Report - bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/

Report Overview

Visited public
2023-12-05 14:53:42
Tags
URL
bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
Finishing URL
bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
IP / ASN
104.17.96.13
#13335 CLOUDFLARENET
Title
We-Transfer

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-05 08:15:49	503 B	32 kB	216.58.207.234
excel567.oss-ap-southeast-3.aliyuncs.com	unknown	2012-04-01	2022-06-25 14:05:51	2023-12-03 13:35:11	494 B	587 B	47.254.218.78
cdn.glitch.com	118356	1997-11-20	2017-10-27 15:29:36	2023-12-04 23:26:04	1.6 kB	1.3 kB	54.230.111.126
cdn.glitch.me	105928	2008-07-18	2018-06-21 17:11:59	2023-12-04 08:11:30	1.6 kB	202 kB	54.230.111.121
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15 22:36:43	2023-12-05 05:36:28	511 B	52 kB	104.18.10.207
bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com	unknown	unknown	No data	No data	545 B	36 kB	104.17.96.13

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-05 14:53:30	low	Client IP	Internal IP	ET INFO Peer to Peer File Sharing Service in DNS Lookup (cf-ipfs .com)
2023-12-05 14:53:30	low	Client IP	Internal IP	ET INFO Peer to Peer File Sharing Service in DNS Lookup (cf-ipfs .com)
2023-12-05 14:53:30	low	Client IP	104.17.96.13	ET INFO Peer to Peer File Sharing Service Domain in TLS SNI (cf-ipfs .com)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-12-05	medium	bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/	WeTransfer

PhishTank

Scan Date	Severity	Indicator	Alert
2023-11-18	medium	bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	unknown	Function	37 B	2023-04-11	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-05-09 09:40 Times Seen263331 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/	ScriptElement	81 B	2023-03-07	2025-04-05
Pretty URL bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/ IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 14:00 Last Seen2025-04-05 11:54 Times Seen58 Hash 318cccad0f09422c1f317c0f8b85eabc 43690ba73c8ef205f59c5ba576a1f40ef43104f3 7cb8c48f0c2b1391e0e8ac41994076f41a766056297737a4606ef57a86b6ae3b Loading...

	bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/	ScriptElement	28 kB	2023-11-17	2024-08-20
Pretty URL bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/ IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-17 15:34 Last Seen2024-08-20 19:05 Times Seen6 Hash cfb8fe8e7e2f2ff417f02a8130e4066a 58e0bbe4398bae9a9ef57975cb44488e54ff1fdc fd9054897c857744a92d98eda4af0d58796d54c1773e4e1cf923351dc99dd35a Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-05-09
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 07:58 Times Seen108603 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	ScriptElement	51 kB	2023-03-07	2025-05-09
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 08:21 Times Seen98870 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/	ScriptElement	242 B	2023-03-07	2024-12-24
Pretty URL bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/ IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:34 Last Seen2024-12-24 08:47 Times Seen951 Hash 6824e1853068f2d177af77165ee574d0 772704994e7b3ff254de6f07920ab53f2f211e63 ad6a2e450750750ba415009d88b4ef17d7a31ce1c16ae98dc502812df379cf46 Loading...

	unknown	Function	79 B	2023-04-11	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-05-09 09:18 Times Seen112368 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

HTTP Transactions (10)

URL IP Response Size

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

216.58.207.234

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 10:15:01 GMT
expires: Wed, 04 Dec 2024 10:15:01 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 16704
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

excel567.oss-ap-southeast-3.aliyuncs.com/pdf.js

47.254.218.78

403 Forbidden

340 B

URL GET HTTP/1.1
excel567.oss-ap-southeast-3.aliyuncs.com/pdf.js
IP
47.254.218.78:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.oss-ap-southeast-1.aliyuncs.com
FingerprintEB:9D:12:FC:B5:0B:5D:25:9C:F7:E0:22:CA:9D:5F:75:5E:91:2F:6C
ValidityFri, 07 Jul 2023 10:25:14 GMT - Sat, 02 Mar 2024 02:31:24 GMT

File type
XML 1.0 document text\012- XML document, ASCII text
Size
340 B (340 bytes)
Hash
d4c5cf9b5710cb687917a3ce5bd4ed39
0087e9cd1fff141093a40a9ccdde4be62083a5b7
314cb8e268fe3a23b56b7c63ae5ac768f12acbb8706790bb60bb1ab8d1c600ab

HTTP Headers

GET /pdf.js HTTP/1.1
Host: excel567.oss-ap-southeast-3.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Tue, 05 Dec 2023 14:53:26 GMT
Content-Type: application/xml
Content-Length: 340
Connection: keep-alive
x-oss-request-id: 656F39667BFFD3353397BE9B
x-oss-server-time: 1
x-oss-ec: 0003-00000801

cdn.glitch.com/a9bfcce0-422b-46e4-9074-3147cbc03390%2Ficon.ico?v=1600376585636

54.230.111.126

301 Moved Permanently

0 B

URL GET HTTP/1.1
cdn.glitch.com/a9bfcce0-422b-46e4-9074-3147cbc03390%2Ficon.ico?v=1600376585636
IP
54.230.111.126:443
ASN
#16509 AMAZON-02

Requested by
https://bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a9bfcce0-422b-46e4-9074-3147cbc03390%2Ficon.ico?v=1600376585636 HTTP/1.1
Host: cdn.glitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: keep-alive
Date: Mon, 04 Dec 2023 20:04:22 GMT
Location: https://cdn.glitch.me/a9bfcce0-422b-46e4-9074-3147cbc03390%2Ficon.ico
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5t_6KYVdWGs12R2AyzeF6uFidJ4DZAVcmWwNU2BpNwIrzQzbt4ltZA==
Age: 67745
Vary: Origin

cdn.glitch.com/a9bfcce0-422b-46e4-9074-3147cbc03390%2Fbg.jpg?v=1600376573408

54.230.111.126

301 Moved Permanently

0 B

URL GET HTTP/1.1
cdn.glitch.com/a9bfcce0-422b-46e4-9074-3147cbc03390%2Fbg.jpg?v=1600376573408
IP
54.230.111.126:443
ASN
#16509 AMAZON-02

Requested by
https://bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a9bfcce0-422b-46e4-9074-3147cbc03390%2Fbg.jpg?v=1600376573408 HTTP/1.1
Host: cdn.glitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: keep-alive
Date: Tue, 05 Dec 2023 07:53:23 GMT
Location: https://cdn.glitch.me/a9bfcce0-422b-46e4-9074-3147cbc03390%2Fbg.jpg
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: R9aAOlTcMORIWkp6UIFeWSzxa4DO7hfUJF5qn02ADasjFvbE3fZDHA==
Age: 25203
Vary: Origin

cdn.glitch.me/a9bfcce0-422b-46e4-9074-3147cbc03390%2Ficon.ico

54.230.111.121

200 OK

42 kB

URL GET HTTP/1.1
cdn.glitch.me/a9bfcce0-422b-46e4-9074-3147cbc03390%2Ficon.ico
IP
54.230.111.121:443
ASN
#16509 AMAZON-02

Requested by
https://bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Size
42 kB (41566 bytes)
Hash
692e1c7339c359b6412f059c9c9a0474
e7c1a53dca16b7664880e5b8a92524cf9a47fb62
d12161435ace47c6883360e08466508593325f134c1852b1d0e6e75d5f76adda

HTTP Headers

GET /a9bfcce0-422b-46e4-9074-3147cbc03390%2Ficon.ico HTTP/1.1
Host: cdn.glitch.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/x-icon
Content-Length: 41566
Connection: keep-alive
Date: Mon, 04 Dec 2023 13:45:08 GMT
Cache-Control: max-age=31536000
Last-Modified: Thu, 17 Sep 2020 21:03:07 GMT
ETag: "692e1c7339c359b6412f059c9c9a0474"
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9iJiMlUtOag9a9waY86cQVWLhaUQschcmJXD0AMR_dWlPLDQqG2yGg==
Age: 90499
Content-Security-Policy: script-src 'none'
Vary: Origin

cdn.glitch.me/a9bfcce0-422b-46e4-9074-3147cbc03390%2Fbg.jpg

54.230.111.121

200 OK

118 kB

URL GET HTTP/1.1
cdn.glitch.me/a9bfcce0-422b-46e4-9074-3147cbc03390%2Fbg.jpg
IP
54.230.111.121:443
ASN
#16509 AMAZON-02

Requested by
https://bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1365x612, components 3\012- data
Size
118 kB (117459 bytes)
Hash
6e5b76b6f1740d6d21c8d968a0364df6
1d4847612905d7d14700dc5f1f1378b4d6379925
2a8281ebaeee4dbc6452cbca892800ebae3b1159afe72ae30313b1c9262f0667

HTTP Headers

GET /a9bfcce0-422b-46e4-9074-3147cbc03390%2Fbg.jpg HTTP/1.1
Host: cdn.glitch.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 117459
Connection: keep-alive
Date: Mon, 04 Dec 2023 12:07:05 GMT
Cache-Control: max-age=31536000
Last-Modified: Thu, 17 Sep 2020 21:02:53 GMT
ETag: "6e5b76b6f1740d6d21c8d968a0364df6"
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oOlQLAOXKFxeqUAslqhu-UptxqVJV5lNzMo8ujr9CW5u1A7IE_rKnA==
Age: 96382
Content-Security-Policy: script-src 'none'
Vary: Origin

cdn.glitch.com/a9bfcce0-422b-46e4-9074-3147cbc03390%2Ficon.ico?v=1600376585636

54.230.111.126

301 Moved Permanently

0 B

URL GET HTTP/1.1
cdn.glitch.com/a9bfcce0-422b-46e4-9074-3147cbc03390%2Ficon.ico?v=1600376585636
IP
54.230.111.126:443
ASN
#16509 AMAZON-02

Requested by
https://bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a9bfcce0-422b-46e4-9074-3147cbc03390%2Ficon.ico?v=1600376585636 HTTP/1.1
Host: cdn.glitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: keep-alive
Date: Mon, 04 Dec 2023 20:04:22 GMT
Location: https://cdn.glitch.me/a9bfcce0-422b-46e4-9074-3147cbc03390%2Ficon.ico
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NjGtN57qNQ00RaeBVN9ddjeGBwmq4zEvkJ-FvZWn_x0vdL9msWUxkQ==
Age: 67746
Vary: Origin

cdn.glitch.me/a9bfcce0-422b-46e4-9074-3147cbc03390%2Ficon.ico

54.230.111.121

200 OK

42 kB

URL GET HTTP/1.1
cdn.glitch.me/a9bfcce0-422b-46e4-9074-3147cbc03390%2Ficon.ico
IP
54.230.111.121:443
ASN
#16509 AMAZON-02

Requested by
https://bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Size
42 kB (41566 bytes)
Hash
692e1c7339c359b6412f059c9c9a0474
e7c1a53dca16b7664880e5b8a92524cf9a47fb62
d12161435ace47c6883360e08466508593325f134c1852b1d0e6e75d5f76adda

HTTP Headers

GET /a9bfcce0-422b-46e4-9074-3147cbc03390%2Ficon.ico HTTP/1.1
Host: cdn.glitch.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/x-icon
Content-Length: 41566
Connection: keep-alive
Date: Mon, 04 Dec 2023 13:45:08 GMT
Cache-Control: max-age=31536000
Last-Modified: Thu, 17 Sep 2020 21:03:07 GMT
ETag: "692e1c7339c359b6412f059c9c9a0474"
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bwz5GYNPMQ7bRY4Gokb_YOKUFmFd87nyLaI3LBGRE22pJsPc1e9xmQ==
Age: 90500
Content-Security-Policy: script-src 'none'
Vary: Origin

stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.10.207

200 OK

51 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (50758)
Size
51 kB (51039 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:53:25 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"67176c242e1bdc20603c878dee836df3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 10/31/2023 18:58:40
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: f4f838df79fc133911a060d7c6bb0f5c
cdn-cache: HIT
cf-cache-status: HIT
age: 467768
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 830d1e5b190956a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/

104.17.96.13

200 OK

34 kB

URL User Request GET HTTP/2
bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com/
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectcf-ipfs.com
Fingerprint7E:49:AE:B5:66:51:63:F4:42:B8:30:B0:7D:F1:03:F4:C9:C5:57:D2
ValidityFri, 17 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (27798), with CRLF line terminators
Size
34 kB (34339 bytes)
Hash
e168bae09d175fa11b18cfacf1e80efd
e201fe757a74200f0d42d914e7782ba274ccc764
e87e14180ef4f71558a3d40410c33d8ff07e310d01ac8ea381a274020d4c274e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WeTransfer
PhishTank	phishing	Other

HTTP Headers

GET / HTTP/1.1
Host: bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:53:25 GMT
content-type: text/html
cf-ray: 830d1e564a455691-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm/
x-ipfs-roots: bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm
set-cookie: __cf_bm=Qv.eZwVkLoTjSYMtriMOhyTSW.ww5ryeyrYIiFEQrDs-1701788005-0-AYG+9Pt/RWq+pQaEMTfL56sOJLUg4UcoQHUA6eifTRhtKXaFVj8hJ8i4XDW1/4UWCm1r17azpOap510tzqE5rWw=; path=/; expires=Tue, 05-Dec-23 15:23:25 GMT; domain=.bafybeibiyalzwvmlisgut224jjcwotnkuezs7sdyzvishg43lzsx5l3gtm.ipfs.cf-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (10)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate