Report - cloudflare-ipfs.com/ipfs/bafybeicevn3vdyebcljzdudr4fvzwmicubg6zn25pl32d4vjjswhlxhpfa/PinCode.html

Report Overview

Submitted URL
cloudflare-ipfs.com/ipfs/bafybeicevn3vdyebcljzdudr4fvzwmicubg6zn25pl32d4vjjswhlxhpfa/PinCode.html
IP
104.17.96.13
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-01 21:41:30
Access
public
Website Title
Webmail Portal Access
Final URL
cloudflare-ipfs.com/ipfs/bafybeicevn3vdyebcljzdudr4fvzwmicubg6zn25pl32d4vjjswhlxhpfa/PinCode.html
Tags
phishing suspicious
urlquery detections
Phishing - Generic phishing
Suspicious - Anti-debugging code

Detections

urlquery
6
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-01	434 B	31 kB	142.250.74.138
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2024-05-01	456 B	26 kB	104.18.10.207
cloudflare-ipfs.com	75147	2018-05-30	2021-01-20	2024-03-15	1.9 kB	26 kB	104.17.64.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

Scan Date	Severity	Indicator	Alert
2023-05-02	medium	cloudflare-ipfs.com/favicon.ico	Other
2023-05-02	medium	cloudflare-ipfs.com/ipfs/bafybeicevn3vdyebcljzdudr4fvzwmicubg6zn25pl32d4vjjswhlxhpfa/PinCode.html	Other
2023-05-02	medium	cloudflare-ipfs.com/ipfs/img/bg-image.jpg	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-05-15
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-15 21:39:26 Times Seen392527 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	cloudflare-ipfs.com/ipfs/bafybeicevn3vdyebcljzdudr4fvzwmicubg6zn25pl32d4vjjswhlxhpfa/PinCode.html	4.5 kB	2024-05-01	2024-05-01
Pretty URL cloudflare-ipfs.com/ipfs/bafybeicevn3vdyebcljzdudr4fvzwmicubg6zn25pl32d4vjjswhlxhpfa/PinCode.html IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-01 23:41:30 Last Seen2024-05-01 23:41:30 Times Seen1 Hash f2be7d85747225aa67fb7150dd2eeade b38252451a3594871cc0642aa36327fa224125ea e6eb86f1fae04886b5f1980c245ab1b3446052ba05f254bea8b07c479c631941 Loading...

HTTP Transactions (5)

URL IP Response Size

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

142.250.74.138

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeicevn3vdyebcljzdudr4fvzwmicubg6zn25pl32d4vjjswhlxhpfa/PinCode.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:38:23 GMT
expires: Fri, 25 Apr 2025 17:38:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 532962
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css

104.18.10.207

200 OK

25 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeicevn3vdyebcljzdudr4fvzwmicubg6zn25pl32d4vjjswhlxhpfa/PinCode.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65326)
Size
25 kB (25033 bytes)
Hash
816af0eddd3b4822c2756227c7e7b7ee
c470239d4c7db36d56dc3a74a080c62218c6edc4
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

HTTP Headers

GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:41:05 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"816af0eddd3b4822c2756227c7e7b7ee"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 07/07/2023 01:23:40
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1055
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 11f873f6646fa46b819bbd06b011b0c8
cdn-cache: HIT
cf-cache-status: HIT
age: 91714
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2ef07bf1c0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cloudflare-ipfs.com/favicon.ico

104.17.64.14

404 Not Found

14 B

URL GET HTTP/3
cloudflare-ipfs.com/favicon.ico
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeicevn3vdyebcljzdudr4fvzwmicubg6zn25pl32d4vjjswhlxhpfa/PinCode.html
Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
FingerprintAF:BC:14:E3:55:D9:D8:F0:3C:8E:26:A0:4E:4A:C8:E6:13:58:A0:59
ValidityWed, 24 Apr 2024 02:22:22 GMT - Tue, 23 Jul 2024 02:22:21 GMT

File type
ASCII text, with no line terminators
Size
14 B (14 bytes)
Hash
d0fbda9855d118740f1105334305c126
bc3023b36063a7681db24681472b54fa11f0d4ec
a469ab4ca4e55bf547566e9ebfa1b809c933207e9d558156bc0c4252b17533fe

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/ipfs/bafybeicevn3vdyebcljzdudr4fvzwmicubg6zn25pl32d4vjjswhlxhpfa/PinCode.html
Cookie: __cf_bm=heV0DguhmV3qhflsEpWIWud1qHboCGkI7JOnkJ.Jpn0-1714599665-1.0.1.1-mPI_Bd7WDyapjyYOObfhyJJG0yC.IA9oIi3OTJUfRxZik.lfn5NgCKbzAo2EGeTiS6uCZM.W.HcyxAF9gK8ouA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Wed, 01 May 2024 21:41:06 GMT
content-type: text/plain;charset=UTF-8
content-length: 14
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d2ef09993256c4-OSL
alt-svc: h3=":443"; ma=86400

cloudflare-ipfs.com/ipfs/bafybeicevn3vdyebcljzdudr4fvzwmicubg6zn25pl32d4vjjswhlxhpfa/PinCode.html

104.17.64.14

200 OK

24 kB

URL User Request GET HTTP/2
cloudflare-ipfs.com/ipfs/bafybeicevn3vdyebcljzdudr4fvzwmicubg6zn25pl32d4vjjswhlxhpfa/PinCode.html
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
FingerprintAF:BC:14:E3:55:D9:D8:F0:3C:8E:26:A0:4E:4A:C8:E6:13:58:A0:59
ValidityWed, 24 Apr 2024 02:22:22 GMT - Tue, 23 Jul 2024 02:22:21 GMT

File type
HTML document, ASCII text, with very long lines (21422), with CRLF line terminators
Size
24 kB (24416 bytes)
Hash
293c058d6fa89fbe1bb889a059c91170
e318b9749ad8d99c3c630a9f1bd926ad5f184f0b
2db2b44dd9d86911ec465dcddbe0b9cd1db845d1d03a80ae04f1dc7214fe4828

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic phishing
urlquery	suspicious	Suspicious - Anti-debugging code
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/bafybeicevn3vdyebcljzdudr4fvzwmicubg6zn25pl32d4vjjswhlxhpfa/PinCode.html HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:41:05 GMT
content-type: text/html
cf-ray: 87d2ef030b02712d-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreibnwk2e3woynei6yrs5zxn6boondw4eluoqhkak4bhr3rzbj7sifa"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/bafybeicevn3vdyebcljzdudr4fvzwmicubg6zn25pl32d4vjjswhlxhpfa/PinCode.html
x-ipfs-roots: bafybeicevn3vdyebcljzdudr4fvzwmicubg6zn25pl32d4vjjswhlxhpfa,bafkreibnwk2e3woynei6yrs5zxn6boondw4eluoqhkak4bhr3rzbj7sifa
set-cookie: __cf_bm=heV0DguhmV3qhflsEpWIWud1qHboCGkI7JOnkJ.Jpn0-1714599665-1.0.1.1-mPI_Bd7WDyapjyYOObfhyJJG0yC.IA9oIi3OTJUfRxZik.lfn5NgCKbzAo2EGeTiS6uCZM.W.HcyxAF9gK8ouA; path=/; expires=Wed, 01-May-24 22:11:05 GMT; domain=.cloudflare-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cloudflare-ipfs.com/ipfs/img/bg-image.jpg

104.17.64.14

400 Bad Request

97 B

URL GET HTTP/3
cloudflare-ipfs.com/ipfs/img/bg-image.jpg
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeicevn3vdyebcljzdudr4fvzwmicubg6zn25pl32d4vjjswhlxhpfa/PinCode.html
Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
FingerprintAF:BC:14:E3:55:D9:D8:F0:3C:8E:26:A0:4E:4A:C8:E6:13:58:A0:59
ValidityWed, 24 Apr 2024 02:22:22 GMT - Tue, 23 Jul 2024 02:22:21 GMT

File type
ASCII text, with no line terminators
Size
97 B (97 bytes)
Hash
878ba271ae4c5dbd6e38839bbbeb5d9f
fdffc173c63276bdd78fe6b9cc280a9917b52f59
9c50df6895f93d7ff3281238234f6361952a2633a2329e7905aede18d12359ec

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/img/bg-image.jpg HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/ipfs/bafybeicevn3vdyebcljzdudr4fvzwmicubg6zn25pl32d4vjjswhlxhpfa/PinCode.html
Cookie: __cf_bm=heV0DguhmV3qhflsEpWIWud1qHboCGkI7JOnkJ.Jpn0-1714599665-1.0.1.1-mPI_Bd7WDyapjyYOObfhyJJG0yC.IA9oIi3OTJUfRxZik.lfn5NgCKbzAo2EGeTiS6uCZM.W.HcyxAF9gK8ouA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 400 Bad Request
date: Wed, 01 May 2024 21:41:06 GMT
content-type: text/plain; charset=utf-8
content-length: 97
cf-ray: 87d2ef08d89956c4-OSL
cf-cache-status: MISS
cache-control: no-store
vary: Accept-Encoding
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (5)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP