| pub-43a5134d57264a338f2bedd04eb31f60.r2.dev/acrobatencrypted.html | 104.18.2.35 | 200 OK | 138 B |
URL User Request GET HTTP/1.1pub-43a5134d57264a338f2bedd04eb31f60.r2.dev/acrobatencrypted.html IP104.18.2.35:443
CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
File typeHTML document, ASCII text, with no line terminators Hash219289d5a72e036bb3d570055f02a9d0 72a36f0dd051bcf4c6ea3f61dd6b141e75d1ad8a 41b01c7147782f303cfdea408c21e836df9ab81b244b2daf7669c8b96d77e6f5
Analyzer | Verdict | Alert | OpenPhish | phishing | Adobe Inc. | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /acrobatencrypted.html HTTP/1.1
Host: pub-43a5134d57264a338f2bedd04eb31f60.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 18:41:05 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Accept-Ranges: bytes
ETag: "219289d5a72e036bb3d570055f02a9d0"
Last-Modified: Tue, 02 Apr 2024 12:22:15 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 876f06d52dd056b7-OSL
|
|
| pub-43a5134d57264a338f2bedd04eb31f60.r2.dev/favicon.ico | 104.18.2.35 | 404 Not Found | 27 kB |
URL GET HTTP/1.1pub-43a5134d57264a338f2bedd04eb31f60.r2.dev/favicon.ico IP104.18.2.35:443
Requested byhttps://pub-43a5134d57264a338f2bedd04eb31f60.r2.dev/acrobatencrypted.html CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
File typeHTML document, ASCII text, with very long lines (611) Hashdf3d48946e8d3f5a83608308edbb4b86 47b9c40c97abf2658df96b1c06109324e15e1a00 570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: pub-43a5134d57264a338f2bedd04eb31f60.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-43a5134d57264a338f2bedd04eb31f60.r2.dev/acrobatencrypted.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 19 Apr 2024 18:41:05 GMT
Content-Type: text/html
Content-Length: 27242
Connection: keep-alive
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 876f06db8d3056b7-OSL
|
|
| pub-da3358244a2f4cb7a6ae33897efa1657.r2.dev/pdfencrypted.html | 104.18.2.35 | 200 OK | 138 B |
URL User Request GET HTTP/1.1pub-da3358244a2f4cb7a6ae33897efa1657.r2.dev/pdfencrypted.html IP104.18.2.35:443
CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
File typeHTML document, ASCII text, with no line terminators Hash81b15fa380617277a5fa1004de17493b 91473b8e5848cc3c895d28ed238f7486aae4d4aa ba87e9300f4d603c9a42898132a0f10356be6fd605ad3547f6f8034313081126
Analyzer | Verdict | Alert | OpenPhish | phishing | Adobe Inc. | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /pdfencrypted.html HTTP/1.1
Host: pub-da3358244a2f4cb7a6ae33897efa1657.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-43a5134d57264a338f2bedd04eb31f60.r2.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 18:41:07 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Accept-Ranges: bytes
ETag: "81b15fa380617277a5fa1004de17493b"
Last-Modified: Tue, 02 Apr 2024 12:06:09 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 876f06e1dffe56c6-OSL
|
|
| pub-da3358244a2f4cb7a6ae33897efa1657.r2.dev/favicon.ico | 104.18.2.35 | 404 Not Found | 27 kB |
URL GET HTTP/1.1pub-da3358244a2f4cb7a6ae33897efa1657.r2.dev/favicon.ico IP104.18.2.35:443
Requested byhttps://pub-da3358244a2f4cb7a6ae33897efa1657.r2.dev/pdfencrypted.html CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
File typeHTML document, ASCII text, with very long lines (611) Hashdf3d48946e8d3f5a83608308edbb4b86 47b9c40c97abf2658df96b1c06109324e15e1a00 570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: pub-da3358244a2f4cb7a6ae33897efa1657.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-da3358244a2f4cb7a6ae33897efa1657.r2.dev/pdfencrypted.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 19 Apr 2024 18:41:08 GMT
Content-Type: text/html
Content-Length: 27242
Connection: keep-alive
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 876f06e90fb856c6-OSL
|
|
| cloudflare-ipfs.com/ipfs/bafybeibkgc5ifh44nybcq37rofgufntavjbh3v24zma3wutbovatpinnnu | 104.17.96.13 | | 388 kB |
URL GET cloudflare-ipfs.com/ipfs/bafybeibkgc5ifh44nybcq37rofgufntavjbh3v24zma3wutbovatpinnnu IP104.17.96.13:0
Requested byhttps://pub-da3358244a2f4cb7a6ae33897efa1657.r2.dev/pdfencrypted.html CertificateIssuerLet's Encrypt Subjectcloudflare-ipfs.com Fingerprint18:E5:C9:71:96:8A:A9:48:E2:79:2A:29:91:D2:4E:46:90:B7:5D:9F ValiditySun, 25 Feb 2024 02:55:05 GMT - Sat, 25 May 2024 02:55:04 GMT
Size388 kB (388195 bytes) Hash13cdf17d8a0d62ed41adb851021ae81f b6b7c1ff69f95fd83e0e51af5bbc710b98e76f80 d7058240db7dde6393aa4d9621b1257713da6b5243052980c4ade3932617ae9a
Analyzer | Verdict | Alert | PhishTank | phishing | Other |
GET /ipfs/bafybeibkgc5ifh44nybcq37rofgufntavjbh3v24zma3wutbovatpinnnu HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-da3358244a2f4cb7a6ae33897efa1657.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 18:41:07 GMT
content-type: text/plain; charset=utf-8
cf-ray: 876f06e5ecd8b515-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeibkgc5ifh44nybcq37rofgufntavjbh3v24zma3wutbovatpinnnu"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/bafybeibkgc5ifh44nybcq37rofgufntavjbh3v24zma3wutbovatpinnnu
x-ipfs-roots: bafybeibkgc5ifh44nybcq37rofgufntavjbh3v24zma3wutbovatpinnnu
set-cookie: __cf_bm=bam9HWCfUVn0V8zILwlbG9ObQILur6RwtRV1JYRdhlg-1713552067-1.0.1.1-1jufHk8Qk8Q76YqhVN2.XIVCq.L1SX.NWiW3QrSHvFiJe48Z5Wiyuq7KIdxWxIHcDD79jz0XLNH51aRkZ3OxVw; path=/; expires=Fri, 19-Apr-24 19:11:07 GMT; domain=.cloudflare-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cloudflare-ipfs.com/ipfs/bafybeieekypax44idzymajw6kqumkgvkmjtldntdt55zuahktalfl5jm5m | 0.0.0.0 | | 0 B |
URL GET cloudflare-ipfs.com/ipfs/bafybeieekypax44idzymajw6kqumkgvkmjtldntdt55zuahktalfl5jm5m IP0.0.0.0:0
Requested byhttps://pub-43a5134d57264a338f2bedd04eb31f60.r2.dev/acrobatencrypted.html CertificateIssuerLet's Encrypt Subjectcloudflare-ipfs.com Fingerprint18:E5:C9:71:96:8A:A9:48:E2:79:2A:29:91:D2:4E:46:90:B7:5D:9F ValiditySun, 25 Feb 2024 02:55:05 GMT - Sat, 25 May 2024 02:55:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | PhishTank | phishing | Other |
GET /ipfs/bafybeieekypax44idzymajw6kqumkgvkmjtldntdt55zuahktalfl5jm5m HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-43a5134d57264a338f2bedd04eb31f60.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 18:41:05 GMT
content-type: text/plain; charset=utf-8
cf-ray: 876f06d91ba8b529-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeieekypax44idzymajw6kqumkgvkmjtldntdt55zuahktalfl5jm5m"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/bafybeieekypax44idzymajw6kqumkgvkmjtldntdt55zuahktalfl5jm5m
x-ipfs-roots: bafybeieekypax44idzymajw6kqumkgvkmjtldntdt55zuahktalfl5jm5m
set-cookie: __cf_bm=4R1JRtn97n6K8XYJ1ePJhqB.SqyY_4qUCLC0BEQk.QI-1713552065-1.0.1.1-wuXEPMj.iI5hwYgkCqqJKIxsHc0ceIHlzTnE6tLFNuOJ6briB.MQO7910tdvP9s1OLzoTBudaOj519dBrlPz.g; path=/; expires=Fri, 19-Apr-24 19:11:05 GMT; domain=.cloudflare-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|