Report - cloudflare-ipfs.com/ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm

Report Overview

Submitted URL
cloudflare-ipfs.com/ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm
IP
104.17.96.13
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-08 15:50:16
Access
public
Website Title
Download Document - Adobe Sign In
Final URL
cloudflare-ipfs.com/ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm
Tags
adobe phishing
urlquery detections
Phishing - Adobe

Detections

urlquery
4
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cloudflare-ipfs.com	75147	2018-05-30	2021-01-20	2024-03-15	1.9 kB	53 kB	104.17.96.13
encrypted-tbn0.gstatic.com	unknown	2008-02-11	2013-05-31	2024-05-07	495 B	8.3 kB	142.250.74.174
cdn.siasat.com	651262	1996-12-03	2014-05-29	2024-03-02	460 B	7.0 kB	148.251.232.158
www.wqe.16mb.com	unknown	2002-07-16	2016-09-29	2018-04-24	417 B	0 B	0.0.0.0
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-08	434 B	32 kB	216.58.211.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	cloudflare-ipfs.com/ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm	Adobe Inc.

PhishTank

Scan Date	Severity	Indicator	Alert
2023-05-02	medium	cloudflare-ipfs.com/ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm	Other
2023-05-02	medium	cloudflare-ipfs.com/favicon.ico	Other
2023-05-02	medium	cloudflare-ipfs.com/ipfs/images/bg_form.png	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-05-20
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 216.58.211.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-20 01:34:17 Times Seen145671 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	cloudflare-ipfs.com/ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm	4.4 kB	2024-05-08	2024-05-08
Pretty URL cloudflare-ipfs.com/ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 17:50:20 Last Seen2024-05-08 17:50:20 Times Seen1 Hash 738c5b9b76d8614b41e14c6235307585 6838a63e192f144a5045d6119a6033bfcb4042d4 1571c0f37fa5d1990ec8046ed4df4ccb5d1cb101589bc64789639da59b6c1bd7 Loading...

HTTP Transactions (7)

URL IP Response Size

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

216.58.211.10

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
216.58.211.10:443
ASN
#15169 GOOGLE

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 10:06:43 GMT
expires: Sat, 03 May 2025 10:06:43 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 452589
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cloudflare-ipfs.com/ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm

104.17.96.13

200 OK

51 kB

URL User Request GET HTTP/2
cloudflare-ipfs.com/ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
FingerprintAF:BC:14:E3:55:D9:D8:F0:3C:8E:26:A0:4E:4A:C8:E6:13:58:A0:59
ValidityWed, 24 Apr 2024 02:22:22 GMT - Tue, 23 Jul 2024 02:22:21 GMT

File type
HTML document, ASCII text, with very long lines (65197), with CRLF line terminators
Size
51 kB (51174 bytes)
Hash
53a05a8abcb297e451b5087c4bad5c2d
9bb22b037961cc02fbd37a054695fa2bd539284b
7f3c9ce77b032870e726b5991df1d3500e169809efac14d796a7694b5d47171c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Adobe
OpenPhish	phishing	Adobe Inc.
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:49:51 GMT
content-type: text/html
cf-ray: 880a9a231a91b50c-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm
x-ipfs-roots: bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm
set-cookie: __cf_bm=gDVKx_531lhco8EuJJiB5fB8casN4hR4EiMGsm.YTS0-1715183391-1.0.1.1-tQ3P8eczTIQyNidVj6pm86wIrPrfDceUTdrYJVj3y6g8rBFHzrWyju4PI1dS0NLKCaU_9BSE.Ft7H9tAXatJjQ; path=/; expires=Wed, 08-May-24 16:19:51 GMT; domain=.cloudflare-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRGA-AAufqAvH_jrYtr_AztiK6QCMXUXp6vxIwAP23kiRbekdSl

142.250.74.174

200 OK

7.5 kB

URL GET HTTP/2
encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRGA-AAufqAvH_jrYtr_AztiK6QCMXUXp6vxIwAP23kiRbekdSl
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 250 x 202, 8-bit colormap, non-interlaced
Size
7.5 kB (7494 bytes)
Hash
97642e51f89aa1e231a5191667f626c6
38d6fad01d601076c0cb01335d43350410f19375
de2c1a0cfc9fe2a92c3151d4ac11a5582323963d7107258571ab420819e4b97c

HTTP Headers

GET /images?q=tbn:ANd9GcRGA-AAufqAvH_jrYtr_AztiK6QCMXUXp6vxIwAP23kiRbekdSl HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 7494
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 13:07:34 GMT
expires: Thu, 08 May 2025 13:07:34 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 27 Jul 2019 08:06:30 GMT
content-type: image/png
age: 9738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cloudflare-ipfs.com/favicon.ico

104.17.96.13

404 Not Found

14 B

URL GET HTTP/3
cloudflare-ipfs.com/favicon.ico
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm
Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
FingerprintAF:BC:14:E3:55:D9:D8:F0:3C:8E:26:A0:4E:4A:C8:E6:13:58:A0:59
ValidityWed, 24 Apr 2024 02:22:22 GMT - Tue, 23 Jul 2024 02:22:21 GMT

File type
ASCII text, with no line terminators
Size
14 B (14 bytes)
Hash
d0fbda9855d118740f1105334305c126
bc3023b36063a7681db24681472b54fa11f0d4ec
a469ab4ca4e55bf547566e9ebfa1b809c933207e9d558156bc0c4252b17533fe

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Adobe
PhishTank	phishing	Other

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm
Cookie: __cf_bm=gDVKx_531lhco8EuJJiB5fB8casN4hR4EiMGsm.YTS0-1715183391-1.0.1.1-tQ3P8eczTIQyNidVj6pm86wIrPrfDceUTdrYJVj3y6g8rBFHzrWyju4PI1dS0NLKCaU_9BSE.Ft7H9tAXatJjQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Wed, 08 May 2024 15:49:52 GMT
content-type: text/plain;charset=UTF-8
content-length: 14
vary: Accept-Encoding
server: cloudflare
cf-ray: 880a9a2c2c89569c-OSL
alt-svc: h3=":443"; ma=86400

cloudflare-ipfs.com/ipfs/images/bg_form.png

104.17.96.13

400 Bad Request

99 B

URL GET HTTP/3
cloudflare-ipfs.com/ipfs/images/bg_form.png
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm
Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
FingerprintAF:BC:14:E3:55:D9:D8:F0:3C:8E:26:A0:4E:4A:C8:E6:13:58:A0:59
ValidityWed, 24 Apr 2024 02:22:22 GMT - Tue, 23 Jul 2024 02:22:21 GMT

File type
ASCII text
Size
99 B (99 bytes)
Hash
e6902d6fd4e62fc1c930b9d04001cc22
c94af29ffa5dcdcc021ffc24e0e3f308f64649ac
ee3dad260a7dc888a247957c0a6d273f429425ace38838301f5fb4a291c8d0ba

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Adobe
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/images/bg_form.png HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm
Cookie: __cf_bm=gDVKx_531lhco8EuJJiB5fB8casN4hR4EiMGsm.YTS0-1715183391-1.0.1.1-tQ3P8eczTIQyNidVj6pm86wIrPrfDceUTdrYJVj3y6g8rBFHzrWyju4PI1dS0NLKCaU_9BSE.Ft7H9tAXatJjQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 400 Bad Request
date: Wed, 08 May 2024 15:49:53 GMT
content-type: text/plain; charset=utf-8
content-length: 99
cf-ray: 880a9a2a79f7569c-OSL
cf-cache-status: MISS
cache-control: no-store
vary: Accept-Encoding
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400

cdn.siasat.com/wp-content/uploads/2023/06/adobe-780x470.jpg

148.251.232.158

200 OK

6.4 kB

URL GET HTTP/2
cdn.siasat.com/wp-content/uploads/2023/06/adobe-780x470.jpg
IP
148.251.232.158:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm
Certificate
IssuerLet's Encrypt
Subjectsiasat.com
Fingerprint85:93:68:A6:75:F1:93:BF:18:43:2E:53:65:E5:BC:00:0E:4D:D3:68
ValiditySat, 16 Mar 2024 09:34:01 GMT - Fri, 14 Jun 2024 09:34:00 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 780x469, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.4 kB (6396 bytes)
Hash
426290415eb820f8ebdf5cb60c1a3deb
73e65f2f06d2756be33e57af9d18edc1b74deb63
74f0400443882ba6680c617f876edfc0a78f4296c2aa7eacb7da1f6ffe126094

HTTP Headers

GET /wp-content/uploads/2023/06/adobe-780x470.jpg HTTP/1.1
Host: cdn.siasat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 15:49:52 GMT
content-type: image/webp
content-length: 6396
last-modified: Fri, 16 Jun 2023 08:56:13 GMT
etag: "648c23ad-18fc"
x-request-id: b336e65a4e0f6a2757e028057c320b13
x-presslabs-cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age = 315360000
strict-transport-security: max-age=31536000; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding
accept-ranges: bytes
X-Firefox-Spdy: h2

www.wqe.16mb.com/b/Adobe%20Sign%20In_files/pdf-logo.png

0.0.0.0

0 B

URL GET
www.wqe.16mb.com/b/Adobe%20Sign%20In_files/pdf-logo.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeihro73pa7ajdmulc5pkad2s6sicjc4qglu6cv5qhrq4q366nxurwm

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/Adobe%20Sign%20In_files/pdf-logo.png HTTP/1.1
Host: www.wqe.16mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (7)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP