Report - bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/

Report Overview

Visited public
2023-12-05 14:56:39
Tags
URL
bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/
Finishing URL
bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/
IP / ASN
104.17.64.14
#13335 CLOUDFLARENET
Title
Webmail

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com	unknown	unknown	No data	No data	545 B	161 kB	104.17.64.14
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-12-05 05:09:20	573 B	30 kB	151.101.130.137
ik.imagekit.io	30045	2016-01-17	2017-04-02 14:17:08	2023-12-05 07:45:38	529 B	51 kB	143.204.55.121
fac.corp.fortinet.com	unknown	2001-02-16	2017-10-16 07:55:10	2023-12-05 06:30:12	557 B	1.4 kB	208.91.114.103
alphatrade-options.com	unknown	2023-10-23	2020-08-05 08:26:24	2023-12-05 07:45:07	513 B	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-05 14:56:27	low	Client IP	Internal IP	ET INFO Peer to Peer File Sharing Service in DNS Lookup (cf-ipfs .com)
2023-12-05 14:56:27	low	Client IP	Internal IP	ET INFO Peer to Peer File Sharing Service in DNS Lookup (cf-ipfs .com)
2023-12-05 14:56:27	low	Client IP	104.17.64.14	ET INFO Peer to Peer File Sharing Service Domain in TLS SNI (cf-ipfs .com)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-12-05	medium	bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/	Webmail Providers

PhishTank

Scan Date	Severity	Indicator	Alert
2023-11-18	medium	bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	code.jquery.com/jquery-2.2.4.min.js	ScriptElement	86 kB	2023-03-07	2025-05-09
Pretty URL code.jquery.com/jquery-2.2.4.min.js IP 151.101.130.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 04:39 Times Seen173849 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	unknown	Function	79 B	2023-04-11	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-05-09 04:02 Times Seen112365 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/	ScriptElement	348 B	2023-03-07	2025-05-07
Pretty URL bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/ IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:12 Last Seen2025-05-07 21:41 Times Seen8004 Hash 0a18dbfb856e33fcea42e5a8db3458d0 bf7f679ff888573c6855b41a5b19661badcebbfe 3b5e8e9c897749a5b1360d449e0e0df9c2d01ea87cca28c9d93282e6570ced72 Loading...

	bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/	ScriptElement	147 kB	2023-10-23	2024-10-26
Pretty URL bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/ IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-23 20:01 Last Seen2024-10-26 07:56 Times Seen117 Hash b7e1e003d9704451507466df446d5aaf b4f4ada93e0c2b8752a656a42918509f2f43b86b 3017b5def0191f371e50cfb03397e08197d33cce03fdd3dc933a4bdfefa0db8c Loading...

	unknown	Function	37 B	2023-04-11	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-05-09 04:30 Times Seen263284 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	unknown	Function	34 B	2023-04-11	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16 Last Seen2025-05-09 01:36 Times Seen67022 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

HTTP Transactions (5)

URL IP Response Size

code.jquery.com/jquery-2.2.4.min.js

151.101.130.137

200 OK

30 kB

URL GET HTTP/2
code.jquery.com/jquery-2.2.4.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32065)
Size
30 kB (29811 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /jquery-2.2.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/
Origin: https://bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-14e4a"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 05 Dec 2023 14:56:22 GMT
age: 6884383
x-served-by: cache-lga21935-LGA, cache-bma1661-BMA
x-cache: HIT, HIT
x-cache-hits: 46, 442175
x-timer: S1701788182.475457,VS0,VE0
vary: Accept-Encoding
content-length: 29811
X-Firefox-Spdy: h2

ik.imagekit.io/escrowmade/Rolling-1s-200px__1__trHCWXy9jD.gif

143.204.55.121

200 OK

50 kB

URL GET HTTP/2
ik.imagekit.io/escrowmade/Rolling-1s-200px__1__trHCWXy9jD.gif
IP
143.204.55.121:443
ASN
#16509 AMAZON-02

Requested by
https://bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/
Certificate
IssuerAmazon
Subject*.imagekit.io
Fingerprint62:93:E0:7F:B7:9F:A0:1F:1C:3C:D4:BB:48:74:B3:97:72:56:4E:48
ValidityWed, 22 Feb 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT

File type
GIF image data, version 89a, 200 x 200\012- data
Size
50 kB (50139 bytes)
Hash
eb89117f70bfcaad4b1490afe0f98ba4
fb2c0d49ee3d77d37c2955c0a9415f1fc4ae36e0
5273bfc1cb927d24da663c10c9b4ac457f9c0486b8061b5ef896bc19b110a1b0

HTTP Headers

GET /escrowmade/Rolling-1s-200px__1__trHCWXy9jD.gif HTTP/1.1
Host: ik.imagekit.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
content-length: 50139
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: *
timing-allow-origin: *
x-server: ImageKit.io
x-request-id: 6d50802e-cbb3-4304-b143-f0ada9dd6e5f
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
etag: "eb89117f70bfcaad4b1490afe0f98ba4"
last-modified: Fri, 12 May 2023 14:03:35 GMT
date: Sun, 06 Aug 2023 06:20:58 GMT
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront), 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
vary: Accept,User-Agent
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: gZO7ip9yakkM1HKpnVaj_6QtKe3oYkz25-evKBX31zAjdwRtiMXmFA==
age: 10485324
X-Firefox-Spdy: h2

fac.corp.fortinet.com/customviews/image/password_hidden:93edf7d3ceb704be92ee084ecc62c6c8/

208.91.114.103

200 OK

1.1 kB

URL GET HTTP/1.1
fac.corp.fortinet.com/customviews/image/password_hidden:93edf7d3ceb704be92ee084ecc62c6c8/
IP
208.91.114.103:443
ASN
#40934 FORTINET

Requested by
https://bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/
Certificate
IssuerDigiCert Inc
Subjectfac.corp.fortinet.com
Fingerprint4A:B3:F0:6D:9C:CE:91:84:53:8A:54:6B:E8:3D:79:B9:BA:91:D7:BF
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1050 bytes)
Hash
e27fe5fe535635717b432c5324ffb11f
605f5da6062b05844c7a979ebfcdd6244ebcd88e
3a0ba58278b6c2cd541d34a718480c79bd75441e94499280553b192559815db4

HTTP Headers

GET /customviews/image/password_hidden:93edf7d3ceb704be92ee084ecc62c6c8/ HTTP/1.1
Host: fac.corp.fortinet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 14:56:22 GMT
Content-Length: 1050
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Language: en
Cache-Control: public, max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

alphatrade-options.com/git/rand/favicon.png

0.0.0.0

0 B

URL GET
alphatrade-options.com/git/rand/favicon.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /git/rand/favicon.png HTTP/1.1
Host: alphatrade-options.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/

104.17.64.14

200 OK

160 kB

URL User Request GET HTTP/2
bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com/
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectcf-ipfs.com
Fingerprint7E:49:AE:B5:66:51:63:F4:42:B8:30:B0:7D:F1:03:F4:C9:C5:57:D2
ValidityFri, 17 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source text\012- exported SGML document, ASCII text, with very long lines (52259), with CRLF line terminators
Size
160 kB (160186 bytes)
Hash
1ee47b95ad1dcdb69380b61e1a1a6ebd
fd742b1c420eb1ed96600f5d26d40bb02e13020d
7c8b20c073cc345577edb6224c9ce0a45f8c7842014c33c7240b04ab22e7beab

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Webmail Providers
PhishTank	phishing	Other

HTTP Headers

GET / HTTP/1.1
Host: bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:56:22 GMT
content-type: text/html
cf-ray: 830d22a6fa510b41-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 6814
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: hit
x-ipfs-path: /ipfs/bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu/
x-ipfs-roots: bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu
set-cookie: __cf_bm=4T25ESoHta1KK0zvGxA6Wn824k1v9ZZZTU5EcZdcPUs-1701788182-0-AaffjwDC/B9dbJuRh0wt8/0cXzpd36O2Nna1A+jqwu82gd+CN3S/MJh9RyvIAX4TT2ZR0tuKFBCO08mkom9bCc8=; path=/; expires=Tue, 05-Dec-23 15:26:22 GMT; domain=.bafybeifjbhwygukbb42swhqobl7nm3amneptu7qjuweayt2fmfcmld45cu.ipfs.cf-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (5)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size