI19BQ6MGbj0EQ9pXaYyJWfD8swMMOXuVo-1713282943-1.0.1.1-uSb9znZJbEpPaHPyWB6xrpj3Q3c96Ix6g2ew7dbj9I9WV4DF2aXQ1mZw_kDUSQ_xznYThMHyr9YuClWX9_WqAA; path=/; expires=Tue, 16-Apr-24 16:25:43 GMT; domain=.cloudflare-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/css/css.css

104.18.7.145

200 OK

5.1 kB

URL GET HTTP/2
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/css/css.css
IP
104.18.7.145:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloudflare-ipfs.com/ipfs/QmWdS9hDcN1KWGR3nC8sETfCtXX4S5ikkhdthW9BEAc7tG
Certificate
IssuerCloudflare, Inc.
Subjectfleek.co
FingerprintBD:C3:14:20:96:F3:3B:08:04:17:AB:CB:46:08:C4:4F:D4:40:61:1F
ValidityMon, 29 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (5409), with no line terminators
Size
5.1 kB (5101 bytes)
Hash
85d22599a284c62282428e9896f71c47
e727af90022997ca2bdf28059c4861657913b98a
4566c1d48372004e312619664ab29bbb018eba2e44164ecbf9fb01f0a78e316c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Docusign

HTTP Headers

GET /f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/css/css.css HTTP/1.1
Host: storageapi.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 15:55:43 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"bafybeih6kspinnq23twtcjtiib6chb3n5cu2f7d4bkwlajaggla4nupnzq"
last-modified: Sun, 11 Sep 2022 10:16:53 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 17C4F22142B08EED
x-xss-protection: 1; mode=block
cf-cache-status: HIT
expires: Tue, 16 Apr 2024 19:55:43 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 87555c7d19771c06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (11)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN