Report - ipfs.eth.aragon.network/ipfs/bafkreihpzc66rbtmsrr6difkqjw32ybmuweibckvmxrrayqjztk4534wri

Report Overview

Submitted URL
ipfs.eth.aragon.network/ipfs/bafkreihpzc66rbtmsrr6difkqjw32ybmuweibckvmxrrayqjztk4534wri
IP
146.190.204.125
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2024-04-18 07:35:22
Access
public
Website Title
ipfs.eth.aragon.network/ipfs/bafkreihpzc66rbtmsrr6difkqjw32ybmuweibckvmxrrayqjztk4534wri
Final URL
ipfs.eth.aragon.network/ipfs/bafkreihpzc66rbtmsrr6difkqjw32ybmuweibckvmxrrayqjztk4534wri
Tags
suspicious
urlquery detections
Suspicious - Anti-debugging code

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ipfs.eth.aragon.network	unknown	2017-03-29	2021-08-11	2024-04-17	1.1 kB	42 kB	146.190.204.125
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-17	904 B	30 kB	104.17.25.14
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-18	413 B	80 kB	151.101.2.137
lh3.googleusercontent.com	66	2008-11-17	2012-05-22	2024-04-18	1.2 kB	198 kB	142.250.74.161

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-25	medium	ipfs.eth.aragon.network/ipfs/bafkreihpzc66rbtmsrr6difkqjw32ybmuweibckvmxrrayqjztk4534wri	Generic/Spear Phishing

PhishTank

Scan Date	Severity	Indicator	Alert
2023-09-21	medium	ipfs.eth.aragon.network/ipfs/bafkreihpzc66rbtmsrr6difkqjw32ybmuweibckvmxrrayqjztk4534wri	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	48 kB	2023-03-07	2024-04-29
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2024-04-29 02:05:14 Times Seen45989 Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Loading...

	ipfs.eth.aragon.network/ipfs/bafkreihpzc66rbtmsrr6difkqjw32ybmuweibckvmxrrayqjztk4534wri	40 kB	2024-04-18	2024-04-18
Pretty URL ipfs.eth.aragon.network/ipfs/bafkreihpzc66rbtmsrr6difkqjw32ybmuweibckvmxrrayqjztk4534wri IP 146.190.204.125 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 09:35:22 Last Seen2024-04-18 09:35:22 Times Seen1 Hash 71a4e0a171837db9230690b1335e0f94 89d2f276df31fe16afaf845d2ecd14135ad69aff dd1d55e4aab3d03d5a6aa03b120c0c5d4d592497090ff0a0ceee076df768c4bd Loading...

	unknown	30 kB	2024-04-18	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 09:35:22 Last Seen2024-04-18 09:35:22 Times Seen1 Hash 5c15cd71ef4f986b14e46916c2f41851 ad504663b1ae648e685c8f9f2997577ab6a594c4 908d61c9ee9a6e6a3fbba91b20d29f2772a480d4a85dd2eaa109985f05b4b4c5 Loading...

		Size	First Seen	Last Seen
	#1 Write - 774c6ec27930b8381e5cc4001e3f759a	30 kB	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 09:35:22 Last Seen2024-04-18 09:35:22 Times Seen1 Hash 774c6ec27930b8381e5cc4001e3f759a b4f2e6b4d1d367bf332069c2253e7ae5944f2c5e 370cc97dd3bfe89b060c3694f06252632a7714176b7bb0dcd2827028984997ac Loading...

HTTP Transactions (7)

URL IP Response Size

ipfs.eth.aragon.network/ipfs/bafkreihpzc66rbtmsrr6difkqjw32ybmuweibckvmxrrayqjztk4534wri

146.190.204.125

41 kB

URL
ipfs.eth.aragon.network/ipfs/bafkreihpzc66rbtmsrr6difkqjw32ybmuweibckvmxrrayqjztk4534wri
IP
146.190.204.125:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document, ASCII text, with very long lines (40470)
Size
41 kB (40566 bytes)
Hash
8b1cf59109dc9f6660716480ea3e557f
94fcf825904429a0d72bd971074fca2ba813b6b2
efc8bde8866c9463e1a0aa826dbd602ca58880895565e3106209ccd5ceef968a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/bafkreihpzc66rbtmsrr6difkqjw32ybmuweibckvmxrrayqjztk4534wri HTTP/1.1
Host: ipfs.eth.aragon.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-type: text/html
date: Thu, 18 Apr 2024 07:34:56 GMT
etag: "bafkreihpzc66rbtmsrr6difkqjw32ybmuweibckvmxrrayqjztk4534wri"
server: nginx/1.21.6
x-ipfs-path: /ipfs/bafkreihpzc66rbtmsrr6difkqjw32ybmuweibckvmxrrayqjztk4534wri
x-ipfs-roots: bafkreihpzc66rbtmsrr6difkqjw32ybmuweibckvmxrrayqjztk4534wri
content-length: 40566
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

104.17.25.14

14 kB

URL
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (48316), with no line terminators
Size
14 kB (13972 bytes)
Hash
2ca03ad87885ab983541092b87adb299
1a17f60bf776a8c468a185c1e8e985c41a50dc27
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

HTTP Headers

GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipfs.eth.aragon.network/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:34:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4277411
expires: Tue, 08 Apr 2025 07:34:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lEquTDfyxvnBNqyeBK2qk0fdf%2FS9EcMyLjSlmO%2BSpcd1TDUIUJfKK0nLNXvK1jaoa%2BfMTK73VsEIvS0Yo9zhO84uvRdaW9ktV05RdUl7e0w9vhkgNdxCz9bHbCPniGuWEAiwK3mh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8762f9ad5f8d0b06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

104.17.25.14

14 kB

URL
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (48316), with no line terminators
Size
14 kB (13972 bytes)
Hash
2ca03ad87885ab983541092b87adb299
1a17f60bf776a8c468a185c1e8e985c41a50dc27
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

HTTP Headers

GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipfs.eth.aragon.network/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 07:34:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4277411
expires: Tue, 08 Apr 2025 07:34:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DRr2zvQyCXk4IqcaVI10LbHkchXxPAFNJj9ouJ4BPisp81lHRlMLlbwo8gUz0gzisILD8v7oRIA8TthKDzJTZ3MIrgso7F%2FrSyakkuj28%2FK1Vn%2BYrZCFcsqIO8WvTwoYr8dPLPjG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8762f9ae0d2656cb-OSL
alt-svc: h3=":443"; ma=86400

ipfs.eth.aragon.network/favicon.ico

146.190.204.125

56 B

URL
ipfs.eth.aragon.network/favicon.ico
IP
146.190.204.125:0
ASN
#14061 DIGITALOCEAN-ASN

File type
JSON text data
Size
56 B (56 bytes)
Hash
3b7c5e3728443813786e9258343133f1
b58eefda055182f347c2f329151c992380045fe5
1ef0e1c669d3283ee8e426f1a5936d5bae24ce26cf0207f8c4b1ae324718006f

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ipfs.eth.aragon.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipfs.eth.aragon.network/ipfs/bafkreihpzc66rbtmsrr6difkqjw32ybmuweibckvmxrrayqjztk4534wri
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 401 Unauthorized
access-control-allow-origin: *
content-type: application/json
date: Thu, 18 Apr 2024 07:34:56 GMT
www-authenticate: Bearer realm="Restricted IPFS Cluster API"
Basic realm="Restricted IPFS Cluster API"
content-length: 56
X-Firefox-Spdy: h2

code.jquery.com/jquery-1.9.1.js

151.101.2.137

80 kB

URL
code.jquery.com/jquery-1.9.1.js
IP
151.101.2.137:0
ASN
#54113 FASTLY

File type
JavaScript source, ASCII text
Size
80 kB (79506 bytes)
Hash
08c235d357750c657ac1db7d1cf656a9
9257afd2d46c3a189ec0d40a45722701d47e9ca5
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40

HTTP Headers

GET /jquery-1.9.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipfs.eth.aragon.network/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-4185d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 07:34:57 GMT
age: 8001558
x-served-by: cache-lga21952-LGA, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 31, 6822
x-timer: S1713425697.048451,VS0,VE0
vary: Accept-Encoding
content-length: 79506
X-Firefox-Spdy: h2

lh3.googleusercontent.com/pw/AMWts8CjWLE-4lSHnzZVyyi38RiG_iHUev92wvk3GXVlZur4_v68tJc5TxPcsfc6Vo4P2_Sa5_Dg4wBjO9x0q0xYFQKyjpg1zURhvOLxyPhDhPJg_Z8XDFduSWtavIhhZp_z9dX4zrOp2jk9GCWUmL_6qus=s128-no

142.250.74.161

200 OK

330 B

URL GET HTTP/2
lh3.googleusercontent.com/pw/AMWts8CjWLE-4lSHnzZVyyi38RiG_iHUev92wvk3GXVlZur4_v68tJc5TxPcsfc6Vo4P2_Sa5_Dg4wBjO9x0q0xYFQKyjpg1zURhvOLxyPhDhPJg_Z8XDFduSWtavIhhZp_z9dX4zrOp2jk9GCWUmL_6qus=s128-no
IP
142.250.74.161:443
ASN
#15169 GOOGLE

Requested by
https://ipfs.eth.aragon.network/ipfs/bafkreihpzc66rbtmsrr6difkqjw32ybmuweibckvmxrrayqjztk4534wri
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F
ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT

File type
PNG image data, 128 x 128, 8-bit colormap, non-interlaced
Size
330 B (330 bytes)
Hash
79cf1efdbfaf6aff7e32ad13bfa4bbed
0e07b7f718f59b81246dcd059d9da90acbe2da60
fea8fbaec75213e1af8005edfcdc94e7b5d7dca6ddb4e262d66e4756bda96d54

HTTP Headers

GET /pw/AMWts8CjWLE-4lSHnzZVyyi38RiG_iHUev92wvk3GXVlZur4_v68tJc5TxPcsfc6Vo4P2_Sa5_Dg4wBjO9x0q0xYFQKyjpg1zURhvOLxyPhDhPJg_Z8XDFduSWtavIhhZp_z9dX4zrOp2jk9GCWUmL_6qus=s128-no HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipfs.eth.aragon.network/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
cross-origin-resource-policy: cross-origin
vary: Origin
access-control-expose-headers: Content-Length
etag: "v30"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="logo-off-1.png"
x-content-type-options: nosniff
date: Thu, 18 Apr 2024 07:34:57 GMT
server: fife
content-length: 330
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

lh3.googleusercontent.com/pw/AJFCJaXhZo6cUCNh1ssNQzSV3jc1ppd5Vt2HN5GjHL82rJR25OrOigrMWVvBpwQN6BD4T_qHdwh2spOZ9bKA-BqcHsttYMUy5sxc-E99nKe9pgDJsCX0icydpRhjm97W_S4_6cism2sTCOp-Oxa807yjCEw=w1580-h720-s-no?authuser=0

142.250.74.161

200 OK

197 kB

URL GET HTTP/2
lh3.googleusercontent.com/pw/AJFCJaXhZo6cUCNh1ssNQzSV3jc1ppd5Vt2HN5GjHL82rJR25OrOigrMWVvBpwQN6BD4T_qHdwh2spOZ9bKA-BqcHsttYMUy5sxc-E99nKe9pgDJsCX0icydpRhjm97W_S4_6cism2sTCOp-Oxa807yjCEw=w1580-h720-s-no?authuser=0
IP
142.250.74.161:443
ASN
#15169 GOOGLE

Requested by
https://ipfs.eth.aragon.network/ipfs/bafkreihpzc66rbtmsrr6difkqjw32ybmuweibckvmxrrayqjztk4534wri
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F
ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT

File type
GIF image data, version 89a, 1580 x 720
Size
197 kB (197044 bytes)
Hash
5a82b5eee228b42593eb49c3a2d830ea
a958abaf7781997bfee5cf4a8bca6d3013dbb95a
c51ecfdbb39612d629bbbfa57896c63dc52971d7bcf78f1795944be16274a8eb

HTTP Headers

GET /pw/AJFCJaXhZo6cUCNh1ssNQzSV3jc1ppd5Vt2HN5GjHL82rJR25OrOigrMWVvBpwQN6BD4T_qHdwh2spOZ9bKA-BqcHsttYMUy5sxc-E99nKe9pgDJsCX0icydpRhjm97W_S4_6cism2sTCOp-Oxa807yjCEw=w1580-h720-s-no?authuser=0 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipfs.eth.aragon.network/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
cross-origin-resource-policy: cross-origin
vary: Origin
access-control-expose-headers: Content-Length
etag: "v51"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Flashback - Jul 5, 2023 00_04_12.gif"
x-content-type-options: nosniff
date: Thu, 18 Apr 2024 07:34:57 GMT
server: fife
content-length: 197044
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (7)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type