Report - bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/

Report Overview

Submitted URL
bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
IP
209.94.90.2
ASN
#40680 PROTOCOL
Submitted
2024-05-09 17:24:21
Access
public
Website Title
DHL EXPRESS
Final URL
bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
60

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
quirky-shaw-20dc92.netlify.app	unknown	2018-05-08	2022-06-11	2024-01-30	495 B	360 B	52.58.254.253
bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link	unknown	2017-02-24	2024-01-26	2024-03-22	9.2 kB	737 kB	209.94.90.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/	DHL Airways, Inc.
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/	DHL Airways, Inc.
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/	DHL Airways, Inc.
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/	DHL Airways, Inc.
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/	DHL Airways, Inc.
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/	DHL Airways, Inc.
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/	DHL Airways, Inc.
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/	DHL Airways, Inc.
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/	DHL Airways, Inc.
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/	DHL Airways, Inc.
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/	DHL Airways, Inc.
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/	DHL Airways, Inc.
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/	DHL Airways, Inc.
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/	DHL Airways, Inc.
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/	DHL Airways, Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link	Sinkholed
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link	Sinkholed
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link	Sinkholed
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link	Sinkholed
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link	Sinkholed
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link	Sinkholed
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link	Sinkholed
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link	Sinkholed
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link	Sinkholed
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link	Sinkholed
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link	Sinkholed
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link	Sinkholed
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link	Sinkholed
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link	Sinkholed
2024-05-09	medium	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link	Sinkholed

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap.js	60 kB	2023-03-07	2024-05-20
Pretty URL bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap.js IP 209.94.90.3 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2024-05-20 11:54:04 Times Seen7681 Hash 02d223393e00c273efdcb1ade8f4f8b1 0cc93b8421d89c24a889642428b363cb831de78a 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582 Loading...

	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery.js	86 kB	2023-03-07	2024-05-20
Pretty URL bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery.js IP 209.94.90.3 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-20 12:26:14 Times Seen394784 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/	0 B	2023-03-07	2024-05-20
Pretty URL bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ IP 209.94.90.3 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 12:31:59 Times Seen37873110 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/	0 B	2023-03-07	2024-05-20
Pretty URL bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ IP 209.94.90.3 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 12:31:59 Times Seen37873110 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery_003.js	90 kB	2023-03-07	2024-05-20
Pretty URL bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery_003.js IP 209.94.90.3 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-20 12:09:12 Times Seen145781 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery-3.js	70 kB	2023-03-07	2024-05-20
Pretty URL bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery-3.js IP 209.94.90.3 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-05-20 12:26:14 Times Seen110223 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/popper.js	19 kB	2023-03-07	2024-05-20
Pretty URL bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/popper.js IP 209.94.90.3 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-20 12:26:14 Times Seen116300 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap_003.js	49 kB	2023-03-07	2024-05-20
Pretty URL bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap_003.js IP 209.94.90.3 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-20 12:26:14 Times Seen141368 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap_002.js	51 kB	2023-03-07	2024-05-20
Pretty URL bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap_002.js IP 209.94.90.3 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-20 12:25:01 Times Seen250041 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery_002.js	2.3 kB	2023-03-07	2024-05-20
Pretty URL bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery_002.js IP 209.94.90.3 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:17 Last Seen2024-05-20 08:07:37 Times Seen4152 Hash c0ac9c9487d60de96dc68dbb25bd8dd6 99419b0be4b85422ff84870e54dbd8a52dc6dab1 76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c Loading...

	bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/popper_002.js	21 kB	2023-03-07	2024-05-20
Pretty URL bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/popper_002.js IP 209.94.90.3 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-05-20 08:06:26 Times Seen10895 Hash 84415b7368fd6fc764cbe86039ce0626 62f238e73348c77eb9e865426a7d1b7de23cbb2d c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060 Loading...

HTTP Transactions (16)

URL IP Response Size

bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/logo.jpg

209.94.90.3

200 OK

4.7 kB

URL GET HTTP/3
bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/logo.jpg
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 240x56, components 3
Size
4.7 kB (4740 bytes)
Hash
79a96bc19b6f2272fe4bd8d40c0cd8a0
8efd8ecf46ff6505df918de628c7a901fa147a7e
c4e89edd8eea8796e000d919c2f08c25521a8578f55fa21ba4d6e62c8ba98c4f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/logo.jpg HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: image/jpeg
content-length: 4740
cache-control: public, max-age=29030400, immutable
cf-bgj: h2pri
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
etag: "bafkreige5cpn3dxkq6loaagzdhbpbdbfkinik6hvl6rbxjgw4ywixkmmj4"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/logo.jpg
x-ipfs-pop: rainbow-am6-03
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreige5cpn3dxkq6loaagzdhbpbdbfkinik6hvl6rbxjgw4ywixkmmj4
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361522f39b521-OSL
alt-svc: h3=":443"; ma=86400

quirky-shaw-20dc92.netlify.app/polina.jpg

52.58.254.253

404 Not Found

50 B

URL GET HTTP/2
quirky-shaw-20dc92.netlify.app/polina.jpg
IP
52.58.254.253:443
ASN
#16509 AMAZON-02

Requested by
https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
FingerprintB0:8E:E9:A5:C3:D9:B5:C1:FF:B6:51:7A:DF:98:CF:2D:28:18:41:9B
ValidityMon, 15 Jan 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
50 B (50 bytes)
Hash
12eda3e5482d5c01d3f57d5b24359b5c
6ceea9810109131eb02ddbdf15a1402aec404b3f
2834734cfb9161c60d726398e182669fd8a225ee81037f06f9074e0b8c822014

HTTP Headers

GET /polina.jpg HTTP/1.1
Host: quirky-shaw-20dc92.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cache-control: private, max-age=0
content-type: text/plain; charset=utf-8
date: Thu, 09 May 2024 17:23:56 GMT
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HXF643XRZ3TRCV273J0KQR92
content-length: 50
X-Firefox-Spdy: h2

bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/logo.jpg

209.94.90.3

200 OK

4.7 kB

URL GET HTTP/3
bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/logo.jpg
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 240x56, components 3
Size
4.7 kB (4740 bytes)
Hash
79a96bc19b6f2272fe4bd8d40c0cd8a0
8efd8ecf46ff6505df918de628c7a901fa147a7e
c4e89edd8eea8796e000d919c2f08c25521a8578f55fa21ba4d6e62c8ba98c4f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/logo.jpg HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG; __session:0.7462979226477361:=https:
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:56 GMT
content-type: image/jpeg
content-length: 4740
cache-control: public, max-age=29030400, immutable
cf-bgj: h2pri
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
etag: "bafkreige5cpn3dxkq6loaagzdhbpbdbfkinik6hvl6rbxjgw4ywixkmmj4"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/logo.jpg
x-ipfs-pop: rainbow-am6-03
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreige5cpn3dxkq6loaagzdhbpbdbfkinik6hvl6rbxjgw4ywixkmmj4
cf-cache-status: HIT
age: 1
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 88136154dc4cb521-OSL
alt-svc: h3=":443"; ma=86400

bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/vd.mp4

209.94.90.3

95 kB

URL GET
bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/vd.mp4
IP
209.94.90.3:0
ASN
#40680 PROTOCOL

Requested by
https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
data
Size
95 kB (94825 bytes)
Hash
e57360c7f18c959ce571f8e8fe5086d4
8c09bfc5266b739739872b9eb350eb72a8a0a507
15e5b2fd859af1a947f9443b4510191886b661335bacd794166d5b7e74de1506

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/vd.mp4 HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=28344320-
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG; __session:0.7462979226477361:=https:
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Thu, 09 May 2024 17:23:56 GMT
content-type: video/mp4
content-length: 94825
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: "bafybeigirvo66op5zdq7ceidn22rxhx6xklxpbvvawwt6l3arkpw6dxhju"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/vd.mp4
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafybeigirvo66op5zdq7ceidn22rxhx6xklxpbvvawwt6l3arkpw6dxhju
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
age: 0
content-range: bytes 28344320-28439144/28439145
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361555d60b521-OSL
alt-svc: h3=":443"; ma=86400

bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery-3.js

209.94.90.3

200 OK

70 kB

URL GET HTTP/3
bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery-3.js
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
JavaScript source, ASCII text, with very long lines (32012)
Size
70 kB (69597 bytes)
Hash
5f48fc77cac90c4778fa24ec9c57f37d
9e89d1515bc4c371b86f4cb1002fd8e377c1829f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/jquery-3.js HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreietmwjarb5rdmz2hxclukfa7e4vd4qagqjghy5zz36tqr4y4s7dta"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/jquery-3.js
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreietmwjarb5rdmz2hxclukfa7e4vd4qagqjghy5zz36tqr4y4s7dta
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361522f3bb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/popper.js

209.94.90.3

200 OK

19 kB

URL GET HTTP/3
bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/popper.js
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
JavaScript source, ASCII text, with very long lines (19015)
Size
19 kB (19188 bytes)
Hash
70d3fda195602fe8b75e0097eed74dde
c3b977aa4b8dfb69d651e07015031d385ded964b
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/popper.js HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreifff55kktl3zkx2avxobicqeyw7yvuuvyun52fuzlbufgxtp7ynmy"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/popper.js
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreifff55kktl3zkx2avxobicqeyw7yvuuvyun52fuzlbufgxtp7ynmy
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361522f3db521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap_002.js

209.94.90.3

200 OK

51 kB

URL GET HTTP/3
bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap_002.js
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
JavaScript source, ASCII text, with very long lines (50758)
Size
51 kB (51039 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/bootstrap_002.js HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreicwyevbewycduq2nhtb24mqz35bndlmfdhhcutfz2q3hmarfuljyq"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/bootstrap_002.js
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreicwyevbewycduq2nhtb24mqz35bndlmfdhhcutfz2q3hmarfuljyq
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361523f4eb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/

209.94.90.3

200 OK

7.5 kB

URL User Request GET HTTP/2
bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
HTML document, ASCII text, with very long lines (8179), with no line terminators
Size
7.5 kB (7453 bytes)
Hash
bdeeeaa9b6ff73e70289b0443cb5c3e4
2d0a0c9dec968d01dd337d30404924359a2a7d6e
258b922602fedc52fb1229d13eadd0b05af321d556009fe6dea06eacf3278ca6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/html
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
set-cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG; SameSite=None; Secure; path=/; expires=Fri, 10-May-24 16:23:55 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813614ebe677129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap.css

209.94.90.3

200 OK

160 kB

URL GET HTTP/3
bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap.css
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
ASCII text, with very long lines (65326)
Size
160 kB (160302 bytes)
Hash
816af0eddd3b4822c2756227c7e7b7ee
c470239d4c7db36d56dc3a74a080c62218c6edc4
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/bootstrap.css HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/css; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreic3b67fw6wxax3ksn6etgfnal3t3dyns5x6emnxjlxq5smwtegjhi"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/bootstrap.css
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreic3b67fw6wxax3ksn6etgfnal3t3dyns5x6emnxjlxq5smwtegjhi
x-ipfs-pop: rainbow-am6-01
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361521f04b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery_003.js

209.94.90.3

200 OK

90 kB

URL GET HTTP/3
bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery_003.js
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/jquery_003.js HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreihx62systy5dho2235dskzozywf4v4mx562j2ualnuil23jqw3ohu"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/jquery_003.js
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreihx62systy5dho2235dskzozywf4v4mx562j2ualnuil23jqw3ohu
x-ipfs-pop: rainbow-am6-01
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361521f0bb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/popper_002.js

209.94.90.3

200 OK

21 kB

URL GET HTTP/3
bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/popper_002.js
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
JavaScript source, ASCII text, with very long lines (21084)
Size
21 kB (21257 bytes)
Hash
84415b7368fd6fc764cbe86039ce0626
62f238e73348c77eb9e865426a7d1b7de23cbb2d
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/popper_002.js HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreighoymvvvddgpdmtkp6hr2fal76vgqc7lyseoeounlhsiwmmwrqma"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/popper_002.js
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreighoymvvvddgpdmtkp6hr2fal76vgqc7lyseoeounlhsiwmmwrqma
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361522f33b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery_002.js

209.94.90.3

200 OK

2.3 kB

URL GET HTTP/3
bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery_002.js
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
ASCII text, with very long lines (2368), with no line terminators
Size
2.3 kB (2333 bytes)
Hash
0e6e66d900256c806b3a9dac174b2ebb
68dd2a54579d1895fbe35383da6f56ed841e6d7a
785b2383673ae9ccb86d36969c8e8d9593edaeb6d435aab4adad805898dce5f8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/jquery_002.js HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreidwvvsyjlc33vczsoo4ouzpvz6cxxmoellxh7yw2iyg6qvb77cwtq"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/jquery_002.js
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreidwvvsyjlc33vczsoo4ouzpvz6cxxmoellxh7yw2iyg6qvb77cwtq
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361523f50b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap.js

209.94.90.3

200 OK

60 kB

URL GET HTTP/3
bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap.js
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
JavaScript source, ASCII text, with very long lines (59765)
Size
60 kB (60044 bytes)
Hash
02d223393e00c273efdcb1ade8f4f8b1
0cc93b8421d89c24a889642428b363cb831de78a
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/bootstrap.js HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreidzywm525qm5qgbminbv5e5tivetws5ixq3g7kfow5m4cs6aitfqi"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/bootstrap.js
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreidzywm525qm5qgbminbv5e5tivetws5ixq3g7kfow5m4cs6aitfqi
x-ipfs-pop: rainbow-am6-01
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361522f36b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery.js

209.94.90.3

200 OK

86 kB

URL GET HTTP/3
bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery.js
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
86 kB (85578 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/jquery.js HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreiafxbozn5a774knr5qi3lidvny6fqibpqw2beknprmssg5npjkpry"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/jquery.js
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreiafxbozn5a774knr5qi3lidvny6fqibpqw2beknprmssg5npjkpry
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361523f4db521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap_003.js

209.94.90.3

200 OK

49 kB

URL GET HTTP/3
bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap_003.js
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
JavaScript source, ASCII text, with very long lines (48664)
Size
49 kB (48944 bytes)
Hash
14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/bootstrap_003.js HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreihh5u3m53sukc2cio54gumiv6v57nbibr6fowlqahpa5ulhfgnqdm"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/bootstrap_003.js
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreihh5u3m53sukc2cio54gumiv6v57nbibr6fowlqahpa5ulhfgnqdm
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361522f3eb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/vd.htm

209.94.90.3

200 OK

3.0 kB

URL GET HTTP/3
bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/vd.htm
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
HTML document, ASCII text, with very long lines (3096), with no line terminators
Size
3.0 kB (3048 bytes)
Hash
2e2976cb50f949666a45151811c98847
a798b29f0d3e218b3024d8e29eb182d21d424fbd
b6b95e78fd27c74d31106b2895b35f7e73a2c60df0c250f79a980b2869c9900d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index_files/vd.htm HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG; __session:0.7462979226477361:=https:
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:56 GMT
content-type: text/html
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/vd.htm
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreibg3teiyyk5gi2kq4myplu3qncvr3trhhiktiw5o7o2nwzx4fgsyq
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 88136156f8e1b521-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML