Report - cf-ipfs.com/ipfs/QmPkxJED3Fb2sHpjZ1QyjFuAuuktBdWCsvty9NVB5gE4bD/mail_delivery

Report Overview

Submitted URL
cf-ipfs.com/ipfs/QmPkxJED3Fb2sHpjZ1QyjFuAuuktBdWCsvty9NVB5gE4bD/mail_delivery_pil1904.html
IP
104.17.64.14
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-17 16:06:26
Access
public
Website Title
PDF Online
Final URL
bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/mail_delivery_pil1904.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-04-17	512 B	142 kB	104.18.11.207
cf-ipfs.com	655312	2018-12-05	2018-12-20	2024-04-16	544 B	1.1 kB	104.17.96.13
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-17	520 B	3.4 kB	104.17.25.14
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-04-17	470 B	22 kB	104.16.85.20
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-17	996 B	64 kB	142.250.74.42
bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com	unknown	2018-12-05	2023-04-29	2024-03-17	557 B	32 kB	104.17.96.13
www.adobe.com	2202	1986-11-17	2018-06-13	2024-04-16	532 B	1.7 kB	80.239.138.18

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-17	medium	cf-ipfs.com/ipfs/QmPkxJED3Fb2sHpjZ1QyjFuAuuktBdWCsvty9NVB5gE4bD/mail_delivery_pil1904.html	Adobe Inc.
2024-04-15	medium	bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/mail_delivery_pil1904.html	Adobe Inc.

PhishTank

Scan Date	Severity	Indicator	Alert
2023-04-29	medium	cf-ipfs.com/ipfs/QmPkxJED3Fb2sHpjZ1QyjFuAuuktBdWCsvty9NVB5gE4bD/mail_delivery_pil1904.html	Other
2023-04-29	medium	bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/mail_delivery_pil1904.html	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-30
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-30 11:19:41 Times Seen140384 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/mail_delivery_pil1904.html	80 B	2023-03-07	2024-04-17
Pretty URL bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/mail_delivery_pil1904.html IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 18:21:19 Last Seen2024-04-17 18:06:27 Times Seen103 Hash 89012a41e214770c70aa2653a8888df9 5e05aa63212b3c6cf6f06d7a96a9568ac2d361b0 0189b861ce100b297c946a22c735dcd11ded8b29927c1112025251f33142dd4a Loading...

	cdn.jsdelivr.net/npm/sweetalert2@11	76 kB	2024-04-17	2024-04-29
Pretty URL cdn.jsdelivr.net/npm/sweetalert2@11 IP 104.16.85.20 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 18:06:27 Last Seen2024-04-29 07:36:17 Times Seen36 Hash 230c939d3b3fc96a5cf7fec7d22891c0 5c664950c68e5630583db458390152ad0e1c64d9 ef7aceda0ec9484ac6f22b195c2b1edfd29fe721ae78f823cafa2dffc71108d4 Loading...

	bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/mail_delivery_pil1904.html	28 kB	2023-04-28	2024-04-17
Pretty URL bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/mail_delivery_pil1904.html IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-28 07:18:01 Last Seen2024-04-17 18:06:27 Times Seen48 Hash 61f7beead320a55ee0d7d444fe9d121f 51c77f0be8e56562004ce57db3830b0227634c68 cc31898b29b0c7061ea7292e11e90d07d9c69e9c67ba54fce95061e502e452e5 Loading...

	unknown	79 B	2023-04-11	2024-04-30
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38:58 Last Seen2024-04-30 11:10:21 Times Seen124974 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	unknown	37 B	2023-04-11	2024-04-30
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31:25 Last Seen2024-04-30 11:33:26 Times Seen232770 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	unknown	33 B	2023-04-28	2024-04-17
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-28 07:18:01 Last Seen2024-04-17 18:06:27 Times Seen80 Hash 17327ab9c86a2ca024d8ca66afc42537 7b7de953429cb85d35d4554d8607457e8f5a5f9e 80c5275fa757428eb2b075327597f9f2f3e7da9516167747c0669c11207c84c1 Loading...

HTTP Transactions (8)

URL IP Response Size

cf-ipfs.com/ipfs/QmPkxJED3Fb2sHpjZ1QyjFuAuuktBdWCsvty9NVB5gE4bD/mail_delivery_pil1904.html

104.17.96.13

301 Moved Permanently

146 B

URL User Request GET HTTP/2
cf-ipfs.com/ipfs/QmPkxJED3Fb2sHpjZ1QyjFuAuuktBdWCsvty9NVB5gE4bD/mail_delivery_pil1904.html
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint52:AB:96:DB:E9:BE:89:E5:DD:52:F1:32:96:17:32:F0:A3:F2:E7:41
ValidityThu, 04 Apr 2024 23:41:09 GMT - Wed, 03 Jul 2024 23:41:08 GMT

File type
HTML document, ASCII text
Size
146 B (146 bytes)
Hash
7fddb582aa41641066c4cea58f4ae753
7b242c2fa06ec309929eb673564c08471ef66ecc
398751967c52be7a67eec2219bb04def65cccc41b38739a6d99931a99de2d538

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Adobe Inc.
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/QmPkxJED3Fb2sHpjZ1QyjFuAuuktBdWCsvty9NVB5gE4bD/mail_delivery_pil1904.html HTTP/1.1
Host: cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Wed, 17 Apr 2024 16:06:01 GMT
content-type: text/html; charset=utf-8
content-length: 146
location: https://bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/mail_delivery_pil1904.html
cf-ray: 875da8f06dd392ec-CPH
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: no-store
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
set-cookie: __cf_bm=6lMPGViKdsOKXe.D9nPouxpaAW5sZQS4ulou6I4Pgso-1713369961-1.0.1.1-A9iGfciKgeA3ImPdMXmL3Y7yhGJuHQSBdJygxkBn23Jb8C.a_WmUqAtcvWlmgzg9YBP0vU9.JzdqYuDIXgmyHQ; path=/; expires=Wed, 17-Apr-24 16:36:01 GMT; domain=.cf-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/6.6.8/sweetalert2.min.css

104.17.25.14

200 OK

2.4 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/6.6.8/sweetalert2.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/mail_delivery_pil1904.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (15121), with no line terminators
Size
2.4 kB (2415 bytes)
Hash
854055db8a5ee35964e6bf8fa4dc7990
7c961aa32827f1c8b5da6f12762b36e9e3331d4c
7f3a692cfa76e5be66003c69a85431144dc1eeda8965499510b034bb8d925227

HTTP Headers

GET /ajax/libs/limonte-sweetalert2/6.6.8/sweetalert2.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:06:01 GMT
content-type: text/css; charset=utf-8
content-length: 2415
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed1-3b11"
last-modified: Mon, 04 May 2020 16:12:01 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2146966
expires: Mon, 07 Apr 2025 16:06:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=encYtU%2F68CHwqfijiCkLO0YszlIpHBKRwvTbCHXYXfAHuQAVfb8WVjSGH2bP3y9Q0N1L7XPH4OjyxiL731tLv20at%2B8Lj9W60Ws4%2Fndx7UpLL67ZBIVX5Qaj3%2FYM7K%2FNsQUCn1J4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875da8f5fcad9312-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/sweetalert2@11

104.16.85.20

200 OK

21 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11
IP
104.16.85.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/mail_delivery_pil1904.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDD:2E:D1:50:F1:3B:79:16:36:22:E7:0A:FD:E6:E7:35:C7:1A:42:6E
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (52172)
Size
21 kB (21319 bytes)
Hash
230c939d3b3fc96a5cf7fec7d22891c0
5c664950c68e5630583db458390152ad0e1c64d9
ef7aceda0ec9484ac6f22b195c2b1edfd29fe721ae78f823cafa2dffc71108d4

HTTP Headers

GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:06:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 21319
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 11.10.8
x-jsd-version-type: version
etag: W/"129b5-XGZJUMaOVjBYPbRYOQFSrQ4cZNk"
content-encoding: br
x-served-by: cache-fra-eddf8230029-FRA, cache-lga21982-LGA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 5159
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y4hfZ1LN%2BjHrwLIADLE18fSzDAzF8%2BWosq41vQgeJIKYvDtYpjDCxAz2zP40fG%2FAM7vO78GWH%2Fx36jQ5GQeBfU8eUNhqMZ6bf83NFjgX65JAvVId6fbc8y1KIXZZLTQTOTQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875da8f67b708f59-CPH
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.42

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/mail_delivery_pil1904.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 10:51:04 GMT
expires: Thu, 17 Apr 2025 10:51:04 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 18898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.42

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/mail_delivery_pil1904.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 10:51:04 GMT
expires: Thu, 17 Apr 2025 10:51:04 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 18898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/mail_delivery_pil1904.html

104.17.96.13

200 OK

31 kB

URL User Request GET HTTP/2
bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/mail_delivery_pil1904.html
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint46:AD:9B:E1:02:E3:A8:FE:9B:E2:86:B5:A1:5C:07:B9:B7:3B:17:14
ValiditySat, 16 Mar 2024 23:28:47 GMT - Fri, 14 Jun 2024 23:28:46 GMT

File type
HTML document, ASCII text, with very long lines (28143), with CRLF line terminators
Size
31 kB (30899 bytes)
Hash
2b0f7dab8078782872f48db322ee2d9e
87b6d48dcf1c0e8164cbb4a736bb52696f3186b0
5f9fbea963b6190d6a050107995629d366ec6d5706c81ca31cb57577d2ce62eb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Adobe Inc.
PhishTank	phishing	Other

HTTP Headers

GET /mail_delivery_pil1904.html HTTP/1.1
Host: bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:06:01 GMT
content-type: text/html
cf-ray: 875da8f29de6abde-CPH
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"QmR86pvF5fTei9WgY5KtRAnnWgxbWPgvz9qH3W6AFWGF5A"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq/mail_delivery_pil1904.html
x-ipfs-roots: bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq,QmR86pvF5fTei9WgY5KtRAnnWgxbWPgvz9qH3W6AFWGF5A
set-cookie: __cf_bm=tEfAjCrBxIK0oVNHrA73nl9Oj3aD9ZjvA7ys5NhFlWU-1713369961-1.0.1.1-eMbRVBza6C2CN7MNgZ0AHY7EhADyj6nzUjmyWTMLDq8_nsOFIgT1UvqUXQkuj3.Xunx2veu.XRGfrY.C6wcy8w; path=/; expires=Wed, 17-Apr-24 16:36:01 GMT; domain=.bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.adobe.com/content/dam/shared/images/product-icons/svg/acrobat-reader.svg

80.239.138.18

200 OK

834 B

URL GET HTTP/2
www.adobe.com/content/dam/shared/images/product-icons/svg/acrobat-reader.svg
IP
80.239.138.18:443
ASN
#1299 Arelion Sweden AB

Requested by
https://bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/mail_delivery_pil1904.html
Certificate
IssuerDigiCert Inc
Subject*.adobe.com
FingerprintB3:50:FB:1E:83:AF:74:EA:87:64:38:E3:6B:C4:7C:4E:DF:39:EE:6B
ValidityWed, 13 Sep 2023 00:00:00 GMT - Thu, 12 Sep 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
834 B (834 bytes)
Hash
325c8a2984f01a66681f42d5c7480dda
5985d9bea1fe85a2ac2787231c919893e2ad2e3b
d1e12c899e29f48adf45b0e2dabdc1c3eea604ccc833701f8590e8116efc19b1

HTTP Headers

GET /content/dam/shared/images/product-icons/svg/acrobat-reader.svg HTTP/1.1
Host: www.adobe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
server: Apache
x-adobe-content: AEM-Offers
x-frame-options: SAMEORIGIN
x-adobe-info: dd741a6e-76f2-4194-a204-20acd92c391c, dd741a6e-76f2-4194-a204-20acd92c391c
last-modified: Wed, 17 Apr 2024 13:41:03 GMT
x-adobe-loc: ew1
x-adobe-source: 128.80
x-content-type-options: nosniff
x-adobe-cache: MISS
accept-ranges: bytes
content-encoding: gzip
content-length: 834
cache-control: max-age=21600
expires: Wed, 17 Apr 2024 22:06:02 GMT
date: Wed, 17 Apr 2024 16:06:02 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=28, origin; dur=0, ak_p; desc="1713369962479_1357875726_103412069_2782_13624_8_37_1";dur=1
alt-svc: h3=":443"; ma=93600
akamai-x-true-ttl: 31536000, 31536000
akamai-grn-www.adobe.com: 0.0e8aef50.1713369962.629f165
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

104.18.11.207

200 OK

141 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/mail_delivery_pil1904.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65324)
Size
141 kB (140936 bytes)
Hash
04aca1f4cd3ec3c05a75a879f3be75a3
675fcf28f9fbf37139d3b2c0b676f96f601a4203
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

HTTP Headers

GET /bootstrap/4.1.3/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiavcwbxkqrer7mmcny6cdy7fw42sdbtfashqwgqbihrkaq7wdxiuq.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:06:01 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 10/31/2023 18:48:38
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: d92760ed6a1dac63dec1fb1d76198f43
cdn-cache: HIT
cf-cache-status: HIT
age: 3470154
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 875da8f5994492cd-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (8)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by