Report - ad.doubleclick.net/clk;265186560;90846275;t;pc=[TPAS_ID]?//hr-performance.com/.dpz/file/9/Y2luZHlAenRlcnMuY29t

Report Overview

Visitedpublic

2024-02-01 21:03:52

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cloudflare-ipfs.com	75147	2018-05-30	2021-01-20 15:49:19	2024-01-26 09:45:10	1.2 kB	16 kB	104.17.96.13
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2024-02-01 11:34:15	441 B	15 kB	104.17.25.14
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2024-02-01 07:15:46	409 B	80 kB	151.101.194.137
6hwqw3b1qn9.lfofapp.online	unknown	unknown	No data	No data	458 B	198 kB	188.114.97.1
uq952gr3q5f.gakgakga.online	unknown	unknown	No data	No data	459 B	198 kB	188.114.97.1
add_shortcut	unknown	unknown	No data	No data	414 B	0 B	0.0.0.0
ad.doubleclick.net	186	1996-01-16	2012-05-24 22:21:08	2024-02-01 14:58:31	564 B	907 B	216.58.207.230
hr-performance.com	unknown	2020-09-18	2015-06-15 18:20:04	2024-02-01 14:05:55	505 B	387 B	167.250.5.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-02-01 21:03:28	low	Client IP	Internal IP	ET INFO Peer to Peer File Sharing Service in DNS Lookup (cloudflare-ipfs .com)
2024-02-01 21:03:28	low	Client IP	104.17.96.13	ET INFO Peer to Peer File Sharing Service Domain in TLS SNI (cloudflare-ipfs .com)
2024-02-01 21:03:29	low	Client IP	Internal IP	ET INFO Peer to Peer File Sharing Service in DNS Lookup (cloudflare-ipfs .com)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

Scan Date	Severity	Indicator	Alert
2023-05-02	medium	cloudflare-ipfs.com/favicon.ico	Other
2023-05-02	medium	cloudflare-ipfs.com/ipfs/bafkreib5tn5ex6oax557bapzf7wc6l5lwj6rf6734qkojcwzdtyuc36mji	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-02-01	medium	add_shortcut	Sinkholed

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	cloudflare-ipfs.com/ipfs/bafkreib5tn5ex6oax557bapzf7wc6l5lwj6rf6734qkojcwzdtyuc36mji#cindy@zters.com	ScriptElement	15 kB	2024-02-01	2024-08-20
URL cloudflare-ipfs.com/ipfs/bafkreib5tn5ex6oax557bapzf7wc6l5lwj6rf6734qkojcwzdtyuc36mji#cindy@zters.com IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded true Resource Info First Seen 2024-02-01 Last Seen 2024-08-20 Times Seen 32 Size 15 kB (14749 bytes) MD5 2a222d284cb75ca9670e545150ba110f SHA1 f00816997645abe56b34aec103d1ded4d812e91c SHA256 07da32e03372c5e714c4f307ec7f60a7b16f23933ba28dd35d92e2acaa79b68e Format Code Loading...

HTTP Transactions (9)

URL IP Response Size

ad.doubleclick.net/clk;265186560;90846275;t;pc=[TPAS_ID]?//hr-performance.com/.dpz/file/9/Y2luZHlAenRlcnMuY29t

216.58.207.230

0 B

URL

ad.doubleclick.net/clk;265186560;90846275;t;pc=[TPAS_ID]?//hr-performance.com/.dpz/file/9/Y2luZHlAenRlcnMuY29t

IP / ASN

216.58.207.230

#15169 GOOGLE

Requested byN/A

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606025

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /clk;265186560;90846275;t;pc=[TPAS_ID]?//hr-performance.com/.dpz/file/9/Y2luZHlAenRlcnMuY29t HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: //hr-performance.com/.dpz/file/9/Y2luZHlAenRlcnMuY29t
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 01 Feb 2024 21:03:27 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: IDE=AHWqTUliwRy-OuUNA-waxrIumSe1tE9cMqBVpITX3V16jmC6f2gvpaJR5KbKjYHTYRw; expires=Sat, 31-Jan-2026 21:03:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
FLC=COeSAhDD6KgrGIDauX4omdVHMJ-O8K0GcADauAQOMgw6CgoIKDCYF739wTo; expires=Thu, 01-Feb-2024 21:03:37 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hr-performance.com/.dpz/file/9/Y2luZHlAenRlcnMuY29t

167.250.5.32

0 B

URL

hr-performance.com/.dpz/file/9/Y2luZHlAenRlcnMuY29t

IP / ASN

167.250.5.32

#264649 NUT HOST SRL

Requested byN/A

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606025

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /.dpz/file/9/Y2luZHlAenRlcnMuY29t HTTP/1.1
Host: hr-performance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
refresh: 0;url=https://cloudflare-ipfs.com/ipfs/bafkreib5tn5ex6oax557bapzf7wc6l5lwj6rf6734qkojcwzdtyuc36mji#cindy@zters.com
cache-control: max-age=99900
expires: Sat, 03 Feb 2024 00:48:28 GMT
referrer-policy: no-referrer-when-downgrade
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 01 Feb 2024 21:03:28 GMT
server: Apache
X-Firefox-Spdy: h2

GET cloudflare-ipfs.com/favicon.ico

104.17.96.13

404 Not Found

14 B

URL

cloudflare-ipfs.com/favicon.ico

IP / ASN

104.17.96.13

#13335 CLOUDFLARENET

Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreib5tn5ex6oax557bapzf7wc6l5lwj6rf6734qkojcwzdtyuc36mji#cindy@zters.com

Resource Info

File typeASCII text, with no line terminators

First Seen2023-04-05

Last Seen2025-07-31

Times Seen22087

Size14 B (14 bytes)

MD5d0fbda9855d118740f1105334305c126

SHA1bc3023b36063a7681db24681472b54fa11f0d4ec

SHA256a469ab4ca4e55bf547566e9ebfa1b809c933207e9d558156bc0c4252b17533fe

Certificate Info

IssuerLet's Encrypt

Subjectcloudflare-ipfs.com

FingerprintF9:C4:58:3E:03:45:76:C4:95:63:D6:9A:DE:9B:B6:8B:06:62:E4:DE

ValidityThu, 28 Dec 2023 01:08:05 GMT - Wed, 27 Mar 2024 01:08:04 GMT

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/ipfs/bafkreib5tn5ex6oax557bapzf7wc6l5lwj6rf6734qkojcwzdtyuc36mji
Cookie: __cf_bm=OmJzw73eajYELcIv0IrUyRA9hi7d4MYF.nEXeEkpZkA-1706821409-1-ASbXc4Pe8wwC6wXvh6suRQEubbAxpqeaYueSWe1PLvR4B0W+aWfRrmlUePBgY38ErCobl2ttWl5vX0PpuE4h41Y=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Thu, 01 Feb 2024 21:03:29 GMT
content-type: text/plain;charset=UTF-8
content-length: 14
vary: Accept-Encoding
server: cloudflare
cf-ray: 84ed242fabffb521-OSL
alt-svc: h3=":443"; ma=86400

GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

104.17.25.14

200 OK

14 kB

URL

cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

IP / ASN

104.17.25.14

#13335 CLOUDFLARENET

Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreib5tn5ex6oax557bapzf7wc6l5lwj6rf6734qkojcwzdtyuc36mji#cindy@zters.com

Resource Info

File typeJavaScript source, ASCII text, with very long lines (48316), with no line terminators

First Seen2023-03-07

Last Seen2025-08-02

Times Seen133029

Size14 kB (13972 bytes)

MD52ca03ad87885ab983541092b87adb299

SHA11a17f60bf776a8c468a185c1e8e985c41a50dc27

SHA2568e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

Certificate Info

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D

ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

HTTP Headers

GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Feb 2024 21:03:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4404214
expires: Tue, 21 Jan 2025 21:03:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHycONRvjY%2F35%2BahlTXgOFfxN9SjmuRyCWGN6ivMsLd1z3%2BsLvIpylCHj9WnYhxfWV%2FCmIXRIqS13bwSajePCpQFqos8%2Fzmfn3vbeiVE9gin%2FuSQh6EXbqkkIIBSJvxh9ZHNk%2BwJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 84ed242ffcd056bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET code.jquery.com/jquery-1.9.1.js

151.101.194.137

200 OK

80 kB

URL

code.jquery.com/jquery-1.9.1.js

IP / ASN

151.101.194.137

#54113 FASTLY

Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreib5tn5ex6oax557bapzf7wc6l5lwj6rf6734qkojcwzdtyuc36mji#cindy@zters.com

Resource Info

File typeJavaScript source, ASCII text

First Seen2023-03-07

Last Seen2025-08-01

Times Seen36594

Size80 kB (79506 bytes)

MD508c235d357750c657ac1db7d1cf656a9

SHA19257afd2d46c3a189ec0d40a45722701d47e9ca5

SHA2567bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40

Certificate Info

IssuerSectigo Limited

Subject*.jquery.com

FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D

ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

HTTP Headers

GET /jquery-1.9.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-4185d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 01 Feb 2024 21:03:29 GMT
age: 1397271
x-served-by: cache-lga21952-LGA, cache-hel1410023-HEL
x-cache: HIT, HIT
x-cache-hits: 31, 27399
x-timer: S1706821409.300570,VS0,VE0
vary: Accept-Encoding
content-length: 79506
X-Firefox-Spdy: h2

GET 6hwqw3b1qn9.lfofapp.online/static/media/preload-outlook.gif

188.114.97.1

200 OK

197 kB

URL

6hwqw3b1qn9.lfofapp.online/static/media/preload-outlook.gif

IP / ASN

188.114.97.1

#13335 CLOUDFLARENET

Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreib5tn5ex6oax557bapzf7wc6l5lwj6rf6734qkojcwzdtyuc36mji#cindy@zters.com

Resource Info

File typeGIF image data, version 89a, 1580 x 720

First Seen2023-07-05

Last Seen2025-06-17

Times Seen31509

Size197 kB (197044 bytes)

MD55a82b5eee228b42593eb49c3a2d830ea

SHA1a958abaf7781997bfee5cf4a8bca6d3013dbb95a

SHA256c51ecfdbb39612d629bbbfa57896c63dc52971d7bcf78f1795944be16274a8eb

Certificate Info

IssuerLet's Encrypt

Subjectlfofapp.online

Fingerprint97:3F:FD:8D:E2:2E:1B:87:6C:CB:33:87:60:1C:30:A3:A8:4E:50:CC

ValidityThu, 25 Jan 2024 17:53:41 GMT - Wed, 24 Apr 2024 17:53:40 GMT

HTTP Headers

GET /static/media/preload-outlook.gif HTTP/1.1
Host: 6hwqw3b1qn9.lfofapp.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Feb 2024 21:03:30 GMT
content-type: image/gif
content-length: 197044
content-disposition: inline; filename="preload-outlook.gif"
last-modified: Sat, 04 Nov 2023 22:18:46 GMT
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
vary: origin, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEDR%2FZIkUYq8lw9sHQAxmdcte71fB5Ax%2BXT9KBvM26rTGVXdf%2F%2BrFk9AdHSw%2BYkAhf%2Fw5c9o9FiYQZYnLDyQAQfo%2FK7AewEIgF5b%2BIxwbIj7Gt7Z06BrlG%2BcJunQbBpl%2F%2FOWH%2FbVP1WqMB9kRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84ed24307f8ab505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET uq952gr3q5f.gakgakga.online/static/media/preload-outlook.gif

188.114.97.1

200 OK

197 kB

URL

uq952gr3q5f.gakgakga.online/static/media/preload-outlook.gif

IP / ASN

188.114.97.1

#13335 CLOUDFLARENET

Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreib5tn5ex6oax557bapzf7wc6l5lwj6rf6734qkojcwzdtyuc36mji#cindy@zters.com

Resource Info

File typeGIF image data, version 89a, 1580 x 720

First Seen2023-07-05

Last Seen2025-06-17

Times Seen31509

Size197 kB (197044 bytes)

MD55a82b5eee228b42593eb49c3a2d830ea

SHA1a958abaf7781997bfee5cf4a8bca6d3013dbb95a

SHA256c51ecfdbb39612d629bbbfa57896c63dc52971d7bcf78f1795944be16274a8eb

Certificate Info

IssuerGoogle Trust Services LLC

Subjectgakgakga.online

FingerprintE6:3E:D9:23:34:96:CF:29:D2:49:4F:CC:85:1F:E9:10:2D:FB:0B:61

ValiditySun, 28 Jan 2024 20:49:24 GMT - Sat, 27 Apr 2024 20:49:23 GMT

HTTP Headers

GET /static/media/preload-outlook.gif HTTP/1.1
Host: uq952gr3q5f.gakgakga.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Feb 2024 21:03:30 GMT
content-type: image/gif
content-length: 197044
content-disposition: inline; filename="preload-outlook.gif"
last-modified: Sat, 04 Nov 2023 22:18:46 GMT
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
vary: origin, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjCwi%2BX74P2L9CTZH%2FfeW7lMgsT6isQD1u7OjdLEHNwjBa%2FXDjfNmYVGpCiHxivuBuIZPcvLE6JhpjVZfTJBGuJJCI2kwtCirqLl5PFXE%2FG3hmRz45%2Bgyw7z9kIsNERMX2ewFmf7dBANu0itlGk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84ed24309cb11c0a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cloudflare-ipfs.com/ipfs/bafkreib5tn5ex6oax557bapzf7wc6l5lwj6rf6734qkojcwzdtyuc36mji

104.17.96.13

200 OK

15 kB

URL

cloudflare-ipfs.com/ipfs/bafkreib5tn5ex6oax557bapzf7wc6l5lwj6rf6734qkojcwzdtyuc36mji

IP / ASN

104.17.96.13

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeJavaScript source, ASCII text, with very long lines (14766), with no line terminators

First Seen2024-02-01

Last Seen2024-08-20

Times Seen31

Size15 kB (14766 bytes)

MD52fadf975ef7ee1ca25cd51a1e20f9bed

SHA1f166896f8e7d2b8131777200ab4dfaacf778a04a

SHA2563d9b7a4bf9c0bf7bf081f92fec2f2fabb27d12fbfbe414e48ad91cf1416fcc4a

Certificate Info

IssuerLet's Encrypt

Subjectcloudflare-ipfs.com

FingerprintF9:C4:58:3E:03:45:76:C4:95:63:D6:9A:DE:9B:B6:8B:06:62:E4:DE

ValidityThu, 28 Dec 2023 01:08:05 GMT - Wed, 27 Mar 2024 01:08:04 GMT

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/bafkreib5tn5ex6oax557bapzf7wc6l5lwj6rf6734qkojcwzdtyuc36mji HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Feb 2024 21:03:29 GMT
content-type: text/html
cf-ray: 84ed242b3fee712e-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 8790
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreib5tn5ex6oax557bapzf7wc6l5lwj6rf6734qkojcwzdtyuc36mji"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: hit
x-ipfs-path: /ipfs/bafkreib5tn5ex6oax557bapzf7wc6l5lwj6rf6734qkojcwzdtyuc36mji
x-ipfs-roots: bafkreib5tn5ex6oax557bapzf7wc6l5lwj6rf6734qkojcwzdtyuc36mji
set-cookie: __cf_bm=OmJzw73eajYELcIv0IrUyRA9hi7d4MYF.nEXeEkpZkA-1706821409-1-ASbXc4Pe8wwC6wXvh6suRQEubbAxpqeaYueSWe1PLvR4B0W+aWfRrmlUePBgY38ErCobl2ttWl5vX0PpuE4h41Y=; path=/; expires=Thu, 01-Feb-24 21:33:29 GMT; domain=.cloudflare-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET add_shortcut/

0.0.0.0

0 B

URL

add_shortcut/

IP / ASN

0.0.0.0

Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreib5tn5ex6oax557bapzf7wc6l5lwj6rf6734qkojcwzdtyuc36mji#cindy@zters.com

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606025

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: add_shortcut
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache