Report - link.edgepilot.com/s/942bba13/AHgTsoWkJUeafffzDB_luQ?u=https://www.macbryte.com/D/ZGtpbmNoZXJsb3dAY3Jvc3NyaXZlci5jb20=

Report Overview

Submitted URL
link.edgepilot.com/s/942bba13/AHgTsoWkJUeafffzDB_luQ?u=https://www.macbryte.com/D/ZGtpbmNoZXJsb3dAY3Jvc3NyaXZlci5jb20=
IP
199.30.234.133
ASN
#13380 ASN-CUST
Submitted
2024-05-02 15:29:58
Access
public
Website Title
Outlook Web App
Final URL
cloudflare-ipfs.com/ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html#dkincherlow@crossriver.com
Tags
microsoft phishing outlook
urlquery detections
Phishing - Microsoft
Phishing - Generic phishing
Phishing - Microsoft Outlook

Detections

urlquery
13
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
code.jquery.com	634	2005-12-10	2012-05-21	2024-05-02	445 B	31 kB	151.101.66.137
www.macbryte.com	unknown	unknown	No data	No data	547 B	380 B	162.246.56.107
cloudflare-ipfs.com	75147	2018-05-30	2021-01-20	2024-03-15	2.7 kB	492 kB	104.17.64.14
wafsd.com	unknown	2023-09-07	2023-11-29	2024-04-17	1.3 kB	0 B	0.0.0.0
ocsp.entrust.net	1208	1997-07-28	2014-01-10	2024-05-01	328 B	2.0 kB	23.38.202.187
link.edgepilot.com	52195	2009-01-22	2020-08-20	2024-03-20	2.3 kB	5.5 kB	199.30.234.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

Scan Date	Severity	Indicator	Alert
2023-05-02	medium	cloudflare-ipfs.com/owa/auth/15.0.1497/themes/resources/segoeui-regular.ttf	Other
2023-05-02	medium	cloudflare-ipfs.com/owa/auth/15.0.1497/themes/resources/segoeui-semilight.ttf	Other
2023-05-02	medium	cloudflare-ipfs.com/ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html	Other
2023-05-02	medium	cloudflare-ipfs.com/ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	unknown	1.7 kB	2024-01-19	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-19 15:54:51 Last Seen2024-05-02 19:18:53 Times Seen15 Hash ae0b69a20642340e8ed2e60e4b900b9c f78d8c41c23285594b86540167cf2ae2b568954d 976adf5b493e997df460c3718d02f74e92afe0e82fe5cd9f106041aea09d8975 Loading...

	unknown	144 B	2024-01-19	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-19 15:54:51 Last Seen2024-05-02 19:18:53 Times Seen15 Hash b86c20af41168e6b2499bd3c1e122815 ec425411da56479948db1c69e068e31f5f4c833f 33540a1ee0e497f0cf635e6ca4c1c7e49df15396a1f1b3181acaa3765f680508 Loading...

	unknown	10 kB	2024-01-19	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-19 15:54:51 Last Seen2024-05-02 19:18:53 Times Seen15 Hash 6a0534354def4ad8da43f21c87f9b467 be6c84d7dd3f30b397906a297a4fe8ba0d736aaa b37d8e6ac49794bd75757434de38934eb31e64a21c594bf24261cfa39e8963b6 Loading...

	unknown	1.8 kB	2024-01-19	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-19 15:54:51 Last Seen2024-05-02 19:18:53 Times Seen15 Hash 7cb5bad3ea88ffc675606a076f1f1161 f349cbcf63836a55435bf4fc853912b2dc6d4cb6 98aeff545d29fb93be0c5274ba8443dfae892564d2bcd0b83b792da33d3a5b75 Loading...

	cloudflare-ipfs.com/ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html#dkincherlow@crossriver.com	404 kB	2024-05-02	2024-05-02
Pretty URL cloudflare-ipfs.com/ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html#dkincherlow@crossriver.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 17:21:15 Last Seen2024-05-02 19:18:53 Times Seen13 Hash 25985bd5b4fe15d11211a0531ce31e98 b513f719591ac828610bde82f30f61e2579056de 4f6d3ee0d21ede849431249cc349ddfe11757200609d2ce4bb1782f81a6e3d95 Loading...

	unknown	31 B	2024-01-19	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-19 15:54:51 Last Seen2024-05-02 19:18:53 Times Seen15 Hash 52ba7c53b3c5e52f398f0791cdfc3511 d187447120b2bab0ab044d2f7108ed522b88faf9 a2b38019e4d84386273c2153e17401713a00b444da7b2fc023c2562d6a21d14e Loading...

	unknown	179 B	2024-01-19	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-19 15:54:51 Last Seen2024-05-02 19:18:53 Times Seen15 Hash b10d5f358d8599d84e3de0574747804e 8afab108e0ece90968549ff805d1a4048db211c3 c51b81148d87a9477bffd19158fabed6043ff792da3311cd5776cdf3056cd6cc Loading...

	unknown	4.6 kB	2024-05-02	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 17:21:15 Last Seen2024-05-02 19:18:53 Times Seen13 Hash 5e0bba65bf9d8d0f74d15b928be6053e a22baf7598a76bfd8d329d9754f884e5ad4d5f68 5ebf1784ed77767a91e728675def846d35772ce61735193aabcbc56566acfff2 Loading...

		Size	First Seen	Last Seen
	#1 Write - dba31ca148b3bea4b59959ef156d21c8	54 kB	2024-05-02	2024-05-02
Pretty Observations First Seen2024-05-02 17:21:15 Last Seen2024-05-02 19:18:53 Times Seen12 Hash dba31ca148b3bea4b59959ef156d21c8 1e6691e136888391d7db2dbce91cfe04f852ceb7 72a805a80eb614198190911f04638b92634e8d036607db03e5ae0d20cd7145e7 Loading...

HTTP Transactions (14)

URL IP Response Size

ocsp.entrust.net/

23.38.202.187

1.6 kB

URL
ocsp.entrust.net/
IP
23.38.202.187:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
f7feef69dddec28e06bcb00246aebd61
b310674d38598d3b15158a33e000662998a1a400
8b09304bbfd3507ee97a9fc6f4724e922e65c4ce352d91c88a1376c954731e5a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "8B09304BBFD3507EE97A9FC6F4724E922E65C4CE352D91C88A1376C954731E5A"
Last-Modified: Thu, 02 May 2024 03:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3568
Expires: Thu, 02 May 2024 16:29:01 GMT
Date: Thu, 02 May 2024 15:29:33 GMT
Connection: keep-alive

link.edgepilot.com/s/942bba13/AHgTsoWkJUeafffzDB_luQ?u=https://www.macbryte.com/D/ZGtpbmNoZXJsb3dAY3Jvc3NyaXZlci5jb20=

199.30.234.133

2.5 kB

URL
link.edgepilot.com/s/942bba13/AHgTsoWkJUeafffzDB_luQ?u=https://www.macbryte.com/D/ZGtpbmNoZXJsb3dAY3Jvc3NyaXZlci5jb20=
IP
199.30.234.133:0
ASN
#13380 ASN-CUST

File type
HTML document, ASCII text
Size
2.5 kB (2509 bytes)
Hash
01db4da27a645a9f4575ec141a7207a9
c44708dc91a05700173d13d8d6da357f71e40ce5
384b8aa18ebc31b8cce110fa8f850c4fe0f887440f08d0ec3cdce70666b27b72

HTTP Headers

GET /s/942bba13/AHgTsoWkJUeafffzDB_luQ?u=https://www.macbryte.com/D/ZGtpbmNoZXJsb3dAY3Jvc3NyaXZlci5jb20= HTTP/1.1
Host: link.edgepilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 May 2024 15:29:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2509
Connection: keep-alive
Cache-Control: no-cache

code.jquery.com/jquery-3.2.1.min.js

151.101.66.137

30 kB

URL
code.jquery.com/jquery-3.2.1.min.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
30 kB (30125 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link.edgepilot.com
DNT: 1
Connection: keep-alive
Referer: https://link.edgepilot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15283"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 02 May 2024 15:29:33 GMT
age: 9212340
x-served-by: cache-lga21971-LGA, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 29, 595073
x-timer: S1714663774.812104,VS0,VE0
vary: Accept-Encoding
content-length: 30125
X-Firefox-Spdy: h2

link.edgepilot.com/css/app.css?v=1

199.30.234.133

819 B

URL
link.edgepilot.com/css/app.css?v=1
IP
199.30.234.133:0
ASN
#13380 ASN-CUST

File type
ASCII text
Size
819 B (819 bytes)
Hash
959f46f67438369c413f903156848bd0
0daf348389da6ce4dcc2cbe71e0589c26f6bbdab
8c52987fbc48500c2a81bd52f81d44324e31e7ecadbebd111a02f912be232cfd

HTTP Headers

GET /css/app.css?v=1 HTTP/1.1
Host: link.edgepilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.edgepilot.com/s/942bba13/AHgTsoWkJUeafffzDB_luQ?u=https://www.macbryte.com/D/ZGtpbmNoZXJsb3dAY3Jvc3NyaXZlci5jb20=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 May 2024 15:29:33 GMT
Content-Type: text/css
Content-Length: 819
Last-Modified: Wed, 01 Mar 2023 20:35:57 GMT
Connection: keep-alive
ETag: "63ffb72d-333"
Cache-Control: max-age
Accept-Ranges: bytes

link.edgepilot.com/favicon.ico

199.30.234.133

1.3 kB

URL
link.edgepilot.com/favicon.ico
IP
199.30.234.133:0
ASN
#13380 ASN-CUST

File type
HTML document, ASCII text
Size
1.3 kB (1310 bytes)
Hash
5fd6c81e2d45bd71ef47570f15eb622a
474672baf3bf959b770a21ed2ad0fd6c3eac424c
c0f777284d7d75a641591d10d3cd99457f19f816fb3c6e2e6ab295f3eda52e99

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: link.edgepilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://link.edgepilot.com/s/942bba13/AHgTsoWkJUeafffzDB_luQ?u=https://www.macbryte.com/D/ZGtpbmNoZXJsb3dAY3Jvc3NyaXZlci5jb20=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 May 2024 15:29:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1310
Connection: keep-alive
Cache-Control: no-cache

link.edgepilot.com/filter

199.30.234.133

0 B

URL
link.edgepilot.com/filter
IP
199.30.234.133:0
ASN
#13380 ASN-CUST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /filter HTTP/1.1
Host: link.edgepilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 264
Origin: https://link.edgepilot.com
DNT: 1
Connection: keep-alive
Referer: https://link.edgepilot.com/s/942bba13/AHgTsoWkJUeafffzDB_luQ?u=https://www.macbryte.com/D/ZGtpbmNoZXJsb3dAY3Jvc3NyaXZlci5jb20=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Thu, 02 May 2024 15:29:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.macbryte.com/D/ZGtpbmNoZXJsb3dAY3Jvc3NyaXZlci5jb20=
Cache-Control: no-cache

www.macbryte.com/D/ZGtpbmNoZXJsb3dAY3Jvc3NyaXZlci5jb20=

162.246.56.107

186 B

URL
www.macbryte.com/D/ZGtpbmNoZXJsb3dAY3Jvc3NyaXZlci5jb20=
IP
162.246.56.107:0
ASN
#63410 PRIVATESYSTEMS

File type
HTML document, ASCII text
Size
186 B (186 bytes)
Hash
6c103ebd04d745fbd69356fc6ca077eb
bba6f2885f3d0c8d0c691077478f7296f7193c5b
480354b3f212c02cb4c8c55a93899c5da6a258b990ae5394644f12b95cf2c259

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /D/ZGtpbmNoZXJsb3dAY3Jvc3NyaXZlci5jb20= HTTP/1.1
Host: www.macbryte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link.edgepilot.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 15:29:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

cloudflare-ipfs.com/owa/auth/15.0.1497/themes/resources/segoeui-regular.ttf

104.17.64.14

404 Not Found

14 B

URL GET HTTP/3
cloudflare-ipfs.com/owa/auth/15.0.1497/themes/resources/segoeui-regular.ttf
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloudflare-ipfs.com/ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html#dkincherlow@crossriver.com
Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
FingerprintAF:BC:14:E3:55:D9:D8:F0:3C:8E:26:A0:4E:4A:C8:E6:13:58:A0:59
ValidityWed, 24 Apr 2024 02:22:22 GMT - Tue, 23 Jul 2024 02:22:21 GMT

File type
ASCII text, with no line terminators
Size
14 B (14 bytes)
Hash
d0fbda9855d118740f1105334305c126
bc3023b36063a7681db24681472b54fa11f0d4ec
a469ab4ca4e55bf547566e9ebfa1b809c933207e9d558156bc0c4252b17533fe

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Microsoft Outlook
PhishTank	phishing	Other

HTTP Headers

GET /owa/auth/15.0.1497/themes/resources/segoeui-regular.ttf HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html
Cookie: __cf_bm=itltCxd7T_I_ghVDvAtNNMJiiOLtyrTON2rO6tb5aO0-1714663775-1.0.1.1-QVgsQ2GKeCSqNPrTBMfdjZ5JLC4oGJV502NlzP3li1Mpc9lZHKyOMsz_dQXFG9zUtYXC4myUVf78GS1pFWad0A
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Thu, 02 May 2024 15:29:35 GMT
content-type: text/plain;charset=UTF-8
content-length: 14
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d90c37687c569f-OSL
alt-svc: h3=":443"; ma=86400

cloudflare-ipfs.com/owa/auth/15.0.1497/themes/resources/segoeui-semilight.ttf

104.17.64.14

404 Not Found

14 B

URL GET HTTP/3
cloudflare-ipfs.com/owa/auth/15.0.1497/themes/resources/segoeui-semilight.ttf
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloudflare-ipfs.com/ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html#dkincherlow@crossriver.com
Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
FingerprintAF:BC:14:E3:55:D9:D8:F0:3C:8E:26:A0:4E:4A:C8:E6:13:58:A0:59
ValidityWed, 24 Apr 2024 02:22:22 GMT - Tue, 23 Jul 2024 02:22:21 GMT

File type
ASCII text, with no line terminators
Size
14 B (14 bytes)
Hash
d0fbda9855d118740f1105334305c126
bc3023b36063a7681db24681472b54fa11f0d4ec
a469ab4ca4e55bf547566e9ebfa1b809c933207e9d558156bc0c4252b17533fe

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Microsoft Outlook
PhishTank	phishing	Other

HTTP Headers

GET /owa/auth/15.0.1497/themes/resources/segoeui-semilight.ttf HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html
Cookie: __cf_bm=itltCxd7T_I_ghVDvAtNNMJiiOLtyrTON2rO6tb5aO0-1714663775-1.0.1.1-QVgsQ2GKeCSqNPrTBMfdjZ5JLC4oGJV502NlzP3li1Mpc9lZHKyOMsz_dQXFG9zUtYXC4myUVf78GS1pFWad0A
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Thu, 02 May 2024 15:29:35 GMT
content-type: text/plain;charset=UTF-8
content-length: 14
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d90c37788a569f-OSL
alt-svc: h3=":443"; ma=86400

cloudflare-ipfs.com/ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html

104.17.64.14

85 kB

URL
cloudflare-ipfs.com/ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
FingerprintAF:BC:14:E3:55:D9:D8:F0:3C:8E:26:A0:4E:4A:C8:E6:13:58:A0:59
ValidityWed, 24 Apr 2024 02:22:22 GMT - Tue, 23 Jul 2024 02:22:21 GMT

File type
HTML document, ASCII text, with very long lines (65498), with CRLF line terminators
Size
85 kB (84820 bytes)
Hash
e2ccb851b4e7917e8c702da3b7cfe43c
750ffd3022936057132df12a7200e78061aa08ce
dbdef861f487137d7b7f9bc04f5c46f4b7c05e068b95e1b2e404ac2dc4e2b84b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Microsoft Outlook
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macbryte.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 15:29:35 GMT
content-type: text/html
cf-ray: 87d90c35ebd156bf-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 528
cache-control: public, max-age=29030400, immutable
etag: W/"QmX2kQ7aQZvqSbwpe6LPjPZiB1Kt9BgjBr3cP7jf1cMa4o"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: hit
x-ipfs-path: /ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html
x-ipfs-roots: QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn,QmX2kQ7aQZvqSbwpe6LPjPZiB1Kt9BgjBr3cP7jf1cMa4o
set-cookie: __cf_bm=itltCxd7T_I_ghVDvAtNNMJiiOLtyrTON2rO6tb5aO0-1714663775-1.0.1.1-QVgsQ2GKeCSqNPrTBMfdjZ5JLC4oGJV502NlzP3li1Mpc9lZHKyOMsz_dQXFG9zUtYXC4myUVf78GS1pFWad0A; path=/; expires=Thu, 02-May-24 15:59:35 GMT; domain=.cloudflare-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

wafsd.com/new/arsm/media/download-logo.png

0.0.0.0

0 B

URL GET
wafsd.com/new/arsm/media/download-logo.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://cloudflare-ipfs.com/ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html#dkincherlow@crossriver.com

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /new/arsm/media/download-logo.png HTTP/1.1
Host: wafsd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cloudflare-ipfs.com/ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html

104.17.64.14

200 OK

404 kB

URL User Request GET HTTP/2
cloudflare-ipfs.com/ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
FingerprintAF:BC:14:E3:55:D9:D8:F0:3C:8E:26:A0:4E:4A:C8:E6:13:58:A0:59
ValidityWed, 24 Apr 2024 02:22:22 GMT - Tue, 23 Jul 2024 02:22:21 GMT

File type
HTML document, ASCII text, with very long lines (65498), with CRLF line terminators
Size
404 kB (404270 bytes)
Hash
e2ccb851b4e7917e8c702da3b7cfe43c
750ffd3022936057132df12a7200e78061aa08ce
dbdef861f487137d7b7f9bc04f5c46f4b7c05e068b95e1b2e404ac2dc4e2b84b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Microsoft Outlook
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.macbryte.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 15:29:35 GMT
content-type: text/html
cf-ray: 87d90c35ebd156bf-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 528
cache-control: public, max-age=29030400, immutable
etag: W/"QmX2kQ7aQZvqSbwpe6LPjPZiB1Kt9BgjBr3cP7jf1cMa4o"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: hit
x-ipfs-path: /ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html
x-ipfs-roots: QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn,QmX2kQ7aQZvqSbwpe6LPjPZiB1Kt9BgjBr3cP7jf1cMa4o
set-cookie: __cf_bm=itltCxd7T_I_ghVDvAtNNMJiiOLtyrTON2rO6tb5aO0-1714663775-1.0.1.1-QVgsQ2GKeCSqNPrTBMfdjZ5JLC4oGJV502NlzP3li1Mpc9lZHKyOMsz_dQXFG9zUtYXC4myUVf78GS1pFWad0A; path=/; expires=Thu, 02-May-24 15:59:35 GMT; domain=.cloudflare-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

wafsd.com/new/arsm/media/download.gif

0.0.0.0

0 B

URL GET
wafsd.com/new/arsm/media/download.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://cloudflare-ipfs.com/ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html#dkincherlow@crossriver.com

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /new/arsm/media/download.gif HTTP/1.1
Host: wafsd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

wafsd.com/new/arsm/media/favicon.ico

0.0.0.0

0 B

URL GET
wafsd.com/new/arsm/media/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://cloudflare-ipfs.com/ipfs/QmXLaDpQu5XUznCU1BJNT1FFw17ZnxfJ6L5eiCwKfZbCWn/AppIndex.html#dkincherlow@crossriver.com

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /new/arsm/media/favicon.ico HTTP/1.1
Host: wafsd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (14)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP