Report - ipfs.io/ipfs/bafybeifaone4hqkq3hq76iv4ktjh3befsjxuv23t3uuftubbovefqhgdpm/sunddcftsiAdayEJKnewwt.html

Report Overview

Visited public
2023-11-29 13:58:58
Tags
phishing
URL
ipfs.io/ipfs/bafybeifaone4hqkq3hq76iv4ktjh3befsjxuv23t3uuftubbovefqhgdpm/sunddcftsiAdayEJKnewwt.html
Finishing URL
ipfs.io/ipfs/bafybeifaone4hqkq3hq76iv4ktjh3befsjxuv23t3uuftubbovefqhgdpm/sunddcftsiAdayEJKnewwt.html
IP / ASN
209.94.90.1
#40680 PROTOCOL
Title
Sharing Link Validation
Phishing - Generic phishing

Detections

urlquery

2

Network Intrusion Detection

3

Threat Detection Systems

0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ipfs.io	41400	2014-05-16	2015-09-09 06:41:36	2023-11-29 08:22:34	525 B	776 B	209.94.90.1
ipfs.tech	unknown	2020-05-28	2021-02-03 22:11:02	2023-11-22 23:26:20	422 B	1.4 kB	0.0.0.0
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-11-29 05:10:47	465 B	7.2 kB	104.17.25.14
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-11-29 08:06:50	440 B	24 kB	151.101.194.137
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-11-29 06:55:16	434 B	31 kB	142.250.74.138

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-29 13:58:44	medium	Client IP	Internal IP	ET INFO Peer-to-Peer File Sharing Service Domain in DNS Lookup (ipfs .io)
2023-11-29 13:58:44	medium	Client IP	Internal IP	ET INFO Peer-to-Peer File Sharing Service Domain in DNS Lookup (ipfs .io)
2023-11-29 13:58:44	medium	Client IP	209.94.90.1	ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	ScriptElement	19 kB	2023-03-07	2025-05-09
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 08:21 Times Seen72182 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	ScriptElement	49 kB	2023-03-07	2025-05-09
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 09:26 Times Seen74819 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	ScriptElement	86 kB	2023-03-07	2025-05-09
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 09:37 Times Seen173905 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	ScriptElement	51 kB	2023-03-07	2025-05-09
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 08:21 Times Seen98870 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	ipfs.io/ipfs/bafybeifaone4hqkq3hq76iv4ktjh3befsjxuv23t3uuftubbovefqhgdpm/sunddcftsiAdayEJKnewwt.html	ScriptElement	4.9 kB	2024-08-20	2024-08-20
Pretty URL ipfs.io/ipfs/bafybeifaone4hqkq3hq76iv4ktjh3befsjxuv23t3uuftubbovefqhgdpm/sunddcftsiAdayEJKnewwt.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:27 Last Seen2024-08-20 17:27 Times Seen1 Hash 268fcc4537be5373cc785dcbb60e5b9c 86dca6d5fd1c3f55468c039de19a75be8ca36d1c 5f7386f7ccbb946c2c70d80ebe0c8948d619ab89a1f163f18b99e0ca646bcda5 Loading...

	code.jquery.com/jquery-3.2.1.slim.min.js	ScriptElement	70 kB	2023-03-07	2025-05-09
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 08:21 Times Seen57115 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

HTTP Transactions (5)

	URL	IP	Response	Size
	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	104.17.25.14		6.2 kB
URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.25.14:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (19015) Size 6.2 kB (6157 bytes) Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 HTTP Headers `GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://ipfs.io DNT: 1 Connection: keep-alive Referer: https://ipfs.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Wed, 29 Nov 2023 13:58:40 GMT content-type: application/javascript; charset=utf-8 content-length: 6157 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03fa9-4af4" last-modified: Mon, 04 May 2020 16:15:37 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 368337 expires: Mon, 18 Nov 2024 13:58:40 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3GZ3CDPcFlB4Lbmj5Gj1DDVPtu57Yy0QXKvNjOmXeBr8svt0p0a3CcbtFocpVaSZPsNmLXzdGhP4Ieh4ak%2BpB1xWVKC3JpQEw%2FNffbTKi6nqXL7sfWTmQ7QSSeWujEAqMq7UlBn"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 82db5de96f4156c6-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	code.jquery.com/jquery-3.2.1.slim.min.js	151.101.194.137	200 OK	24 kB
URL GET HTTP/2 code.jquery.com/jquery-3.2.1.slim.min.js IP 151.101.194.137:443 ASN #54113 FASTLY Requested by https://ipfs.io/ipfs/bafybeifaone4hqkq3hq76iv4ktjh3befsjxuv23t3uuftubbovefqhgdpm/sunddcftsiAdayEJKnewwt.html Certificate IssuerSectigo Limited Subject.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT File type ASCII text, with very long lines (32012) Size 24 kB (23856 bytes) Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 HTTP Headers `GET /jquery-3.2.1.slim.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://ipfs.io DNT: 1 Connection: keep-alive Referer: https://ipfs.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT etag: W/"28feccc0-10fdd" cache-control: public, max-age=31536000, stale-while-revalidate=604800 access-control-allow-origin: * content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Wed, 29 Nov 2023 13:58:40 GMT age: 6362521 x-served-by: cache-lga21963-LGA, cache-bma1656-BMA x-cache: HIT, HIT x-cache-hits: 22, 1087 x-timer: S1701266321.919060,VS0,VE0 vary: Accept-Encoding content-length: 23856 X-Firefox-Spdy: h2

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	142.250.74.138		30 kB
URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.138:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (32065) Size 30 kB (30028 bytes) Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e HTTP Headers `GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ipfs.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 30028 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 26 Nov 2023 17:06:19 GMT expires: Mon, 25 Nov 2024 17:06:19 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 last-modified: Tue, 03 Mar 2020 19:15:00 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding age: 247942 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ipfs.io/favicon.ico	209.94.90.1		166 B
URL GET ipfs.io/favicon.ico IP 209.94.90.1:0 ASN #40680 PROTOCOL Requested by https://ipfs.io/ipfs/bafybeifaone4hqkq3hq76iv4ktjh3befsjxuv23t3uuftubbovefqhgdpm/sunddcftsiAdayEJKnewwt.html Certificate IssuerLet's Encrypt Subjectdweb.link Fingerprint8B:0B:A0:28:A6:81:DF:E9:49:F0:E9:A3:20:69:C6:07:BE:D6:16:2C ValidityMon, 20 Nov 2023 14:59:23 GMT - Sun, 18 Feb 2024 14:59:22 GMT File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 166 B (166 bytes) Hash 3ea1c8d079b38532a6e01a96216ba5e2 598d3ff91d3e252f1e13df8cf0348b270ff2da3f 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691 HTTP Headers GET /favicon.ico HTTP/1.1 Host: ipfs.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ipfs.io/ipfs/bafybeifaone4hqkq3hq76iv4ktjh3befsjxuv23t3uuftubbovefqhgdpm/sunddcftsiAdayEJKnewwt.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 301 Moved Permanently server: openresty date: Wed, 29 Nov 2023 13:58:41 GMT content-type: text/html content-length: 166 location: https://ipfs.tech/favicon.ico access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output x-ipfs-lb-pop: gateway-bank3-fr2 x-bfid: 3dfd510d3528a847f88d5cf764b33df2 strict-transport-security: max-age=31536000; includeSubDomains; preload X-Firefox-Spdy: h2

	ipfs.tech/favicon.ico	0.0.0.0		0 B
URL GET ipfs.tech/favicon.ico IP 0.0.0.0:0 ASN #0 Requested by https://ipfs.io/ipfs/bafybeifaone4hqkq3hq76iv4ktjh3befsjxuv23t3uuftubbovefqhgdpm/sunddcftsiAdayEJKnewwt.html Certificate IssuerLet's Encrypt Subjectipfs.tech Fingerprint60:78:6A:3D:DF:63:A4:51:10:A1:72:F5:88:23:D2:5A:79:3F:90:0A ValidityThu, 16 Nov 2023 20:10:00 GMT - Wed, 14 Feb 2024 20:09:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: ipfs.tech User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ipfs.io/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Wed, 29 Nov 2023 13:58:41 GMT content-type: image/x-icon vary: Accept-Encoding server: BunnyCDN-FR1-1187 cdn-pullzone: 1567618 cdn-uid: 070ccd6e-b4b0-4c90-b45a-e26d7534205d cdn-requestcountrycode: NO access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With access-control-allow-methods: GET, HEAD, OPTIONS access-control-allow-origin: * access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output cache-control: max-age=60, stale-while-revalidate=3600 etag: W/"QmULFXXZMtQ2wCXDU6L8d9R4bYiQi7GpENhhZFF7ctPJDT" x-ipfs-path: /ipfs/bafybeidfqp36qutohidaaapir743mvjefv5ipkbrvqx3li3x6vm47vrdam/favicon.ico x-ipfs-roots: bafybeidfqp36qutohidaaapir743mvjefv5ipkbrvqx3li3x6vm47vrdam,QmULFXXZMtQ2wCXDU6L8d9R4bYiQi7GpENhhZFF7ctPJDT strict-transport-security: max-age=31536000; includeSubDomains x-request-id: 9690752011be1623ccae271895f2ebd2 referrer-policy: strict-origin-when-cross-origin content-security-policy: upgrade-insecure-requests x-xss-protection: 0 x-content-type-options: nosniff x-cache-status: MISS cdn-proxyver: 1.04 cdn-requestpullsuccess: True cdn-requestpullcode: 200 cdn-cachedat: 11/27/2023 21:38:07 cdn-edgestorageid: 1186 cdn-status: 200 cdn-requestid: f3d1b8ad83684f49973afb2e162bc3ba cdn-cache: HIT content-encoding: br X-Firefox-Spdy: h2