Report - cloudflare-ipfs.com/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html

Report Overview

Visited public
2024-06-08 23:36:56
Tags
URL
cloudflare-ipfs.com/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html
Finishing URL
ipfs.io/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html
IP / ASN
104.17.96.13
#13335 CLOUDFLARENET
Title
ipfs.io/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cloudflare-ipfs.com	75147	2018-05-30	2021-01-20 15:49:19	2024-05-29 19:05:53	556 B	585 B	104.17.64.14
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2024-06-08 19:09:01	423 B	28 kB	104.17.24.14
logo.clearbit.com	27344	2003-07-04	2015-06-30 18:39:45	2024-06-08 18:25:19	405 B	514 B	18.239.36.13
ipfs.io	41400	2014-05-16	2015-09-09 06:41:36	2024-06-08 16:55:16	1.0 kB	12 kB	209.94.90.1
ipfs.tech	unknown	2020-05-28	2021-02-03 22:11:02	2024-06-05 09:05:23	410 B	1.4 kB	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-06-08 23:36:31	low	Client IP	104.17.64.14	ET INFO Peer to Peer File Sharing Service Domain in TLS SNI (cloudflare-ipfs .com)
2024-06-08 23:36:31	medium	Client IP	209.94.90.1	ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-06-05	medium	cloudflare-ipfs.com/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html	Generic/Spear Phishing
2024-06-05	medium	ipfs.io/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html	Generic/Spear Phishing

PhishTank

Scan Date	Severity	Indicator	Alert
2023-05-02	medium	cloudflare-ipfs.com/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	From	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-05-11
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 03:19 Times Seen57531 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	ipfs.io/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL ipfs.io/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 03:51 Times Seen4650612 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (6)

URL IP Response Size

cloudflare-ipfs.com/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html

104.17.64.14

302 Found

0 B

URL User Request GET HTTP/2
cloudflare-ipfs.com/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
FingerprintAF:BC:14:E3:55:D9:D8:F0:3C:8E:26:A0:4E:4A:C8:E6:13:58:A0:59
ValidityWed, 24 Apr 2024 02:22:22 GMT - Tue, 23 Jul 2024 02:22:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 08 Jun 2024 23:36:31 GMT
content-length: 0
location: https://ipfs.io/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html
set-cookie: __cf_bm=xnWtovQQOJAxYq5yz7zuapYIeGkOVHJVCZTYKH3JHdg-1717889791-1.0.1.1-XvhWyRFpHfTe3Z4p0Tq4OVuEOmfl1EhBpqiFZiPcnvswbIgojg_xIvqP8UeUBADdmvH8u6NxUO7Y3DegX10hDw; path=/; expires=Sun, 09-Jun-24 00:06:31 GMT; domain=.cloudflare-ipfs.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 890cb45bccda10b5-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

104.17.24.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipfs.io/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html
Certificate
IssuerLet's Encrypt
Subjectcdnjs.cloudflare.com
Fingerprint3B:5B:7C:DD:19:E8:16:5A:09:22:D6:1E:03:84:8D:B9:A1:32:BF:8E
ValiditySun, 02 Jun 2024 00:47:32 GMT - Sat, 31 Aug 2024 00:47:31 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
27 kB (27433 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipfs.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 08 Jun 2024 23:36:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 27433
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1538f"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 878759
expires: Thu, 29 May 2025 23:36:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RgnswBJnfFgYxx7ONCO%2F1NQ5V44ggRiGCT50nhhRph%2F9v4CVMY1C05UWR36zFN4NF2jgiYHqjTPQOeMZPntcwFFva23vom1vcyqHq1Tmv9Tt3A4jEV2MsBiVxHid0D0VZaeHAGdE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 890cb45ede4b8f5a-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

logo.clearbit.com/

18.239.36.13

400 Bad Request

23 B

URL GET HTTP/2
logo.clearbit.com/
IP
18.239.36.13:443
ASN
#16509 AMAZON-02

Requested by
https://ipfs.io/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html
Certificate
IssuerAmazon
Subjectclearbit.com
FingerprintCE:16:94:BB:21:1F:D1:5C:C5:B1:B0:D0:51:6C:C5:26:30:0D:59:72
ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT

File type
ASCII text
Size
23 B (23 bytes)
Hash
6ec26fb8a65967babf1899ea3b0f16a1
607887802c91eae8b557ce153e1cc24e0f27bc64
9060c4b05ac95688fc5409f287057a2b818ee9da16c7b25bbdceff71f11482d1

HTTP Headers

GET / HTTP/1.1
Host: logo.clearbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipfs.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 400 Bad Request
content-type: text/plain; charset=utf-8
content-length: 23
date: Sat, 08 Jun 2024 23:36:32 GMT
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Error from cloudfront
via: 1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amz-cf-id: XW589MCkBot7tTzXjPr4JMIa0RltDpkWjDaCHVGfbKQSd-Wp3viOsw==
X-Firefox-Spdy: h2

ipfs.io/favicon.ico

209.94.90.1

4.2 kB

URL GET
ipfs.io/favicon.ico
IP
209.94.90.1:0
ASN
#40680 PROTOCOL

Requested by
https://ipfs.io/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html
Certificate
IssuerGoogle Trust Services LLC
Subjectipfs.io
Fingerprint07:58:C3:22:5D:BD:99:F6:5C:4D:37:65:3F:B9:C3:4C:B7:02:C2:46
ValidityTue, 16 Apr 2024 16:23:44 GMT - Mon, 15 Jul 2024 16:23:43 GMT

File type
data
Size
4.2 kB (4216 bytes)
Hash
a5741a1f51c0f04309739cfe64ec52e1
eccfb7a9e587da28d1bf43b0f913fed3b42d424d
bcc66eaca3dd2f1031d1d019f7b24ff5ab1db637745a71b8c8606b99909b5d16

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ipfs.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipfs.io/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Sat, 08 Jun 2024 23:36:32 GMT
content-type: text/html
location: https://ipfs.tech/favicon.ico
x-ipfs-pop: rainbow-am6-01
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 890cb4601d61be49-CPH
alt-svc: h3=":443"; ma=86400

ipfs.io/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html

209.94.90.1

200 OK

7.0 kB

URL User Request GET HTTP/2
ipfs.io/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Certificate
IssuerGoogle Trust Services LLC
Subjectipfs.io
Fingerprint07:58:C3:22:5D:BD:99:F6:5C:4D:37:65:3F:B9:C3:4C:B7:02:C2:46
ValidityTue, 16 Apr 2024 16:23:44 GMT - Mon, 15 Jul 2024 16:23:43 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
7.0 kB (7013 bytes)
Hash
04a63323f747130f5b301e84a2344f12
c0f465539108be685abca1ec35ddb95deeb6c24b
62baa1cb512ba977b9f09c3fbeb8abab18e1e2a188cce1c0e076d4897f450b60

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html HTTP/1.1
Host: ipfs.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 08 Jun 2024 23:36:31 GMT
content-type: text/html
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html
x-ipfs-roots: bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha,QmfBGrbJJwkVdYCfiaQsCgMk1jUePwQmnEnHotdteCzYfi
x-ipfs-pop: rainbow-am6-01
cf-cache-status: HIT
age: 140059
vary: Accept-Encoding
server: cloudflare
cf-ray: 890cb45cb8f19309-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ipfs.tech/favicon.ico

0.0.0.0

0 B

URL GET
ipfs.tech/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://ipfs.io/ipfs/bafybeihq2ciubswtdbckickyhhq2zlurw3qdf65rbwd4ggevy6e3zsj6ha/JAVASCRIPT12.html
Certificate
IssuerLet's Encrypt
Subjectipfs.tech
Fingerprint7C:58:21:DC:4F:44:28:A0:A2:63:61:3E:B0:79:21:5E:5F:A0:BE:11
ValiditySat, 18 May 2024 05:12:15 GMT - Fri, 16 Aug 2024 05:12:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ipfs.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.io/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 08 Jun 2024 23:36:32 GMT
content-type: image/x-icon
vary: Accept-Encoding
server: BunnyCDN-ES1-895
cdn-pullzone: 2016121
cdn-uid: 070ccd6e-b4b0-4c90-b45a-e26d7534205d
cdn-requestcountrycode: NO
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: max-age=60, stale-while-revalidate=3600
etag: W/"QmULFXXZMtQ2wCXDU6L8d9R4bYiQi7GpENhhZFF7ctPJDT"
cdn-cachedat: 04/28/2024 13:51:27
x-ipfs-path: /ipfs/bafybeigi77rim3p5tw3upw2ca4ep5ng7uaarvrz46zidd2ai6cjh46yxoy/favicon.ico
x-ipfs-roots: bafybeigi77rim3p5tw3upw2ca4ep5ng7uaarvrz46zidd2ai6cjh46yxoy,QmULFXXZMtQ2wCXDU6L8d9R4bYiQi7GpENhhZFF7ctPJDT
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: d11de914c93bce2139a1bcd4aa45debb
referrer-policy: strict-origin-when-cross-origin
content-security-policy: upgrade-insecure-requests
x-xss-protection: 0
x-content-type-options: nosniff
x-cache-status: MISS
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 895
cdn-status: 200
cdn-requestid: 0ed33d1714d4b319999b73a8a13d431e
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (6)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size