Report - cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/

Report Overview

Visited public
2023-11-20 02:52:00
Tags
URL
cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/
Finishing URL
cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/
IP / ASN
104.17.64.14
#13335 CLOUDFLARENET
Title
Webmail Login

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-11-19 20:31:19	436 B	30 kB	142.250.74.74
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-19 17:42:44	435 B	1.7 kB	142.250.74.106
	unknown				2.7 kB	39 kB	208.74.120.133
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-19 19:23:37	2.3 kB	58 kB	216.58.207.227
cloudflare-ipfs.com	75147	2018-05-30	2021-01-20 15:49:19	2023-11-18 05:11:16	543 B	29 kB	104.17.64.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-20 02:51:44	low	Client IP	Internal IP	ET INFO Peer to Peer File Sharing Service in DNS Lookup (cloudflare-ipfs .com)
2023-11-20 02:51:44	low	Client IP	Internal IP	ET INFO Peer to Peer File Sharing Service in DNS Lookup (cloudflare-ipfs .com)
2023-11-20 02:51:44	low	Client IP	104.17.64.14	ET INFO Peer to Peer File Sharing Service Domain in TLS SNI (cloudflare-ipfs .com)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

Scan Date	Severity	Indicator	Alert
2023-07-22	medium	cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/	ScriptElement	4.6 kB	2023-11-20	2024-08-20
Pretty URL cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/ IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-20 03:52 Last Seen2024-08-20 18:43 Times Seen3 Hash fef416b8402bac3662d17669d84d8e0f 047e9f066f73c3b77bd831b1ec90a786993b18da 3aa688c96fd01c74f3a092f8bb0c829e647df79d079d422feb6c48e0441fc151 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16 Last Seen2025-05-11 10:23 Times Seen1876 Hash ccd0edd113b78697e04fb5c1b519a5cd a6eedf84389e1bc9f757bc2d19538f8c8d1cae9d a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25 Loading...

	cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/	ScriptElement	6.4 kB	2023-10-26	2024-08-21
Pretty URL cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/ IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-26 06:39 Last Seen2024-08-21 03:21 Times Seen5 Hash c1e91ddc3acd3719c6c6e1b2e5bd8f3e f958e141a2d2c5d2618a055fa6034dc6b64b3670 1ddcd4bf629584e46dba03712a1773154ba8a5fd920da62d2bb32bab81d2cd11 Loading...

		Size	First Seen	Last Seen
	#1 Write - d4b8da7ca4bd2cd0654d5925bdb70a9c	1.0 kB	2023-10-26 06:39	2024-08-21 03:21
Pretty Observations First Seen2023-10-26 06:39 Last Seen2024-08-21 03:21 Times Seen5 Hash d4b8da7ca4bd2cd0654d5925bdb70a9c cf24554356d29e1ad7c2bc5bf8562e7ef5471a3e 13909b5f9370693e293a0827b593ec8db5bfd206634d17a911442be896ccf8f5 Loading...

HTTP Transactions (12)

URL IP Response Size

ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

142.250.74.74

200 OK

29 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (32023)
Size
29 kB (29440 bytes)
Hash
ccd0edd113b78697e04fb5c1b519a5cd
a6eedf84389e1bc9f757bc2d19538f8c8d1cae9d
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

HTTP Headers

GET /ajax/libs/jquery/2.0.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29440
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 04:50:45 GMT
expires: Fri, 15 Nov 2024 04:50:45 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 338458
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans

142.250.74.106

200 OK

1.1 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
1.1 kB (1109 bytes)
Hash
02aa8d8cfc012230bd53447f9d3c404b
f1c5ae4a3bcdbda866472d41f8c3e43709c1dff6
918b4a2b0efc8b81f6213792538c325bf5bf48eb77c3d353e0337838c7fa8ba8

HTTP Headers

GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 20 Nov 2023 02:51:43 GMT
date: Mon, 20 Nov 2023 02:51:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

demo.cpanel.net:2096/cPanel_magic_revision_1591695650/unprotected/cpanel/style_v2_optimized.css

208.74.120.133

200 OK

33 kB

URL GET HTTP/1.1
demo.cpanel.net:2096/cPanel_magic_revision_1591695650/unprotected/cpanel/style_v2_optimized.css
IP
208.74.120.133:2096
ASN
#33522 CPANEL-INC

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/
Certificate
IssuercPanel, Inc.
Subjectdemo.cpanel.net
Fingerprint85:4E:24:45:90:83:D3:59:99:34:CC:10:70:93:BE:C1:CB:67:42:AC
ValiditySun, 15 Oct 2023 00:00:00 GMT - Sat, 13 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (35968)
Size
33 kB (33185 bytes)
Hash
8fbc96f069ac90e0f5bdc550911969de
122f1ba190bd39d70aa173c97b6013cb5e92738b
d2af7c5d90f128515f4c5777a39e1a6142000217f832ccda793866ef01682528

HTTP Headers

GET /cPanel_magic_revision_1591695650/unprotected/cpanel/style_v2_optimized.css HTTP/1.1
Host: demo.cpanel.net:2096
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Fri, 18 Nov 2022 10:40:19 GMT
Date: Mon, 20 Nov 2023 02:51:45 GMT
Cache-Control: max-age=5184000, public
Expires: Fri, 19 Jan 2024 02:51:45 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Length: 33185

demo.cpanel.net:2096/cPanel_magic_revision_1479310954/unprotected/cpanel/images/webmail-logo.svg

208.74.120.133

200 OK

2.4 kB

URL GET HTTP/1.1
demo.cpanel.net:2096/cPanel_magic_revision_1479310954/unprotected/cpanel/images/webmail-logo.svg
IP
208.74.120.133:2096
ASN
#33522 CPANEL-INC

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/
Certificate
IssuercPanel, Inc.
Subjectdemo.cpanel.net
Fingerprint85:4E:24:45:90:83:D3:59:99:34:CC:10:70:93:BE:C1:CB:67:42:AC
ValiditySun, 15 Oct 2023 00:00:00 GMT - Sat, 13 Jan 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5359)
Size
2.4 kB (2399 bytes)
Hash
bc0c956653325b9e694d4dd1dfb78020
e1196e4db68ed573355ade966152a084581b40ec
998cd48cdc0414f694d0a3a299dd2beb1134769d5666c7e5567e7d20b4174ef8

HTTP Headers

GET /cPanel_magic_revision_1479310954/unprotected/cpanel/images/webmail-logo.svg HTTP/1.1
Host: demo.cpanel.net:2096
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Wed, 16 Nov 2016 15:42:34 GMT
Date: Mon, 20 Nov 2023 02:51:45 GMT
Cache-Control: max-age=5184000, public
Expires: Fri, 19 Jan 2024 02:51:45 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Length: 2399

demo.cpanel.net:2096/cPanel_magic_revision_1479310954/unprotected/cpanel/images/notice-error.png

208.74.120.133

200 OK

1.0 kB

URL GET HTTP/1.1
demo.cpanel.net:2096/cPanel_magic_revision_1479310954/unprotected/cpanel/images/notice-error.png
IP
208.74.120.133:2096
ASN
#33522 CPANEL-INC

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/
Certificate
IssuercPanel, Inc.
Subjectdemo.cpanel.net
Fingerprint85:4E:24:45:90:83:D3:59:99:34:CC:10:70:93:BE:C1:CB:67:42:AC
ValiditySun, 15 Oct 2023 00:00:00 GMT - Sat, 13 Jan 2024 23:59:59 GMT

File type
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1026 bytes)
Hash
a3265cc598ae28633c060889e790f80c
57530d6996c8f36711ef05681474b8f63d4184b3
bcaf01928e5c7246ab0bb7e83f609b485a67a5e442d3dd94539a883c11fb70cd

HTTP Headers

GET /cPanel_magic_revision_1479310954/unprotected/cpanel/images/notice-error.png HTTP/1.1
Host: demo.cpanel.net:2096
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demo.cpanel.net:2096/cPanel_magic_revision_1591695650/unprotected/cpanel/style_v2_optimized.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 16 Nov 2016 15:42:34 GMT
Date: Mon, 20 Nov 2023 02:51:45 GMT
Cache-Control: max-age=5184000, public
Expires: Fri, 19 Jan 2024 02:51:45 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Length: 1026

fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15296, version 1.0\012- data
Size
15 kB (15296 bytes)
Hash
64b26d8be6f82e8159532c397f27165a
b26b4efc683887c4fcd774778691ad90e104af71
439db95fd72eacf019f9a0cd934c5cd77866206f7e50ed358b3322a0260d96a9

HTTP Headers

GET /s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudflare-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15296
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:21:56 GMT
expires: Fri, 15 Nov 2024 23:21:56 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:03:23 GMT
content-type: font/woff2
age: 271789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4jaVIGxA.woff2

216.58.207.227

200 OK

9.4 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4jaVIGxA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9388, version 1.0\012- data
Size
9.4 kB (9388 bytes)
Hash
a668d91b3f05f54b834bddbd715f9bc3
d58f7a52df6c15becb4084f862f84277d05ecab3
258c82612dc0e5a8dc1e7042a2e7eb7dbe544b04afc591f2b7b37c96cecb3f99

HTTP Headers

GET /s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4jaVIGxA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudflare-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9388
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 04:59:07 GMT
expires: Fri, 15 Nov 2024 04:59:07 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 01:06:59 GMT
content-type: font/woff2
age: 337958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18664, version 1.0\012- data
Size
19 kB (18664 bytes)
Hash
8d1c44b2bf75a4e6f1bd141f9a965f4f
1e5dfdb7ca5ee8e823f9f5787f84b18fbdc38434
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

HTTP Headers

GET /s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudflare-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18664
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:21:50 GMT
expires: Fri, 15 Nov 2024 23:21:50 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
content-type: font/woff2
age: 271795
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2

216.58.207.227

200 OK

11 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11084, version 1.0\012- data
Size
11 kB (11084 bytes)
Hash
ebcaceb931bbdcc67a4c25ffdb5e89ee
1638d5aec3f8f130c93c1a5da551946791401f54
18c72b42c630259e7f589c515f8cf986f14dc6f4cb1b75c92042c68d47a7f79f

HTTP Headers

GET /s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudflare-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11084
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 05:01:15 GMT
expires: Fri, 15 Nov 2024 05:01:15 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:41:45 GMT
content-type: font/woff2
age: 337830
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

demo.cpanel.net:2096/cPanel_magic_revision_1479310954/unprotected/cpanel/images/icon-username.png

208.74.120.133

200 OK

320 B

URL GET HTTP/1.1
demo.cpanel.net:2096/cPanel_magic_revision_1479310954/unprotected/cpanel/images/icon-username.png
IP
208.74.120.133:2096
ASN
#33522 CPANEL-INC

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/
Certificate
IssuercPanel, Inc.
Subjectdemo.cpanel.net
Fingerprint85:4E:24:45:90:83:D3:59:99:34:CC:10:70:93:BE:C1:CB:67:42:AC
ValiditySun, 15 Oct 2023 00:00:00 GMT - Sat, 13 Jan 2024 23:59:59 GMT

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
320 B (320 bytes)
Hash
07ff84f8c855e5fe9d510ff5c9a4b1e4
11c262053e2b9be57d1dba7cb3d916ef041a0e50
05ce0f813e6236158fa1d115faba62cd2041aab1878cac0960a0f45575cece1e

HTTP Headers

GET /cPanel_magic_revision_1479310954/unprotected/cpanel/images/icon-username.png HTTP/1.1
Host: demo.cpanel.net:2096
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demo.cpanel.net:2096/cPanel_magic_revision_1591695650/unprotected/cpanel/style_v2_optimized.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 16 Nov 2016 15:42:34 GMT
Date: Mon, 20 Nov 2023 02:51:45 GMT
Cache-Control: max-age=5184000, public
Expires: Fri, 19 Jan 2024 02:51:45 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Length: 320

demo.cpanel.net:2096/cPanel_magic_revision_1479310954/unprotected/cpanel/images/icon-password.png

208.74.120.133

200 OK

450 B

URL GET HTTP/1.1
demo.cpanel.net:2096/cPanel_magic_revision_1479310954/unprotected/cpanel/images/icon-password.png
IP
208.74.120.133:2096
ASN
#33522 CPANEL-INC

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/
Certificate
IssuercPanel, Inc.
Subjectdemo.cpanel.net
Fingerprint85:4E:24:45:90:83:D3:59:99:34:CC:10:70:93:BE:C1:CB:67:42:AC
ValiditySun, 15 Oct 2023 00:00:00 GMT - Sat, 13 Jan 2024 23:59:59 GMT

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
450 B (450 bytes)
Hash
7ac1cefcb7eab93c6d6981ecde6c1635
1523f8cb80ab19108549d0b7db31a58b71c05d39
a02998df88a6efb0baa526796b2b682ce9fdd6471ceb19170b326320f22f7053

HTTP Headers

GET /cPanel_magic_revision_1479310954/unprotected/cpanel/images/icon-password.png HTTP/1.1
Host: demo.cpanel.net:2096
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demo.cpanel.net:2096/cPanel_magic_revision_1591695650/unprotected/cpanel/style_v2_optimized.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 16 Nov 2016 15:42:34 GMT
Date: Mon, 20 Nov 2023 02:51:45 GMT
Cache-Control: max-age=5184000, public
Expires: Fri, 19 Jan 2024 02:51:45 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Length: 450

cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/

104.17.64.14

200 OK

28 kB

URL User Request GET HTTP/2
cloudflare-ipfs.com/ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
FingerprintD8:7E:08:77:50:0E:FC:62:DF:31:B6:0D:1E:3D:5C:42:E3:33:24:B8
ValiditySun, 29 Oct 2023 23:40:27 GMT - Sat, 27 Jan 2024 23:40:26 GMT

File type

Size
28 kB (27528 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/ HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 20 Nov 2023 02:51:43 GMT
content-type: text/html
cf-ray: 828d64876d14b50f-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu/
x-ipfs-roots: bafybeidgwsyycwzmgjsrt4y7fpybubhgfackzag7irrtz6p6ikq6uf6ncu
set-cookie: __cf_bm=5cr9BKGNtMO_qPeHUUAVIlnA_WK8McXly.FDcvJayAU-1700448703-0-Afx92sKOgpMqXd8WFEYIRfC8VhZ3q5i37SEl+D3Qtazd14Rx6+/7jji0lrRrhl8WzHjauNcZBhgzasZm3bHqGPE=; path=/; expires=Mon, 20-Nov-23 03:21:43 GMT; domain=.cloudflare-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (12)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size