Report - bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.w3s.link/

Report Overview

Submitted URL
bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.w3s.link/
IP
104.18.22.52
ASN
#13335 CLOUDFLARENET
Submitted
2023-06-01 23:40:23
Access
public
Website Title
Final URL
Tags
phishing
urlquery detections
Phishing - Generic phishing

Detections

urlquery
3
Network Intrusion Detection
6
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2023-06-01	499 B	52 kB	104.18.10.207
ajax.aspnetcdn.com	693	2010-10-12	2012-05-24	2023-05-31	485 B	31 kB	152.199.19.160
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2023-06-02	996 B	62 kB	142.250.74.170
bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link	unknown	2017-02-24	2023-03-11	2023-05-30	1.1 kB	20 kB	209.94.90.1
www.adobe.com	2202	1986-11-17	2018-06-13	2023-05-31	481 B	1.5 kB	95.101.11.89
ia601408.us.archive.org	916839	1995-12-14	2017-02-02	2023-05-09	543 B	294 kB	207.241.227.128
adobe.com	146	1986-11-17	2020-11-13	2023-05-31	477 B	214 B	23.56.4.32
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2023-06-01	585 B	50 kB	104.18.10.207
bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.w3s.link	unknown	unknown	2022-10-31	2023-01-15	530 B	1.0 kB	104.18.23.52
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2023-06-01	589 B	7.2 kB	104.17.25.14
code.jquery.com	634	2005-12-10	2012-05-21	2023-06-01	1.0 kB	55 kB	69.16.175.10
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-01	666 B	1.4 kB	142.250.74.3
e7.pngegg.com	53660	2020-04-19	2020-05-26	2023-05-31	603 B	5.5 kB	172.64.99.26

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-01 23:40:04	low	Client IP	Internal IP	ET HUNTING IPFS Gateway Domain in DNS Lookup (ipfs .w3s .link)
2023-06-01 23:40:04	low	Client IP	Internal IP	ET HUNTING IPFS Gateway Domain in DNS Lookup (ipfs .w3s .link)
2023-06-01 23:40:04	low	Client IP	104.18.23.52	ET HUNTING Observed IPFS Gateway Domain (ipfs .w3s .link) in TLS SNI
2023-06-01 23:40:04	low	Client IP	Internal IP	ET HUNTING IPFS Gateway Domain in DNS Lookup (ipfs .dweb .link)
2023-06-01 23:40:04	low	Client IP	Internal IP	ET HUNTING IPFS Gateway Domain in DNS Lookup (ipfs .dweb .link)
2023-06-01 23:40:04	low	Client IP	209.94.90.1	ET HUNTING Observed IPFS Gateway Domain (ipfs .dweb .link) in TLS SNI

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator
2023-06-01	medium	bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.w3s.link/
2023-05-30	medium	bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
2023-05-30	medium	bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-06-01	medium	bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link
2023-06-01	medium	bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link

ThreatFox

Scan Date	Severity	Indicator	Alert
2023-05-03	medium	www.adobe.com

JavaScript (10)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.2.1.slim.min.js	70 kB	2023-03-07	2024-05-10
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-05-10 23:52:53 Times Seen108472 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-11 01:55:32 Times Seen390718 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/	2.0 kB	2023-03-07	2024-04-17
Pretty URL bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/ IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:50:27 Last Seen2024-04-17 18:41:10 Times Seen17 Hash 69e161d383db173a55e65d9b22f55f58 186723ceed87a2bc8a32d774f5a4dd195c247dfb 8fb0065ca56e8f819f501dd562f78f6d83c534381709920937568630d6c52f00 Loading...

	bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/	3.6 kB	2023-04-01	2024-02-02
Pretty URL bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/ IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-01 11:14:36 Last Seen2024-02-02 04:39:52 Times Seen11 Hash 9459922fc889f95177ed9b8f99264308 6c8d0cb251d7005f4f95e13a6ac6d3f15715c535 88ea11c0fa8b820a5279b89d2d8e4b378d0b4407ba4718df79fbc04474671957 Loading...

	code.jquery.com/jquery-3.1.1.min.js	87 kB	2023-03-07	2024-05-11
Pretty URL code.jquery.com/jquery-3.1.1.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-11 02:55:15 Times Seen268291 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	19 kB	2023-03-07	2024-05-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-10 23:52:53 Times Seen114325 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-05-10
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-10 23:52:53 Times Seen139508 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	51 kB	2023-03-07	2024-05-10
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-10 23:52:53 Times Seen247825 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	unknown	38 B	2023-04-11	2024-05-10
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:09:18 Last Seen2024-05-10 21:45:21 Times Seen3975 Hash a55bc61bb8cabacdc353356d20217fb1 ecf7f3fc124c625be7890bb4536b6f89d4d76786 a4a9b568a83a7f91eeed94a7c6587bb5d3bdf73d515d40c4402460dc046ab7a6 Loading...

	ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-05-11
Pretty URL ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js IP 152.199.19.160 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-11 02:59:54 Times Seen110614 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

HTTP Transactions (17)

URL IP Response Size

bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.w3s.link/

104.18.23.52

307 Temporary Redirect

0 B

URL User Request GET HTTP/2
bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.w3s.link/
IP
104.18.23.52:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectw3s.link
Fingerprint08:70:3E:4A:18:00:2B:6D:C0:37:93:EF:4C:79:92:DD:E4:4E:3B:A5
ValidityMon, 18 Jul 2022 00:00:00 GMT - Mon, 17 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Adobe Inc.

HTTP Headers

GET / HTTP/1.1
Host: bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.w3s.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
date: Thu, 01 Jun 2023 23:40:05 GMT
content-length: 0
location: https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
access-control-allow-origin: *
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=405
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0b4cb10f4c0b4d-OSL
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

104.17.25.14

200 OK

6.2 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (19015)
Size
6.2 kB (6157 bytes)
Hash
70d3fda195602fe8b75e0097eed74dde
c3b977aa4b8dfb69d651e07015031d385ded964b
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

HTTP Headers

GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link
DNT: 1
Connection: keep-alive
Referer: https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 23:40:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3042701
expires: Tue, 21 May 2024 23:40:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Szyw%2FoFF2QM%2FHgQpUXKbbN0W88m5Tuu70ULu1UdqadrgKhQuf37K53mzumEWjIHnBE%2FzhP1iHKS9uLcjsL8OtAyt1hfVy56vVrGKDvegDhgKQWT3ALQkxwMYXBL6uNf%2BOJnpytEE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d0b4cb8dd4db51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.2.1.slim.min.js

69.16.175.10

200 OK

24 kB

URL GET HTTP/2
code.jquery.com/jquery-3.2.1.slim.min.js
IP
69.16.175.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (32012)
Size
24 kB (23856 bytes)
Hash
5f48fc77cac90c4778fa24ec9c57f37d
9e89d1515bc4c371b86f4cb1002fd8e377c1829f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

HTTP Headers

GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link
DNT: 1
Connection: keep-alive
Referer: https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 23:40:05 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1685662805.dop226.sk1.t,1685662805.cds252.sk1.hn,1685662805.cds235.sk1.c
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.1.1.min.js

69.16.175.10

200 OK

30 kB

URL GET HTTP/2
code.jquery.com/jquery-3.1.1.min.js
IP
69.16.175.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (32030)
Size
30 kB (30070 bytes)
Hash
e071abda8fe61194711cfc2ab99fe104
f647a6d37dc4ca055ced3cf64bbc1f490070acba
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

HTTP Headers

GET /jquery-3.1.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 23:40:05 GMT
content-encoding: gzip
content-length: 30070
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-152b5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1685662805.dop226.sk1.t,1685662805.cds226.sk1.hn,1685662805.cds010.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
02593b51cd737e1085e5837a9a47c755
aab410449655b9fddf070f3e25a1a8e5aee59530
0ea607d017e63bf06a742560b582d99802dc477bba715d9890e1d51663e50d99

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 23:40:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

152.199.19.160

200 OK

30 kB

URL GET HTTP/2
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
IP
152.199.19.160:443
ASN
#15133 EDGECAST

Requested by
https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Certificate
IssuerDigiCert Inc
Subject*.vo.msecnd.net
Fingerprint0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 28 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
30 kB (30394 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 4596241
cache-control: public,max-age=31536000
content-type: application/javascript
date: Thu, 01 Jun 2023 23:40:05 GMT
etag: "80288516b793d31:0"
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ska/F6AE)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30394
X-Firefox-Spdy: h2

e7.pngegg.com/pngimages/571/47/png-clipart-adobe-acrobat-pdf-computer-icons-adobe-reader-edu-invest-adobe-pdf-text-logo-thumbnail.png

172.64.99.26

200 OK

4.7 kB

URL GET HTTP/2
e7.pngegg.com/pngimages/571/47/png-clipart-adobe-acrobat-pdf-computer-icons-adobe-reader-edu-invest-adobe-pdf-text-logo-thumbnail.png
IP
172.64.99.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Certificate
IssuerGoogle Trust Services LLC
Subjectpngegg.com
FingerprintC5:D6:B6:BE:D3:F8:86:E1:AA:FC:B1:F5:2B:67:DD:CF:94:F1:E9:32
ValidityWed, 17 May 2023 02:49:32 GMT - Tue, 15 Aug 2023 02:49:31 GMT

File type
PNG image data, 348 x 398, 4-bit colormap, non-interlaced\012- data
Size
4.7 kB (4722 bytes)
Hash
b36e67c775e0b2e9f6e7d9762c4f4487
f089c83dcb9db58714dc8aec40bebf13632c66b5
f57218e76eb6adab56df94b4a32ea7873703bd3701dde45af952605cfc5a5693

HTTP Headers

GET /pngimages/571/47/png-clipart-adobe-acrobat-pdf-computer-icons-adobe-reader-edu-invest-adobe-pdf-text-logo-thumbnail.png HTTP/1.1
Host: e7.pngegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Jun 2023 23:40:05 GMT
content-type: image/png
content-length: 4722
last-modified: Sun, 28 Jun 2020 05:36:54 GMT
etag: "5ef82c76-1272"
expires: Wed, 25 Jun 2025 04:56:26 GMT
cache-control: max-age=65664000
cf-cache-status: HIT
age: 499419
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3KQlKnwDyj38%2BPeFw3jFJ%2F%2B1DPD7g8aZuFk6AV%2BEAZxLKe67kQY7087Cbwszk5qgE0vw8xhQ9MI0t4x1ZRkS1CSD%2FoblExFZ8QIheteJXjVDS5x%2Fk6P4EKOns07T%2FsT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0b4cb93d25385a-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

142.250.74.170

200 OK

30 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 12:31:43 GMT
expires: Fri, 31 May 2024 12:31:43 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 40103
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
02593b51cd737e1085e5837a9a47c755
aab410449655b9fddf070f3e25a1a8e5aee59530
0ea607d017e63bf06a742560b582d99802dc477bba715d9890e1d51663e50d99

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 23:40:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/Sign-In-PDF-CLOUD_files/font-awesome.css

209.94.90.1

404 Not Found

232 B

URL GET HTTP/2
bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/Sign-In-PDF-CLOUD_files/font-awesome.css
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subject*.i.ipfs.io
FingerprintDF:57:ED:7D:45:D6:8D:9D:25:3C:13:85:2E:51:0D:AD:64:B8:E5:84
ValidityMon, 27 Mar 2023 17:15:30 GMT - Sun, 25 Jun 2023 17:15:29 GMT

File type
ASCII text
Size
232 B (232 bytes)
Hash
8118e46fea6e2309fe66c69b8b96903d
d4232feefb75e8437bf9d72ca78d346c2361f99b
61d8b0315af62587150c287216b720fa65875ce23f63a1fcad26eacffe3af749

Detections

Analyzer	Verdict	Alert
openphish	Adobe Inc.
quad9	Sinkholed

HTTP Headers

GET /Sign-In-PDF-CLOUD_files/font-awesome.css HTTP/1.1
Host: bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: openresty
date: Thu, 01 Jun 2023 23:40:06 GMT
content-type: text/plain; charset=utf-8
content-length: 232
x-content-type-options: nosniff
x-ipfs-pop: ipfs-bank7-fr2
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
x-ipfs-lb-pop: gateway-bank2-fr2
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

142.250.74.170

200 OK

30 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 12:31:43 GMT
expires: Fri, 31 May 2024 12:31:43 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 40103
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

adobe.com/favicon.ico

23.56.4.32

0 B

URL GET
adobe.com/favicon.ico
IP
23.56.4.32:0
ASN
#20940 Akamai International B.V.

Requested by
https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Certificate
IssuerDigiCert Inc
Subject*.adobe.com
Fingerprint02:34:86:FC:43:9F:4B:35:C3:FC:67:0B:FF:3B:BC:BC:6E:5A:91:6A
ValidityMon, 10 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: adobe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://www.adobe.com/favicon.ico
date: Thu, 01 Jun 2023 23:40:07 GMT
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

www.adobe.com/favicon.ico

95.101.11.89

800 B

URL GET
www.adobe.com/favicon.ico
IP
95.101.11.89:0
ASN
#20940 Akamai International B.V.

Requested by
https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Certificate
IssuerDigiCert Inc
Subject*.adobe.com
Fingerprint02:34:86:FC:43:9F:4B:35:C3:FC:67:0B:FF:3B:BC:BC:6E:5A:91:6A
ValidityMon, 10 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel\012- data
Size
800 B (800 bytes)
Hash
b28bf60dd7e50b6dffd394ebc0f9057a
9ea7eed87b689757780322989ef426aeffdc8f7a
bf24c9e4d37f94d4bd2f870228ff421ca54b2949db3391dbd3818ec0e6db0f5f

Detections

Analyzer	Verdict	Alert
threatfox	QakBot

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.adobe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/x-icon
server: Apache
x-adobe-content: AEM-Offers
x-frame-options: SAMEORIGIN
x-adobe-info: 9645848c-cb14-4920-9219-c23100ed2fd8, 9645848c-cb14-4920-9219-c23100ed2fd8
last-modified: Thu, 01 Jun 2023 11:13:26 GMT
x-adobe-loc: ew1
x-adobe-source: 128.35
x-content-type-options: nosniff
x-adobe-cache: MISS
accept-ranges: bytes
content-encoding: gzip
content-length: 800
cache-control: max-age=21600
expires: Fri, 02 Jun 2023 05:40:07 GMT
date: Thu, 01 Jun 2023 23:40:07 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468239_1600457557_76545170_110_6880_1_0";dur=1
akamai-x-true-ttl: 31536000
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2

ia601408.us.archive.org/33/items/pdf-capture-blur-11-1/pdf-Capture-blur11%20%281%29.png

207.241.227.128

200 OK

293 kB

URL GET HTTP/2
ia601408.us.archive.org/33/items/pdf-capture-blur-11-1/pdf-Capture-blur11%20%281%29.png
IP
207.241.227.128:443
ASN
#7941 INTERNET-ARCHIVE

Requested by
https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.us.archive.org
FingerprintAD:42:AD:6F:D7:D3:83:11:4E:71:BF:D2:65:2C:78:ED:A6:9E:29:52
ValidityThu, 19 Jan 2023 19:33:16 GMT - Tue, 20 Feb 2024 19:33:16 GMT

File type
PNG image data, 1300 x 717, 8-bit/color RGBA, non-interlaced\012- data
Size
293 kB (293102 bytes)
Hash
88111317f139ed7482cbf3c91606abda
877f089ffd6c0488c8e336fec23fa8d0cf7d65e6
28a19e5bf607928d5613c7cc5edf0a83813a943e3de4d3a021c80d6066d82a7c

HTTP Headers

GET /33/items/pdf-capture-blur-11-1/pdf-Capture-blur11%20%281%29.png HTTP/1.1
Host: ia601408.us.archive.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 01 Jun 2023 23:40:07 GMT
content-type: image/png
content-length: 293102
last-modified: Mon, 18 Jul 2022 17:32:45 GMT
etag: "62d5993d-478ee"
strict-transport-security: max-age=15724800
expires: Fri, 02 Jun 2023 05:40:07 GMT
cache-control: max-age=21600
access-control-allow-origin: *
access-control-allow-headers: Accept-Encoding,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,DNT,Pragma,Range,X-Requested-With
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.10.207

200 OK

49 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (48664)
Size
49 kB (48944 bytes)
Hash
14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link
DNT: 1
Connection: keep-alive
Referer: https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 23:40:05 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/25/2022 23:23:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: d04f5327282100f4d4a838899118f0c0
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d0b4cb8dea11c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.10.207

200 OK

51 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (50758)
Size
51 kB (51039 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 23:40:05 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 28706653
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d0b4cb8cdca0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/

209.94.90.1

200 OK

18 kB

URL User Request GET HTTP/2
bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link/
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Certificate
IssuerLet's Encrypt
Subject*.i.ipfs.io
FingerprintDF:57:ED:7D:45:D6:8D:9D:25:3C:13:85:2E:51:0D:AD:64:B8:E5:84
ValidityMon, 27 Mar 2023 17:15:30 GMT - Sun, 25 Jun 2023 17:15:29 GMT

File type

Size
18 kB (18245 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic phishing
openphish	Adobe Inc.
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Thu, 01 Jun 2023 23:40:05 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm"
x-ipfs-gateway-host: ipfs-bank16-fr2
x-ipfs-path: /ipfs/bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm/
x-ipfs-roots: bafybeibkgor6o4si6frcggxpnkpmanvk77xarnbvnzv5orsjlmefg3yqhm
x-ipfs-pop: ipfs-bank16-fr2
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, GET, POST, OPTIONS
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
x-ipfs-lb-pop: gateway-bank2-fr2
x-proxy-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML