Report - dd-poi-ytt-ffg.infura-ipfs.io/ipfs/QmcKyzKroWH9CAmcsDQHaKgvN4Tf8tU2Xr7WxVcUGe97Pp

Report Overview

Submitted URL
dd-poi-ytt-ffg.infura-ipfs.io/ipfs/QmcKyzKroWH9CAmcsDQHaKgvN4Tf8tU2Xr7WxVcUGe97Pp
IP
52.201.118.67
ASN
#14618 AMAZON-AES
Submitted
2023-06-02 12:50:42
Access
public
Website Title
Final URL
Tags
phishing microsoft outlook
urlquery detections
Phishing - Microsoft Outlook

Detections

urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2023-06-02	446 B	31 kB	142.250.74.138
aadcdn.msauth.net	1421	2018-10-25	2018-11-19	2023-06-02	490 B	18 kB	13.107.213.53
dd-poi-ytt-ffg.infura-ipfs.io	unknown	unknown	2023-03-29	2023-04-01	1.0 kB	334 kB	54.227.105.66

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-06-01	medium	dd-poi-ytt-ffg.infura-ipfs.io/ipfs/QmcKyzKroWH9CAmcsDQHaKgvN4Tf8tU2Xr7WxVcUGe97Pp

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	unknown	69 B	2023-05-10	2023-07-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 15:02:23 Last Seen2023-07-25 10:41:46 Times Seen18 Hash 96302c72839da62d28016ca070b402d0 fe01ce155ab40e6ec57d839430153ef1b1225e40 fe049a2a0fd705d0d77a9bf85f1611fa99078a65e9836fccd68286c9b47877a8 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-04-25
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-25 14:28:22 Times Seen383857 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	unknown	8.7 kB	2023-06-02	2023-06-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 14:50:43 Last Seen2023-06-02 14:50:43 Times Seen1 Hash 045e8412cac33ee2f6b5967ca4196d10 086de87fb67bb9832c01c9e41dc8371221a6898e 82b0e5cec745e7a82b5a4635d35f0b31909af5420026c6a90e24f6b01cde55f3 Loading...

	dd-poi-ytt-ffg.infura-ipfs.io/ipfs/QmcKyzKroWH9CAmcsDQHaKgvN4Tf8tU2Xr7WxVcUGe97Pp	333 kB	2023-06-02	2023-06-02
Pretty URL dd-poi-ytt-ffg.infura-ipfs.io/ipfs/QmcKyzKroWH9CAmcsDQHaKgvN4Tf8tU2Xr7WxVcUGe97Pp IP 54.227.105.66 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-02 14:50:43 Last Seen2023-06-02 14:50:43 Times Seen1 Hash 58e481ad137cc7aae9c17e296b078780 95c0c67be38f59d0ad2f70702f75bda94d61f346 50442153d8d8d3882648ee57a99f90b4fbd6dc77bd6dc61b28c33a3e7394c922 Loading...

		Size	First Seen	Last Seen
	#1 Write - a06354160885d7cea9d54d3958023972	241 kB	2023-06-02	2023-06-02
Pretty Observations First Seen2023-06-02 14:50:43 Last Seen2023-06-02 14:50:43 Times Seen1 Hash a06354160885d7cea9d54d3958023972 fee05a5d813cb5f7f95e4838b78073650e668b8b 179ce862ed8bd76088d4dfb5eef8c5e921106ade9297646894888c6ee9e2af5f Loading...

HTTP Transactions (4)

URL IP Response Size

dd-poi-ytt-ffg.infura-ipfs.io/ipfs/QmcKyzKroWH9CAmcsDQHaKgvN4Tf8tU2Xr7WxVcUGe97Pp

54.227.105.66

200 OK

333 kB

URL User Request GET HTTP/1.1
dd-poi-ytt-ffg.infura-ipfs.io/ipfs/QmcKyzKroWH9CAmcsDQHaKgvN4Tf8tU2Xr7WxVcUGe97Pp
IP
54.227.105.66:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subjectinfura-ipfs.io
FingerprintD0:68:53:33:97:00:F6:38:D0:04:D5:D3:84:A0:AD:39:E4:B6:83:B2
ValidityTue, 14 Feb 2023 00:00:00 GMT - Fri, 15 Mar 2024 23:59:59 GMT

File type
HTML document text\012- exported SGML document, ASCII text, with very long lines (65472), with CRLF line terminators
Size
333 kB (332965 bytes)
Hash
28cbd70fb65561940bbd21c121a1f5ee
7f8f08c0cfbb0e1eff435882dc0f96f242d84988
4c6223fa50ca67083cfb690d0177bc7d3e56af1f8bfcdf063d1d859074a16f68

Detections

Analyzer	Verdict	Alert
openphish	Office365

HTTP Headers

GET /ipfs/QmcKyzKroWH9CAmcsDQHaKgvN4Tf8tU2Xr7WxVcUGe97Pp HTTP/1.1
Host: dd-poi-ytt-ffg.infura-ipfs.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, Range, User-Agent, X-Requested-With
Access-Control-Expose-Headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
Cache-Control: public, max-age=29030400, immutable
Content-Length: 332965
Content-Type: text/html
Date: Fri, 02 Jun 2023 12:50:25 GMT
Etag: "QmcKyzKroWH9CAmcsDQHaKgvN4Tf8tU2Xr7WxVcUGe97Pp"
Vary: Origin
X-Ipfs-Path: /ipfs/QmcKyzKroWH9CAmcsDQHaKgvN4Tf8tU2Xr7WxVcUGe97Pp
X-Ipfs-Roots: QmcKyzKroWH9CAmcsDQHaKgvN4Tf8tU2Xr7WxVcUGe97Pp
X-Robots-Tag: noindex

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

142.250.74.138

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://dd-poi-ytt-ffg.infura-ipfs.io/ipfs/QmcKyzKroWH9CAmcsDQHaKgvN4Tf8tU2Xr7WxVcUGe97Pp
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd-poi-ytt-ffg.infura-ipfs.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 12:31:43 GMT
expires: Fri, 31 May 2024 12:31:43 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 87523
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico

13.107.213.53

200 OK

17 kB

URL GET HTTP/2
aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd-poi-ytt-ffg.infura-ipfs.io/ipfs/QmcKyzKroWH9CAmcsDQHaKgvN4Tf8tU2Xr7WxVcUGe97Pp
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint53:74:89:61:D2:A4:7B:B7:BC:6E:DA:17:D3:7E:5A:A1:F0:77:AD:84
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sun, 28 Apr 2024 23:59:59 GMT

File type
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Size
17 kB (17174 bytes)
Hash
12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

HTTP Headers

GET /ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd-poi-ytt-ffg.infura-ipfs.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
content-length: 17174
content-type: image/x-icon
content-md5: EuPayFgGHQiAI7K9SOL6lg==
last-modified: Fri, 02 Nov 2018 20:25:25 GMT
etag: 0x8D6410152A9D7E1
x-cache: TCP_HIT
x-ms-request-id: a348ec91-201e-0045-4eb9-926368000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0VY11ZAAAAAD260XmDH7qSavBG67IoD9LQU1TMDRFREdFMTkwOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0kuV5ZAAAAACmYHDTvzH/TKUHJFm6xXwRU1ZHMjBFREdFMDUxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Fri, 02 Jun 2023 12:50:25 GMT
X-Firefox-Spdy: h2

dd-poi-ytt-ffg.infura-ipfs.io/favicon.ico

54.227.105.66

400 Bad Request

12 B

URL GET HTTP/1.1
dd-poi-ytt-ffg.infura-ipfs.io/favicon.ico
IP
54.227.105.66:443
ASN
#14618 AMAZON-AES

Requested by
https://dd-poi-ytt-ffg.infura-ipfs.io/ipfs/QmcKyzKroWH9CAmcsDQHaKgvN4Tf8tU2Xr7WxVcUGe97Pp
Certificate
IssuerAmazon
Subjectinfura-ipfs.io
FingerprintD0:68:53:33:97:00:F6:38:D0:04:D5:D3:84:A0:AD:39:E4:B6:83:B2
ValidityTue, 14 Feb 2023 00:00:00 GMT - Fri, 15 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
12 B (12 bytes)
Hash
3975e60f0c61e93a6d0a9f1def435eac
5c1a4a02f3681ad95fbfcef9ee56f62b37b9ab36
0cd6aed5d21ae37310b3c4e0facf48009005018bf4402fbcda1cb66d69b03346

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: dd-poi-ytt-ffg.infura-ipfs.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd-poi-ytt-ffg.infura-ipfs.io/ipfs/QmcKyzKroWH9CAmcsDQHaKgvN4Tf8tU2Xr7WxVcUGe97Pp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 400 Bad Request
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Date: Fri, 02 Jun 2023 12:50:26 GMT
Content-Length: 12

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (4)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP