Report - ipfs.fleek.co/ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q

Report Overview

Submitted URL
ipfs.fleek.co/ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q
IP
104.17.96.13
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-23 10:22:18
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	31 kB	142.250.74.106
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.148.148.62
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	31 kB	34.120.237.76
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	916 B	104.18.11.207
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	414 B	7.2 kB	104.17.24.14
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	662 B	1.4 kB	142.250.74.3
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
prod-cdn.wetransfer.net	25787	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	150 kB	54.230.111.37
ipfs.fleek.co	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	15 kB	37 kB	104.17.64.14
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.36.77.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	1.8 kB	93.184.220.29
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	24 kB	69.16.175.42
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.9 kB	172.64.155.188
mk2-b4c8d3.ingress-earth.ewp.live	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	312 B	63.250.43.129
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	408 B	961 B	104.18.11.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-22	medium	ipfs.fleek.co/ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q	WeTransfer

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-23	medium	ipfs.fleek.co/ipfs/css/0.txt	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/css/vendor-ef8fd9ca3a0295622111.html	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/css/runtimeapplication-bafdd8b86fd88bb4273d.html	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/css/application-c2b6f877fed288c2431f.html	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/css/wallpaper-59e18dcf37d4cc5f163b.html	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/css/gtm_002.html	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/css/bat.html	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/css/17116643.html	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/css/0.txt	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/css/en-de295c39cb769807d9fa.js	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/css/fbevents.html	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/css/analytics.html	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/css/en-0d65947306b8b68f172b.js	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/css/wallpaper-59e18dcf37d4cc5f163b.html	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/css/sp.js	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/css/vendor-ef8fd9ca3a0295622111.html	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/css/gtm.js	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/css/sp.js	Phishing
2022-09-23	medium	ipfs.fleek.co/ipfs/css/en-0d65947306b8b68f172b.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-25
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-25 10:23:20 Times Seen244057 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	ipfs.fleek.co/ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q	177 B	2023-03-07	2024-04-22
Pretty URL ipfs.fleek.co/ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:30 Last Seen2024-04-22 19:58:57 Times Seen44 Hash e9c60c0e35d34060648ce34e2c08cbd1 396a4cb2f4b6cdca078b788d5c9df56765bc70ab 697a30b89a2de98bfe0890e0e6ce173658463499ce877a3df9221b797559c928 Loading...

	ipfs.fleek.co/ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q	255 B	2023-03-07	2024-04-10
Pretty URL ipfs.fleek.co/ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:30 Last Seen2024-04-10 07:30:34 Times Seen70 Hash 10c6db510fa5e86ca96c9e5478998536 be37bd9e1d8e9ace1a0d36b68ac844316073f0d6 00de48e5cc9a51c60b85c1b75fc1552fca4090e5e17ec5162c35f6edcc803c9a Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-04-25
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-25 10:23:20 Times Seen136804 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	code.jquery.com/jquery-3.2.1.slim.min.js	70 kB	2023-03-07	2024-04-25
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-04-25 10:22:21 Times Seen106175 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	19 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-25 10:22:21 Times Seen111496 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-04-25
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-25 10:22:21 Times Seen383831 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	ipfs.fleek.co/ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q	316 B	2023-03-07	2024-04-10
Pretty URL ipfs.fleek.co/ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:30 Last Seen2024-04-10 07:30:34 Times Seen73 Hash 50269a5c4bb0b82d479ce39d3debb16c 7d2d8e2693dc353cd52bcb010c12bea6dee2c4ee 1907e0faf4a94ed2bf53eb7eea33143b11fc44882e978c7b12c1c26f895a26af Loading...

	ipfs.fleek.co/ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q	2.2 kB	2023-03-07	2023-03-12
Pretty URL ipfs.fleek.co/ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:30 Last Seen2023-03-12 16:36:15 Times Seen1 Hash afebd720424ed786f0fc1732492d695a db71987318eff7f546fb3140516c68430c66d49c 3243121f53ca571cffa77e25b2b474bb45b34ecf776a6d5cd897935b06b69982 Loading...

HTTP Transactions (52)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 09:23:08 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: e92K9r0NgwWXtNnTmqVnfz5Nf_oS82oFHCLpJP1xK38UhBsvyiUO5A==
Age: 3539

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17523
Expires: Fri, 23 Sep 2022 15:14:10 GMT
Date: Fri, 23 Sep 2022 10:22:07 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KY7gUT8wZ_DoMshj7VCaDgodrpZr9Xv_VeS7f-tMDY9XevzrQ1wWZg==
age: 20813
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 10:22:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
1e6c9be31449287ca2725eb224a39e88
c65a22026855d7f48e9e735e19c34470e4487066
b6d0504176ab904be26a92b03910531c3a99a30a542d45a1f4865a5166256096

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2717
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 10:22:08 GMT
Last-Modified: Fri, 23 Sep 2022 09:36:52 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278

prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff

54.230.111.37

200 OK

32 kB

URL HTTP/2
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff
IP
54.230.111.37:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format, TrueType, length 32124, version 1.6554\012- data
Size
32 kB (32124 bytes)
Hash
868aedeefe7669e8a4f7196f7df5d058
45bd20ef2c6b717a2526efd98a01207979b2a623
d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555

HTTP Headers

GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipfs.fleek.co
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff
content-length: 32124
date: Wed, 21 Sep 2022 09:55:05 GMT
last-modified: Wed, 21 Sep 2022 08:39:20 GMT
etag: "868aedeefe7669e8a4f7196f7df5d058"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RVjjqdzw6pqR2vXWBUmdcWxzo6CxBZAR5d0Cutyu2TT08-Y5E82Zzg==
age: 174424
X-Firefox-Spdy: h2

prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff

54.230.111.37

200 OK

31 kB

URL HTTP/2
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff
IP
54.230.111.37:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format, TrueType, length 31120, version 1.6554\012- data
Size
31 kB (31120 bytes)
Hash
57cbbfdafc43e0deecc75a309dd042c6
b9cc2ff331b8520706de175f5b3fdba6731a9bfc
a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6

HTTP Headers

GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipfs.fleek.co
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff
content-length: 31120
date: Wed, 21 Sep 2022 09:55:05 GMT
last-modified: Wed, 21 Sep 2022 08:39:20 GMT
etag: "57cbbfdafc43e0deecc75a309dd042c6"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r_ncLwPimHyNjGFdFppigoN-rW0TR8Remfk0TC9HUkCUgXk4HwmxUg==
age: 174424
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
1e6c9be31449287ca2725eb224a39e88
c65a22026855d7f48e9e735e19c34470e4487066
b6d0504176ab904be26a92b03910531c3a99a30a542d45a1f4865a5166256096

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2717
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 10:22:08 GMT
Last-Modified: Fri, 23 Sep 2022 09:36:52 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 10:03:22 GMT
Expires: Fri, 23 Sep 2022 10:23:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mg5K_3k1kqp1FEn7DjrZAfCbXJ9zGVF17tOedi7G_RIdHbVij1rqyw==
Age: 1126

prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff

54.230.111.37

200 OK

43 kB

URL HTTP/2
prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff
IP
54.230.111.37:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format, TrueType, length 43188, version 0.0\012- data
Size
43 kB (43188 bytes)
Hash
55576599a2d772f9297c5036d355b1fb
c52e4f9a59137105deb12a3de25ee7d5a15fd286
1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73

HTTP Headers

GET /packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipfs.fleek.co
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff
content-length: 43188
date: Wed, 21 Sep 2022 09:55:05 GMT
last-modified: Wed, 21 Sep 2022 08:39:20 GMT
etag: "55576599a2d772f9297c5036d355b1fb"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bUOhAr2TYpZyDeE2SWWCZt2gRHNBkKmPI4utC8DPMR2K59SsJQICZw==
age: 174424
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

104.17.24.14

200 OK

6.2 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (19015)
Size
6.2 kB (6157 bytes)
Hash
7b4114faa411d059a9a5ac4b5b4d9dee
277da4486916fa3a4ab3375f47bc98f58dbf90f6
60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9

HTTP Headers

GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Sep 2022 10:22:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1872953
expires: Wed, 13 Sep 2023 10:22:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bm841mya4GSqokT09ITm2nCLfJ35RJs%2Bo2LH343jLF6bpV%2FalUHPqK%2FB%2FBXCA%2F8g%2BBay9Ifm6hEuXnoIUqW6hN9Ajz7XuBXu8tUMP5AxmY0guAFDq0OamRs2L0LRHx9eZKf8X7fX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f28eb5ed900b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.2.1.slim.min.js

69.16.175.42

200 OK

24 kB

URL HTTP/2
code.jquery.com/jquery-3.2.1.slim.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32012)
Size
24 kB (23856 bytes)
Hash
30f5157a965bc792a83e9bacfe265f03
8330886371fe27f3cbac509e0ac9712207574c66
4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0

HTTP Headers

GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Sep 2022 10:22:08 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663928528.dop221.sk1.t,1663928528.cds210.sk1.hn,1663928528.cds235.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 10:22:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6547
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 10:22:08 GMT
Last-Modified: Fri, 23 Sep 2022 08:33:01 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

142.250.74.106

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
6d973c8b7e2439d958e09c0a1ab9fe50
05ae0830200c20b9a2dfd5a825adc400481a60fb
f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 20:21:06 GMT
expires: Tue, 19 Sep 2023 20:21:06 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 309662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 10:22:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

54.148.148.62

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.148.62:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jDdl7eZMLeNhqApDyWqj5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8x2lqlKUU3qOMOaAuLwdadeyq20=

ipfs.fleek.co/ipfs/css/0.txt

104.17.64.14

404 Not Found

564 B

URL HTTP/2
ipfs.fleek.co/ipfs/css/0.txt
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
564 B (564 bytes)
Hash
aa38a5e6b044283213e52a4f94356ed6
299d26c0a24ff7e32f5f20f580607c1fbba6a217
4aa0d90aec2b07a984ce388d293129a7a765cd30e454bb8c9c59c934c021cdc1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/0.txt HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:09 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28ebcfdd6b505-OSL
cf-cache-status: DYNAMIC
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
ffbf9d176221a80d9ee56be35d903b52
0c70329048b73ef243ef6cf4d897b8bf7a31cf87
6f913fc6f1a65468af2353bac99d9793bde1625b2f77aff6c83c643fdd18deba

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:22:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 11:07:08 GMT
Expires: Thu, 29 Sep 2022 11:07:07 GMT
Etag: "0c70329048b73ef243ef6cf4d897b8bf7a31cf87"
Cache-Control: max-age=520497,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f28ebeb8ccfab8-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14604
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 10:22:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14604
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 10:22:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14604
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 10:22:09 GMT
Connection: keep-alive

ipfs.fleek.co/ipfs/css/vendor-ef8fd9ca3a0295622111.html

104.17.64.14

404 Not Found

10 kB

URL HTTP/2
ipfs.fleek.co/ipfs/css/vendor-ef8fd9ca3a0295622111.html
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
10 kB (10245 bytes)
Hash
a8e38d1476042f3b2b23761eb44fe951
bae0463e130c3f733ad8390b8d9f754522c0dcf0
a4291609d4430600f9a52cc2106c36ef1da827a568200fc28adfebd769f3cca5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/vendor-ef8fd9ca3a0295622111.html HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:08 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28eb499e7b505-OSL
cf-cache-status: DYNAMIC
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8029 bytes)
Hash
02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 45227
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10279 bytes)
Hash
8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z0uCxl-5L4gijwJsCjssxmgnJr4yhzvtiZdcX4wOXzgiuh8-Yj92vg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 04:32:56 GMT
age: 20953
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac33f06-9198-44a5-b43b-9cbcc092cf52.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9481 bytes)
Hash
1eab8da8cc1495a0221efadddd1a0bcc
4156c37b612d5fb99c6b061187a3cb0b314ae4a8
2fc5dbd9216f775cd305de80d17db2e6c74abcb1e30bfa7065c4d763a7345026

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac33f06-9198-44a5-b43b-9cbcc092cf52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9481
x-amzn-requestid: d527d22a-6822-4b90-b9cb-034f58f73c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0IGl7oAMFSKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4e7-13a676d9596cbd20663d2d8f;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V8vtLV7n0bPpR5xQtqcH6WK7uBV4ObaMdy_9qN_TtISqAozEwPe0hA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:15 GMT
age: 43854
etag: "4156c37b612d5fb99c6b061187a3cb0b314ae4a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/css/runtimeapplication-bafdd8b86fd88bb4273d.html

104.17.64.14

404 Not Found

5.5 kB

URL HTTP/2
ipfs.fleek.co/ipfs/css/runtimeapplication-bafdd8b86fd88bb4273d.html
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
5.5 kB (5462 bytes)
Hash
c7d18edaeed0d6810e0c4d10468cdf87
9ac98d0df036c696fc3c708ccb26d6685fe9a2aa
c639ff53a566e3fd2e51fc1a8240e5b6a5717f219aedf773fc516059e8e2f2a0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/runtimeapplication-bafdd8b86fd88bb4273d.html HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:08 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28eb489dab505-OSL
cf-cache-status: DYNAMIC
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/css/application-c2b6f877fed288c2431f.html

104.17.64.14

404 Not Found

13 kB

URL HTTP/2
ipfs.fleek.co/ipfs/css/application-c2b6f877fed288c2431f.html
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
13 kB (13118 bytes)
Hash
89d4c59f8047aee50e7fcc78298e15a7
1cc23c91eebcb7b5d62a9b2070c62ee44a0cc401
30125f05029aba578f6b5571114696afd6f4a9f218d18f26bd1b45e5af0e650a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/application-c2b6f877fed288c2431f.html HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:08 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28eb499e5b505-OSL
cf-cache-status: DYNAMIC
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/css/wallpaper-59e18dcf37d4cc5f163b.html

104.17.64.14

404 Not Found

694 B

URL HTTP/2
ipfs.fleek.co/ipfs/css/wallpaper-59e18dcf37d4cc5f163b.html
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
694 B (694 bytes)
Hash
c9eac7e22419a67bbdab974425924834
471b8aa3ce880c6abaa12841c593f2e5dfdd8d94
7a6b724457f6ea5302b07272fff3aa6f86a0149b71b38f8f08f3e48712e84879

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/wallpaper-59e18dcf37d4cc5f163b.html HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:09 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28eba8a55b505-OSL
cf-cache-status: DYNAMIC
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
ffbf9d176221a80d9ee56be35d903b52
0c70329048b73ef243ef6cf4d897b8bf7a31cf87
6f913fc6f1a65468af2353bac99d9793bde1625b2f77aff6c83c643fdd18deba

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 10:22:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 11:07:08 GMT
Expires: Thu, 29 Sep 2022 11:07:07 GMT
Etag: "0c70329048b73ef243ef6cf4d897b8bf7a31cf87"
Cache-Control: max-age=520497,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f28ebebace1c02-OSL

ipfs.fleek.co/ipfs/css/gtm_002.html

104.17.64.14

404 Not Found

209 B

URL HTTP/2
ipfs.fleek.co/ipfs/css/gtm_002.html
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
209 B (209 bytes)
Hash
2cf1589d94376f79e66c3d22dadb3f13
b1ef08e41ebfd338d62c161916bb2f75d60e2b47
f39b3384b7cd572962347e8576abaef19130973b2df081a7a4e661083f6254c3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/gtm_002.html HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:08 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28eb52ab7b505-OSL
cf-cache-status: DYNAMIC
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

prod-cdn.wetransfer.net/packs/media/images/favicon-a34a7465.ico

54.230.111.37

200 OK

42 kB

URL HTTP/2
prod-cdn.wetransfer.net/packs/media/images/favicon-a34a7465.ico
IP
54.230.111.37:0
ASN
#16509 AMAZON-02

File type
MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Size
42 kB (41566 bytes)
Hash
692e1c7339c359b6412f059c9c9a0474
e7c1a53dca16b7664880e5b8a92524cf9a47fb62
d12161435ace47c6883360e08466508593325f134c1852b1d0e6e75d5f76adda

HTTP Headers

GET /packs/media/images/favicon-a34a7465.ico HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 41566
date: Thu, 02 Jun 2022 03:15:55 GMT
last-modified: Wed, 01 Jun 2022 15:16:41 GMT
etag: "692e1c7339c359b6412f059c9c9a0474"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rcKps44BeYJRroJMMX1QLPwZHKx6QrIe_f1EIgqRf65RK1_LYxNMFg==
age: 9788776
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/css/bat.html

104.17.64.14

404 Not Found

0 B

URL HTTP/2
ipfs.fleek.co/ipfs/css/bat.html
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/bat.html HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:08 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28eb51ab4b505-OSL
cf-cache-status: DYNAMIC
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/css/17116643.html

104.17.64.14

404 Not Found

0 B

URL HTTP/2
ipfs.fleek.co/ipfs/css/17116643.html
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/17116643.html HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:08 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28eb52abcb505-OSL
cf-cache-status: DYNAMIC
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/css/0.txt

104.17.64.14

404 Not Found

0 B

URL HTTP/2
ipfs.fleek.co/ipfs/css/0.txt
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/0.txt HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:08 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28eb5cbbbb505-OSL
cf-cache-status: DYNAMIC
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

mk2-b4c8d3.ingress-earth.ewp.live/packs/media/images/globe-dd3d31e7.svg

63.250.43.129

404 Not Found

0 B

URL HTTP/2
mk2-b4c8d3.ingress-earth.ewp.live/packs/media/images/globe-dd3d31e7.svg
IP
63.250.43.129:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /packs/media/images/globe-dd3d31e7.svg HTTP/1.1
Host: mk2-b4c8d3.ingress-earth.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
content-type: text/html
date: Fri, 23 Sep 2022 10:22:09 GMT
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/css/en-de295c39cb769807d9fa.js

104.17.64.14

404 Not Found

0 B

URL HTTP/2
ipfs.fleek.co/ipfs/css/en-de295c39cb769807d9fa.js
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/en-de295c39cb769807d9fa.js HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:09 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28eb5cbb8b505-OSL
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q

104.17.64.14

200 OK

0 B

URL HTTP/2
ipfs.fleek.co/ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	WeTransfer
fortinet	Phishing

HTTP Headers

GET /ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Fri, 23 Sep 2022 10:22:08 GMT
content-type: text/html
cf-ray: 74f28eb19d81b505-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q"
cf-cache-status: DYNAMIC
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q
x-ipfs-root: bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q
x-ipfs-roots: bafybeickox6fgjgaccllg65ly7svr4dr6chbvzjqn676cu7bu5lpoa244q
set-cookie: __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=; path=/; expires=Fri, 23-Sep-22 10:52:08 GMT; domain=.ipfs.fleek.co; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

prod-cdn.wetransfer.net/packs/media/transfer_window/email-verification-lock-e6ed8c56.svg

54.230.111.37

200 OK

0 B

URL HTTP/2
prod-cdn.wetransfer.net/packs/media/transfer_window/email-verification-lock-e6ed8c56.svg
IP
54.230.111.37:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /packs/media/transfer_window/email-verification-lock-e6ed8c56.svg HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Sun, 28 Aug 2022 01:22:35 GMT
last-modified: Fri, 26 Aug 2022 12:18:15 GMT
etag: W/"207f0c93fc997af575b8b9ad9db8777c"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: H7n93a3u1a3CvyfLFgxLWtgVCa55r_7pBbgX6s9uR3wFb6l2-FNrxA==
age: 2278774
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/css/fbevents.html

104.17.64.14

404 Not Found

0 B

URL HTTP/2
ipfs.fleek.co/ipfs/css/fbevents.html
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/fbevents.html HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:08 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28eb51ab2b505-OSL
cf-cache-status: DYNAMIC
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

mk2-b4c8d3.ingress-earth.ewp.live/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff

63.250.43.129

404 Not Found

0 B

URL HTTP/2
mk2-b4c8d3.ingress-earth.ewp.live/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff
IP
63.250.43.129:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff HTTP/1.1
Host: mk2-b4c8d3.ingress-earth.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://ipfs.fleek.co/
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
content-type: text/html
date: Fri, 23 Sep 2022 10:22:10 GMT
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/css/analytics.html

104.17.64.14

404 Not Found

0 B

URL HTTP/2
ipfs.fleek.co/ipfs/css/analytics.html
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/analytics.html HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:08 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28eb52ab5b505-OSL
cf-cache-status: DYNAMIC
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/css/en-0d65947306b8b68f172b.js

104.17.64.14

404 Not Found

0 B

URL HTTP/2
ipfs.fleek.co/ipfs/css/en-0d65947306b8b68f172b.js
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/en-0d65947306b8b68f172b.js HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:09 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28ebc2c80b505-OSL
age: 0
vary: Accept-Encoding
cf-cache-status: HIT
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/css/wallpaper-59e18dcf37d4cc5f163b.html

104.17.64.14

404 Not Found

0 B

URL HTTP/2
ipfs.fleek.co/ipfs/css/wallpaper-59e18dcf37d4cc5f163b.html
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/wallpaper-59e18dcf37d4cc5f163b.html HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:08 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28eb52ab9b505-OSL
cf-cache-status: DYNAMIC
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/css/sp.js

104.17.64.14

404 Not Found

0 B

URL HTTP/2
ipfs.fleek.co/ipfs/css/sp.js
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/sp.js HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:08 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28eb5cbb4b505-OSL
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/css/vendor-ef8fd9ca3a0295622111.html

104.17.64.14

404 Not Found

0 B

URL HTTP/2
ipfs.fleek.co/ipfs/css/vendor-ef8fd9ca3a0295622111.html
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/vendor-ef8fd9ca3a0295622111.html HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:09 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28eb8f820b505-OSL
cf-cache-status: DYNAMIC
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/css/gtm.js

104.17.64.14

404 Not Found

0 B

URL HTTP/2
ipfs.fleek.co/ipfs/css/gtm.js
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/gtm.js HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:09 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28eb5cbaab505-OSL
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/css/sp.js

104.17.64.14

404 Not Found

0 B

URL HTTP/2
ipfs.fleek.co/ipfs/css/sp.js
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/sp.js HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:09 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28ebc2c7fb505-OSL
age: 1
vary: Accept-Encoding
cf-cache-status: HIT
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.11.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Sep 2022 10:22:08 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 6972376
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74f28eb4dc47b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.11.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Sep 2022 10:22:08 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/10/2022 17:24:53
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 860
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 9112cdfe1e798677d8162c8f3d8d3a77
cdn-cache: HIT
cf-cache-status: HIT
age: 2817197
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74f28eb5fa7ab521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mk2-b4c8d3.ingress-earth.ewp.live/packs/media/actiefgrotesque/ActiefGrotesque_W_Bd-1bdd99f9.woff

63.250.43.129

404 Not Found

0 B

URL HTTP/2
mk2-b4c8d3.ingress-earth.ewp.live/packs/media/actiefgrotesque/ActiefGrotesque_W_Bd-1bdd99f9.woff
IP
63.250.43.129:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Bd-1bdd99f9.woff HTTP/1.1
Host: mk2-b4c8d3.ingress-earth.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://ipfs.fleek.co/
Origin: https://ipfs.fleek.co
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
content-type: text/html
date: Fri, 23 Sep 2022 10:22:10 GMT
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/css/en-0d65947306b8b68f172b.js

104.17.64.14

404 Not Found

0 B

URL HTTP/2
ipfs.fleek.co/ipfs/css/en-0d65947306b8b68f172b.js
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/css/en-0d65947306b8b68f172b.js HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ipfs.fleek.co/
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0; __cf_bm=pzqTOqacJfzBz3atAPDNzAI5AEZ_CQUPV9WOpDCi7ow-1663928528-0-AYu+RA2lQwfmGKh3ApePti1dWHEHuzvmOtQtonPIjx7B2h4zef3nyzvbqShSpRJrmcKvppaMSTp6yLuZ8jeSnd4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 10:22:09 GMT
content-type: text/plain; charset=utf-8
cf-ray: 74f28eb5cbb5b505-OSL
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations