Report - wood-82c2.jayden1077.workers.dev/a3fd2f9f-f3c6-43f5-ac2c-352e3eaadb6a

Report Overview

Submitted URL
wood-82c2.jayden1077.workers.dev/a3fd2f9f-f3c6-43f5-ac2c-352e3eaadb6a
IP
104.21.68.26
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-20 06:03:14
Access
public
Website Title
blob:https://wood-82c2.jayden1077.workers.dev/86eb5788-ab4f-4997-9a6b-b27b5d387579
Final URL
wood-82c2.jayden1077.workers.dev/86eb5788-ab4f-4997-9a6b-b27b5d387579
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-19	426 B	31 kB	151.101.2.137
wood-82c2.jayden1077.workers.dev	unknown	2019-02-08	2023-06-09	2024-04-12	1.0 kB	2.9 MB	104.21.68.26
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-04-19	463 B	146 kB	104.18.10.207
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-20	410 B	1.1 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-20 06:02:47	low	Client IP	104.21.68.26	ET INFO Observed Cloudflare workers.dev Domain in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-19	medium	wood-82c2.jayden1077.workers.dev/a3fd2f9f-f3c6-43f5-ac2c-352e3eaadb6a	Office365
2024-04-12	medium	wood-82c2.jayden1077.workers.dev/	Office365

PhishTank

Scan Date	Severity	Indicator	Alert
2023-10-06	medium	wood-82c2.jayden1077.workers.dev/a3fd2f9f-f3c6-43f5-ac2c-352e3eaadb6a	Other
2023-10-06	medium	wood-82c2.jayden1077.workers.dev/favicon.ico	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	unknown	901 kB	2023-06-22	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-22 14:29:46 Last Seen2024-05-02 19:39:21 Times Seen222 Hash da61489a81d412f9ee6b18063bfdd2cc 8769202fe2d65e1deddd46dc1149f065f86f2b86 ee60e906772abc556ceed78401b487203afbc082d66585153e286106bb4d55f6 Loading...

	unknown	580 B	2023-06-10	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-10 03:09:48 Last Seen2024-05-02 19:39:21 Times Seen574 Hash 4b16e65069d497cccc26b7d9fe957a3d ed39b45dda701360392954e1d3c83550f5bcac4a 4e99f00edb18dac824de4d2bad5c94f9959f0acba12fb320ea7a76de16da312b Loading...

	unknown	149 kB	2023-06-10	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-10 03:09:48 Last Seen2024-05-02 19:39:21 Times Seen573 Hash da729d85c3f93a98264e3781f79e09d4 5b4e19cee11d89968232495d979f7447a54ecfb6 83b99352543ef293ea918fb9f7886f897bcc9868e3d2c67199974bded18f4db2 Loading...

	unknown	34 B	2023-04-11	2024-05-03
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16:40 Last Seen2024-05-03 06:26:25 Times Seen75971 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

	wood-82c2.jayden1077.workers.dev/86eb5788-ab4f-4997-9a6b-b27b5d387579	1.2 MB	2023-06-22	2024-05-02
Pretty URL wood-82c2.jayden1077.workers.dev/86eb5788-ab4f-4997-9a6b-b27b5d387579 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-22 14:29:47 Last Seen2024-05-02 19:39:21 Times Seen222 Hash e003fe461b22fbad7904bed81c7824ea 70ea253b667837f5833a90be74b9c7a2b8520171 b68ab9e4d6767245267e58b9d266df45b0f7d72346a9f98f2b45d3c56bcb37c6 Loading...

	unknown	952 kB	2023-06-22	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-22 14:29:46 Last Seen2024-05-02 19:39:21 Times Seen222 Hash 1566a264727dcea6fc4c2ebec92aac58 5da831af6c73600ae993d8a2fc35baa943e251ae 95ffa1e4ab5c14b9b057c890fa5a55b7e9d796e5104986b31422942eebbd066f Loading...

	unknown	1.2 MB	2023-06-22	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-22 14:29:46 Last Seen2024-05-02 19:39:21 Times Seen222 Hash 336f6ec076eb63001ac899cb2519eec2 578149bcdeeb25eac012355dee1e13f8eb1c6388 6e077079af30e51f26e41e321216bc11fbc527b7b216e72501a5a349c562f789 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2ddd2671b09d745eac5c522cd519e56e	953 kB	2023-06-22	2024-05-02
Pretty Observations First Seen2023-06-22 14:29:47 Last Seen2024-05-02 19:39:21 Times Seen206 Hash 2ddd2671b09d745eac5c522cd519e56e 1a893e8f2b6c14ecc4a43c8df1f235ceeb812f36 879ca488926591e79cbde0a601278c093ca9674049a6704746cd7209bd82f8e3 Loading...

	#2 Eval - 1a959085cfee3f3032d12a4a4539472e	935 kB	2023-06-22	2024-05-02
Pretty Observations First Seen2023-06-22 14:29:47 Last Seen2024-05-02 19:39:21 Times Seen205 Hash 1a959085cfee3f3032d12a4a4539472e 1c1edbe3c8114eeb18cc1d52a45a71e16a23a48e 01319249a84dfa61474c5d472b4a2cba704c6a46ccb3894c5da2b04d3bece370 Loading...

		Size	First Seen	Last Seen
	#1 Write - b58aea702a4e8a620506421edb734a1b	1.2 MB	2023-06-22	2024-05-02
Pretty Observations First Seen2023-06-22 14:29:47 Last Seen2024-05-02 19:39:21 Times Seen220 Hash b58aea702a4e8a620506421edb734a1b 83a6cc178764c389003424c50ef89979af007805 c19dfe60dd9234360a7a7c153f3d342ace9e10fbbcce94e7f748dc4dd68a6d38 Loading...

	#2 Write - 0c13f3a41086566eaa45cc5eb974224d	901 kB	2023-06-22	2024-05-02
Pretty Observations First Seen2023-06-22 14:29:47 Last Seen2024-05-02 19:39:21 Times Seen208 Hash 0c13f3a41086566eaa45cc5eb974224d 171bde2b0ddde48d62d17f47ec0efd989f0c7b1e b18212c75d2c6f628de149c46066c020c19e7ca4ee85a60a2f37ed892b39b826 Loading...

	#3 Write - 73c94262181b400f7e43f67ac17ad718	952 kB	2023-06-22	2024-05-02
Pretty Observations First Seen2023-06-22 14:29:47 Last Seen2024-05-02 19:39:21 Times Seen220 Hash 73c94262181b400f7e43f67ac17ad718 4bd3a4348a0e3c155eb11b54a4ccde27c3977f7f a414b4286b36a4900374679c15cbdd2c407aefebdcd4855e4376c1071df17872 Loading...

	#4 Write - 6f87067e7a5118f67810282a09c26e60	175 kB	2023-06-22	2024-05-02
Pretty Observations First Seen2023-06-22 14:29:47 Last Seen2024-05-02 19:39:21 Times Seen218 Hash 6f87067e7a5118f67810282a09c26e60 13d43948176c99481f2ecf037c7ab1707a651a2f e8ce0c9286d6a3962f06e89efa19585b25a311c2a00359d2b564d99c46df85e5 Loading...

	#5 Write - 91c0faebb650d10463c8665b9b6d37cb	462 B	2023-03-12	2024-05-02
Pretty Observations First Seen2023-03-12 21:46:43 Last Seen2024-05-02 19:39:21 Times Seen2273 Hash 91c0faebb650d10463c8665b9b6d37cb fafcffb1bf21551bc22957849438ae8e04a30e13 c5d1dcc53d65d484b2cd5c1a6555907ab7e2e2d1c76efe15c9ad6e8bc811f99f Loading...

HTTP Transactions (5)

URL IP Response Size

code.jquery.com/jquery-3.4.1.min.js

151.101.2.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.4.1.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://wood-82c2.jayden1077.workers.dev/a3fd2f9f-f3c6-43f5-ac2c-352e3eaadb6a
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30638 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /jquery-3.4.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wood-82c2.jayden1077.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15851"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 20 Apr 2024 06:02:47 GMT
age: 5511465
x-served-by: cache-lga21965-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 23, 386071
x-timer: S1713592967.457355,VS0,VE0
vary: Accept-Encoding
content-length: 30638
X-Firefox-Spdy: h2

wood-82c2.jayden1077.workers.dev/a3fd2f9f-f3c6-43f5-ac2c-352e3eaadb6a

104.21.68.26

200 OK

1.6 MB

URL User Request GET HTTP/2
wood-82c2.jayden1077.workers.dev/a3fd2f9f-f3c6-43f5-ac2c-352e3eaadb6a
IP
104.21.68.26:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectjayden1077.workers.dev
FingerprintD1:EE:9F:45:19:73:1D:7F:93:BD:09:96:2D:70:7B:3F:45:EF:53:5D
ValiditySat, 30 Mar 2024 23:51:46 GMT - Fri, 28 Jun 2024 23:51:45 GMT

File type

Size
1.6 MB (1554164 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
PhishTank	phishing	Other

HTTP Headers

GET /a3fd2f9f-f3c6-43f5-ac2c-352e3eaadb6a HTTP/1.1
Host: wood-82c2.jayden1077.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Apr 2024 06:02:47 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dx%2F4rmRRMLvGCqJQkTPS9VD74PJ6QfiCTITBfJk0i%2BCEUqtuMWuPEj2qGCAZA41MK2OvdDshsJ73sAuEhoJ%2BByGy57ONwuq0vtkECaLbfzBScM%2FL3x8MhDWFLfUa0yk8rkJzCrj2BktuZ5cVA%2Beh4dQakA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772ed6c6e295688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

wood-82c2.jayden1077.workers.dev/favicon.ico

104.21.68.26

200 OK

1.3 MB

URL GET HTTP/3
wood-82c2.jayden1077.workers.dev/favicon.ico
IP
104.21.68.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wood-82c2.jayden1077.workers.dev/a3fd2f9f-f3c6-43f5-ac2c-352e3eaadb6a
Certificate
IssuerLet's Encrypt
Subjectjayden1077.workers.dev
FingerprintD1:EE:9F:45:19:73:1D:7F:93:BD:09:96:2D:70:7B:3F:45:EF:53:5D
ValiditySat, 30 Mar 2024 23:51:46 GMT - Fri, 28 Jun 2024 23:51:45 GMT

File type

Size
1.3 MB (1310541 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
PhishTank	phishing	Other

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: wood-82c2.jayden1077.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wood-82c2.jayden1077.workers.dev/a3fd2f9f-f3c6-43f5-ac2c-352e3eaadb6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 20 Apr 2024 06:02:47 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pPpJZBClWbU%2FcnPZyZ0Z3dECO9fEKtKG4bhq19OKFwy5NW%2BXdxw8F%2FZP7R25Y64mDtGGhW90WyI2aXqocjJrWefrEVmXimNNz3rZ4HDN7jQXUbVziAq3kUFNQJkE6%2FTeniAbmuymvhYw2M5kjXYVHiuo7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8772ed6f3d8f56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

104.18.10.207

200 OK

145 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wood-82c2.jayden1077.workers.dev/a3fd2f9f-f3c6-43f5-ac2c-352e3eaadb6a
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65325)
Size
145 kB (144877 bytes)
Hash
450fc463b8b1a349df717056fbb3e078
895125a4522a3b10ee7ada06ee6503587cbf95c5
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

HTTP Headers

GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wood-82c2.jayden1077.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Apr 2024 06:02:48 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/18/2024 12:51:41
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 43bf35a7303c9768a10cc9982335708c
cdn-cache: HIT
cf-cache-status: HIT
age: 88032
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8772ed77c9d9b4f7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Yellowtail&display=swap

142.250.74.106

200 OK

422 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Yellowtail&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://wood-82c2.jayden1077.workers.dev/a3fd2f9f-f3c6-43f5-ac2c-352e3eaadb6a
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (431), with no line terminators
Size
422 B (422 bytes)
Hash
6758f60c9586add4a15e44a2ef8d7879
34e49409b44f891fedec652e108ddeecbdad0586
421deb66a1646850cdbc13dff1e4a79fbfc2e2e56f520797d64cfc22ce468beb

HTTP Headers

GET /css?family=Yellowtail&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 20 Apr 2024 06:02:48 GMT
date: Sat, 20 Apr 2024 06:02:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (5)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash