| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css | 104.17.24.14 | 200 OK | 19 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css IP104.17.24.14:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq#product-information@lanxess.com CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (52276) Hash5222e06b77a1692fa2520a219840e6be 8b4236206a8b86af3761a244277663046d7ff7ee 0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
GET /ajax/libs/font-awesome/6.4.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cloudflare-ipfs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:42:35 GMT
content-type: text/css; charset=utf-8
content-length: 18778
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64cac444-495a"
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 646118
expires: Mon, 14 Apr 2025 05:42:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QFie%2B5AkFZljafPiHXlZBHZvl1RrQ08xGIDNsm4RNWV8spF1LbkrGIdrEaj2eCSErlSqxYZvN%2Bh6urPrqFZxha5%2BFPBywV2JvK%2F3y2z1Biwx9BQi5x6zXRkhj2gJVTE9WEnB0PmZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8793c5585c70712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.tinyurl.com/yfc4ntjy/ | 172.67.1.225 | 301 Moved Permanently | 38 kB |
URL User Request GET HTTP/2www.tinyurl.com/yfc4ntjy/ IP172.67.1.225:443
CertificateIssuerLet's Encrypt Subjecttinyurl.com Fingerprint84:03:D8:A5:59:CC:8A:4A:44:A5:81:7D:68:AA:A0:B7:86:A6:AA:44 ValiditySun, 31 Mar 2024 23:28:39 GMT - Sat, 29 Jun 2024 23:28:38 GMT
Hash83dfe0ebf8ce0fa6d60c453269520164 21313f56935ebd9de4dbc954c117cb393042b5ef ab04ad3a2b006f215276e903fbbff4ff31b182f44014ec3c35a42f292bdd3f1c
Analyzer | Verdict | Alert | OpenPhish | phishing | Adobe Inc. |
GET /yfc4ntjy/ HTTP/1.1
Host: www.tinyurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 24 Apr 2024 05:42:34 GMT
content-type: text/html; charset=UTF-8
location: https://cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq#product-information@lanxess.com
referrer-policy: unsafe-url
x-robots-tag: noindex
x-tinyurl-redirect-type: redirect
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
x-tinyurl-redirect: eyJpdiI6ImZRdWpETi9wTWNHWk1mWWRNR1k0T0E9PSIsInZhbHVlIjoieTduN3Z3MDBCZ2doT3d1aE1NakdmWFVwZVlJR0xSczVZYjRLWVZjZkVwUTZsQUJ3dVIveGljbHNobXdWWmYyNTFpeFcvcitVRzZHZG01bVN6Mlh5c1E9PSIsIm1hYyI6IjkxMjIyN2YwODQwYzdjYzE1YjQ1YjIyMDhiMjk5Mjg4YzM0ZjRlMDc3YWQ5MjdlOGY3ZmFlZDQyYTVmNDYzODIiLCJ0YWciOiIifQ==
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: EXPIRED
set-cookie: __cf_bm=cD_1bUVz5JHTHp3PW7VdSddyEF.y48oEYHWoZ2Ep3vc-1713937354-1.0.1.1-8hiS9cq2.HL_P_5_zEMKT1Lo43L1bQhYQdOWyPDIVgEQUDLDlLf76qVcDgBDUvEOR.JRaH6.vsPVAs_lbHdtTg; path=/; expires=Wed, 24-Apr-24 06:12:34 GMT; domain=.tinyurl.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8793c55249d756c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.w3schools.com/w3css/4/w3.css | 192.229.133.221 | 200 OK | 5.3 kB |
URL GET HTTP/2www.w3schools.com/w3css/4/w3.css IP192.229.133.221:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq#product-information@lanxess.com CertificateIssuerDigiCert Inc Subject*.w3schools.com Fingerprint20:AF:FF:E1:FC:DB:58:C8:05:B7:D2:97:1F:8F:A1:C6:AD:ED:59:3A ValidityWed, 03 Apr 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File typeUnicode text, UTF-8 (with BOM) text Hashba0537e9574725096af97c27d7e54f76 bd46b47d74d344f435b5805114559d45979762d5 4a7611bc677873a0f87fe21727bc3a2a43f57a5ded3b10ce33a0f371a2e6030f
GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 11584
cache-control: public,max-age=14400,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-type: text/css
date: Wed, 24 Apr 2024 05:42:35 GMT
etag: "0d6fc18b794da1:0+gzip"
last-modified: Mon, 22 Apr 2024 13:15:08 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
x-powered-by: ASP.NET
content-length: 5256
X-Firefox-Spdy: h2
|
|
| ppdefmonument.com/OIP.jpeg | 188.114.96.1 | 200 OK | 9.2 kB |
URL GET HTTP/2ppdefmonument.com/OIP.jpeg IP188.114.96.1:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq#product-information@lanxess.com CertificateIssuerLet's Encrypt Subjectppdefmonument.com FingerprintD7:02:17:C5:DD:2B:0E:B2:07:4D:C4:3D:00:F8:48:7D:82:0B:B1:B8 ValiditySun, 24 Mar 2024 13:16:31 GMT - Sat, 22 Jun 2024 13:16:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2], baseline, precision 8, 474x149, components 3 Hashb7fd0fd9175f4c7bb9e52ae5334719ca b4f9f020180d3231fb7fc2fcf7f27890e2b904f8 9696d7c05deee6bede02feda9d259d55180cf2facdb14e7f942727e6eea8f476
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /OIP.jpeg HTTP/1.1
Host: ppdefmonument.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:42:35 GMT
content-type: image/jpeg
content-length: 9219
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 05:31:34 GMT
last-modified: Thu, 28 Sep 2023 03:22:07 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 173461
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jmqPd4KtsiC76lms%2FpuxSJNkhpMNeLw59ZB%2BWTwMYmckcNY3tgSv1Z0q%2BZFvQ1I3fy1bvf60D%2Bsm4yLB1EuvqIR8h%2BVBaz%2FlQIlah8v71EIUC%2Fa2IGilj%2FIcet28mqs6qF8stw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793c558dfc0b517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ppdefmonument.com/bg1.png | 188.114.96.1 | 200 OK | 51 kB |
URL GET HTTP/2ppdefmonument.com/bg1.png IP188.114.96.1:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq#product-information@lanxess.com CertificateIssuerLet's Encrypt Subjectppdefmonument.com FingerprintD7:02:17:C5:DD:2B:0E:B2:07:4D:C4:3D:00:F8:48:7D:82:0B:B1:B8 ValiditySun, 24 Mar 2024 13:16:31 GMT - Sat, 22 Jun 2024 13:16:30 GMT
File typePNG image data, 3456 x 104, 8-bit/color RGBA, non-interlaced Hashe18251482b0cf3bb399ec3f878b46d8e 567c2238bbee3df74355dbe2ff622a9ccf3daa67 bc19ae80c5e1137d3e2c7a2b282748349de1c74f5d16713c15c57e2975fad3d1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bg1.png HTTP/1.1
Host: ppdefmonument.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:42:35 GMT
content-type: image/png
content-length: 50895
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 05:42:19 GMT
last-modified: Thu, 28 Sep 2023 03:29:26 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 16
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=589HaRHfrliMWwtJbtIUPma8IN5RZn0TzrG%2Fimb%2FYbY63DKvGi4GQMpqLtYs3nwRGKarwZwTvnB413Gkt8SUI9E9Ea%2FrU%2FRZ7DQnOpj7LIACBH%2Ba%2BE96%2BX500JZe8V5TEoxCsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793c558dfc1b517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ppdefmonument.com/bg2.png | 188.114.96.1 | 200 OK | 106 kB |
URL GET HTTP/2ppdefmonument.com/bg2.png IP188.114.96.1:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq#product-information@lanxess.com CertificateIssuerLet's Encrypt Subjectppdefmonument.com FingerprintD7:02:17:C5:DD:2B:0E:B2:07:4D:C4:3D:00:F8:48:7D:82:0B:B1:B8 ValiditySun, 24 Mar 2024 13:16:31 GMT - Sat, 22 Jun 2024 13:16:30 GMT
File typePNG image data, 870 x 1892, 8-bit/color RGBA, non-interlaced Size106 kB (106138 bytes) Hash912e4ccbee71aeada31e08b2a92bba8b 1059e84b80bd6b983601cd35967d9959af7b0475 8df560bde491345d7fe862f2ffbc1c751e4838c25ca6155bc8a78b817b9b5cbf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bg2.png HTTP/1.1
Host: ppdefmonument.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:42:35 GMT
content-type: image/png
content-length: 106138
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 05:31:34 GMT
last-modified: Thu, 28 Sep 2023 03:29:26 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 173461
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LiBbyPcdd8KWGdpRrGJbhFl%2FC4IFvhhNm53PJtqmQg33T%2FLPO4bZekosaTN%2BxZ%2FaTPIwmUaNcQiXGgzyiOPxApAdwH57Dg%2BEnoq%2BPNnfZjX8vtcKj0jqWWjmNECg6fkjnlRnSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793c558dfc2b517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ppdefmonument.com/pdf.jpeg | 188.114.96.1 | 200 OK | 626 kB |
URL GET HTTP/2ppdefmonument.com/pdf.jpeg IP188.114.96.1:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq#product-information@lanxess.com CertificateIssuerLet's Encrypt Subjectppdefmonument.com FingerprintD7:02:17:C5:DD:2B:0E:B2:07:4D:C4:3D:00:F8:48:7D:82:0B:B1:B8 ValiditySun, 24 Mar 2024 13:16:31 GMT - Sat, 22 Jun 2024 13:16:30 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 3366x4456, components 3 Size626 kB (626024 bytes) Hash2d284de97cd8b6444e4d65c00aa77a69 5b734639fb67766332e1672a5c292d8367d8cf82 39b78e0420ac5ba5e334ab88dc949fa61c47058d35a0c276aa95ecdfad491373
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pdf.jpeg HTTP/1.1
Host: ppdefmonument.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:42:35 GMT
content-type: image/jpeg
content-length: 626024
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 05:42:19 GMT
last-modified: Thu, 28 Sep 2023 03:22:08 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 16
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9xZNQyW0QPRIEerwSoNG40uOldUcrkLwXLEhHmFx7R5svjdH%2BEuqRdElgkUnknlAAZHgAHBkBWRsrVz%2FhUHi8qVUrO4%2FZ9TdXv8wAbdzhZ1w%2F8yhuxHwawmuAFEor6TBRVMwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793c558dfbeb517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ppdefmonument.com/bg3.png | 188.114.96.1 | 200 OK | 862 kB |
URL GET HTTP/2ppdefmonument.com/bg3.png IP188.114.96.1:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq#product-information@lanxess.com CertificateIssuerLet's Encrypt Subjectppdefmonument.com FingerprintD7:02:17:C5:DD:2B:0E:B2:07:4D:C4:3D:00:F8:48:7D:82:0B:B1:B8 ValiditySun, 24 Mar 2024 13:16:31 GMT - Sat, 22 Jun 2024 13:16:30 GMT
File typePNG image data, 2590 x 1888, 8-bit/color RGBA, non-interlaced Size862 kB (862354 bytes) Hash3dd4d5f82f3c5f5e8354c92e1f1d0caf 80d3f09c700f7c20beee4a7e53e6b39f4276da86 7221912111074029ad7527854c033d301d915f753886c34a7b2dd8cb70c550a2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bg3.png HTTP/1.1
Host: ppdefmonument.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:42:35 GMT
content-type: image/png
content-length: 862354
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 05:42:19 GMT
last-modified: Thu, 28 Sep 2023 03:29:27 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 16
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=22Sa06H%2FfQG897eCM1IfccY00GSX7CkQ9MVLGynv20hUeSS2MwCj%2BwP4nzUMl7YDuWbqMXZ2ki4VmXf7E7SEYg2es%2BkipFQo0XhcKE5qUmw%2BWJqg5hoS10qiIJRjjFn%2B7D5xQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793c558dfc3b517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cloudflare-ipfs.com/favicon.ico | 104.17.64.14 | 404 Not Found | 14 B |
URL GET HTTP/3cloudflare-ipfs.com/favicon.ico IP104.17.64.14:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq#product-information@lanxess.com CertificateIssuerLet's Encrypt Subjectcloudflare-ipfs.com FingerprintAF:BC:14:E3:55:D9:D8:F0:3C:8E:26:A0:4E:4A:C8:E6:13:58:A0:59 ValidityWed, 24 Apr 2024 02:22:22 GMT - Tue, 23 Jul 2024 02:22:21 GMT
File typeASCII text, with no line terminators Hashd0fbda9855d118740f1105334305c126 bc3023b36063a7681db24681472b54fa11f0d4ec a469ab4ca4e55bf547566e9ebfa1b809c933207e9d558156bc0c4252b17533fe
Analyzer | Verdict | Alert | PhishTank | phishing | Other |
GET /favicon.ico HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq
Cookie: __cf_bm=q9XZTTTyGxB_AUPJ9DXlqTpL_OXmHpOLQ2pm3pZIJ_4-1713937355-1.0.1.1-oGrEDuqbiBIFrSioGI5MnuRPlSvIhfd_FtlBRxOX7EuxoOEnolWan6X5joR50fm59ldWWR.5nqtE8aWk1lM7kQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 05:42:35 GMT
content-type: text/plain;charset=UTF-8
content-length: 14
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793c55a6d327129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2 | 104.17.24.14 | 200 OK | 150 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2 IP104.17.24.14:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq#product-information@lanxess.com CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 150020, version 772.1280 Size150 kB (150020 bytes) Hashd5e647388e2415268b700d3df2e30a0d 97f0942c6627ddd89fb62170e5cac9a2cbd6c98c 886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
GET /ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudflare-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:42:36 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150020
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "64cac444-24a04"
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 646011
expires: Mon, 14 Apr 2025 05:42:36 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7q3Qo5j9NNT%2Fn7toefQjCFVHZ1s2hAl0yXB2j9pSBSSnQhRx%2BD9yd4hirmCfbkGN8SUxkrP76PIdVskQbvINF7aseWjP7YKwrnFKSoJ4MKJ4Q1uJW9k8MM55rqADwPs%2FZsfisyuc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8793c55d2fdf712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sharepoint.com&size=32 | 142.250.74.132 | | 174 B |
URL t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sharepoint.com&size=32 IP142.250.74.132:0
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hashbc389aed0c2a7c8f164a8bd33a8b5f04 cc874db08353cca08fb7aef541e8d7bc7d8dbe52 32fdca4d0cdf1a6aa625c50b188a8ccef0ed9ed7714eb37e796049c4dc10be2b
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sharepoint.com&size=32 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://www.microsoft.com/favicon.ico?v2
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 19:53:39 GMT
expires: Tue, 30 Apr 2024 19:53:39 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 35337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://office.com&size=32 | 142.250.74.100 | | 1.7 kB |
URL t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://office.com&size=32 IP142.250.74.100:0
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash17543f144a8f1b5bc0df5f3d022aafea 0c7ca71c9b9ea30c4e02dea0930d93c201ff6509 3597818352d6d037005169f79443ffa9cc4a40efe21d1b2f6d2966ab209adcd4
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://office.com&size=32 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://res.cdn.office.net/officehub/images/content/images/favicon_m365-31d62b976c.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 1735
date: Wed, 24 Apr 2024 05:42:36 GMT
expires: Wed, 01 May 2024 05:42:36 GMT
cache-control: public, max-age=604800
last-modified: Tue, 23 Apr 2024 21:47:53 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sharepoint.com&size=32 | 142.250.74.132 | 200 OK | 174 B |
URL GET HTTP/2t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sharepoint.com&size=32 IP142.250.74.132:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq#product-information@lanxess.com CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hashbc389aed0c2a7c8f164a8bd33a8b5f04 cc874db08353cca08fb7aef541e8d7bc7d8dbe52 32fdca4d0cdf1a6aa625c50b188a8ccef0ed9ed7714eb37e796049c4dc10be2b
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sharepoint.com&size=32 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://www.microsoft.com/favicon.ico?v2
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 19:53:39 GMT
expires: Tue, 30 Apr 2024 19:53:39 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 35337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq | 104.17.64.14 | 200 OK | 148 kB |
URL User Request GET HTTP/2cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq IP104.17.64.14:443
CertificateIssuerLet's Encrypt Subjectcloudflare-ipfs.com FingerprintAF:BC:14:E3:55:D9:D8:F0:3C:8E:26:A0:4E:4A:C8:E6:13:58:A0:59 ValidityWed, 24 Apr 2024 02:22:22 GMT - Tue, 23 Jul 2024 02:22:21 GMT
Size148 kB (147766 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | PhishTank | phishing | Other |
GET /ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:42:35 GMT
content-type: text/html
cf-ray: 8793c554081156b1-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 35336
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: hit
x-ipfs-path: /ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq
x-ipfs-roots: bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq
set-cookie: __cf_bm=q9XZTTTyGxB_AUPJ9DXlqTpL_OXmHpOLQ2pm3pZIJ_4-1713937355-1.0.1.1-oGrEDuqbiBIFrSioGI5MnuRPlSvIhfd_FtlBRxOX7EuxoOEnolWan6X5joR50fm59ldWWR.5nqtE8aWk1lM7kQ; path=/; expires=Wed, 24-Apr-24 06:12:35 GMT; domain=.cloudflare-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://office.com&size=32 | 142.250.74.100 | 200 OK | 1.7 kB |
URL GET HTTP/2t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://office.com&size=32 IP142.250.74.100:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq#product-information@lanxess.com CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash17543f144a8f1b5bc0df5f3d022aafea 0c7ca71c9b9ea30c4e02dea0930d93c201ff6509 3597818352d6d037005169f79443ffa9cc4a40efe21d1b2f6d2966ab209adcd4
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://office.com&size=32 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://res.cdn.office.net/officehub/images/content/images/favicon_m365-31d62b976c.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 1735
date: Wed, 24 Apr 2024 05:42:36 GMT
expires: Wed, 01 May 2024 05:42:36 GMT
cache-control: public, max-age=604800
last-modified: Tue, 23 Apr 2024 21:47:53 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ppdefmonument.com/?getemailinfo=product-information@lanxess.com&url=https://cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq&rbox=rom.gene&dq=null | 188.114.96.1 | 200 OK | 2.7 kB |
URL GET HTTP/2ppdefmonument.com/?getemailinfo=product-information@lanxess.com&url=https://cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq&rbox=rom.gene&dq=null IP188.114.96.1:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq#product-information@lanxess.com CertificateIssuerLet's Encrypt Subjectppdefmonument.com FingerprintD7:02:17:C5:DD:2B:0E:B2:07:4D:C4:3D:00:F8:48:7D:82:0B:B1:B8 ValiditySun, 24 Mar 2024 13:16:31 GMT - Sat, 22 Jun 2024 13:16:30 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2989), with no line terminators Hashefe9c8de6c70f4f996b406df14699acc 1124ba2791790ba6174ed567925db5f24708e60e 7ee53b0aa79a758fc71023b5491f896a2dbca97e48cdbefdfb80ace945f727d1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?getemailinfo=product-information@lanxess.com&url=https://cloudflare-ipfs.com/ipfs/bafkreiamkaj64ctc5sbivh7xghecte7yrxuj3ba3lebjedc34ewfo2eznq&rbox=rom.gene&dq=null HTTP/1.1
Host: ppdefmonument.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudflare-ipfs.com/
Origin: https://cloudflare-ipfs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:42:36 GMT
content-type: application/json; charset=utf-8
x-powered-by: PHP/8.0.30
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, X-Request-With
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZA%2FOD9ih5KM%2BAW3SJgMZ0BkAu0CS0CtDSIJSs6d2ooo10nurpZjugKNeU3I6g2EtDnWM3ww74BVG71zJgppXjC2NgJiBrOPGDOj8UEmkPZVUM1Xin7fwI5H5kDdC6Vqbd0YI%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793c5593e0256bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|