| bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/logo.jpg | 209.94.90.3 | 200 OK | 4.7 kB |
URL GET HTTP/3bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/logo.jpg IP209.94.90.3:443
Requested byhttps://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ CertificateIssuerLet's Encrypt Subjectdweb.link FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2 ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 240x56, components 3 Hash79a96bc19b6f2272fe4bd8d40c0cd8a0 8efd8ecf46ff6505df918de628c7a901fa147a7e c4e89edd8eea8796e000d919c2f08c25521a8578f55fa21ba4d6e62c8ba98c4f
Analyzer | Verdict | Alert | OpenPhish | phishing | DHL Airways, Inc. | Quad9 DNS | malicious | Sinkholed |
GET /index_files/logo.jpg HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: image/jpeg
content-length: 4740
cache-control: public, max-age=29030400, immutable
cf-bgj: h2pri
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
etag: "bafkreige5cpn3dxkq6loaagzdhbpbdbfkinik6hvl6rbxjgw4ywixkmmj4"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/logo.jpg
x-ipfs-pop: rainbow-am6-03
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreige5cpn3dxkq6loaagzdhbpbdbfkinik6hvl6rbxjgw4ywixkmmj4
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361522f39b521-OSL
alt-svc: h3=":443"; ma=86400
|
|
| quirky-shaw-20dc92.netlify.app/polina.jpg | 52.58.254.253 | 404 Not Found | 50 B |
URL GET HTTP/2quirky-shaw-20dc92.netlify.app/polina.jpg IP52.58.254.253:443
Requested byhttps://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ CertificateIssuerDigiCert Inc Subject*.netlify.app FingerprintB0:8E:E9:A5:C3:D9:B5:C1:FF:B6:51:7A:DF:98:CF:2D:28:18:41:9B ValidityMon, 15 Jan 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash12eda3e5482d5c01d3f57d5b24359b5c 6ceea9810109131eb02ddbdf15a1402aec404b3f 2834734cfb9161c60d726398e182669fd8a225ee81037f06f9074e0b8c822014
GET /polina.jpg HTTP/1.1
Host: quirky-shaw-20dc92.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cache-control: private, max-age=0
content-type: text/plain; charset=utf-8
date: Thu, 09 May 2024 17:23:56 GMT
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HXF643XRZ3TRCV273J0KQR92
content-length: 50
X-Firefox-Spdy: h2
|
|
| bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/logo.jpg | 209.94.90.3 | 200 OK | 4.7 kB |
URL GET HTTP/3bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/logo.jpg IP209.94.90.3:443
Requested byhttps://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ CertificateIssuerLet's Encrypt Subjectdweb.link FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2 ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 240x56, components 3 Hash79a96bc19b6f2272fe4bd8d40c0cd8a0 8efd8ecf46ff6505df918de628c7a901fa147a7e c4e89edd8eea8796e000d919c2f08c25521a8578f55fa21ba4d6e62c8ba98c4f
Analyzer | Verdict | Alert | OpenPhish | phishing | DHL Airways, Inc. | Quad9 DNS | malicious | Sinkholed |
GET /index_files/logo.jpg HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG; __session:0.7462979226477361:=https:
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:56 GMT
content-type: image/jpeg
content-length: 4740
cache-control: public, max-age=29030400, immutable
cf-bgj: h2pri
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
etag: "bafkreige5cpn3dxkq6loaagzdhbpbdbfkinik6hvl6rbxjgw4ywixkmmj4"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/logo.jpg
x-ipfs-pop: rainbow-am6-03
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreige5cpn3dxkq6loaagzdhbpbdbfkinik6hvl6rbxjgw4ywixkmmj4
cf-cache-status: HIT
age: 1
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 88136154dc4cb521-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/vd.mp4 | 209.94.90.3 | | 95 kB |
URL GET bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/vd.mp4 IP209.94.90.3:0
Requested byhttps://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ CertificateIssuerLet's Encrypt Subjectdweb.link FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2 ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT
Hashe57360c7f18c959ce571f8e8fe5086d4 8c09bfc5266b739739872b9eb350eb72a8a0a507 15e5b2fd859af1a947f9443b4510191886b661335bacd794166d5b7e74de1506
Analyzer | Verdict | Alert | OpenPhish | phishing | DHL Airways, Inc. | Quad9 DNS | malicious | Sinkholed |
GET /index_files/vd.mp4 HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=28344320-
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG; __session:0.7462979226477361:=https:
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Thu, 09 May 2024 17:23:56 GMT
content-type: video/mp4
content-length: 94825
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: "bafybeigirvo66op5zdq7ceidn22rxhx6xklxpbvvawwt6l3arkpw6dxhju"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/vd.mp4
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafybeigirvo66op5zdq7ceidn22rxhx6xklxpbvvawwt6l3arkpw6dxhju
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
age: 0
content-range: bytes 28344320-28439144/28439145
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361555d60b521-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery-3.js | 209.94.90.3 | 200 OK | 70 kB |
URL GET HTTP/3bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery-3.js IP209.94.90.3:443
Requested byhttps://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ CertificateIssuerLet's Encrypt Subjectdweb.link FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2 ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (32012) Hash5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
Analyzer | Verdict | Alert | OpenPhish | phishing | DHL Airways, Inc. | Quad9 DNS | malicious | Sinkholed |
GET /index_files/jquery-3.js HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreietmwjarb5rdmz2hxclukfa7e4vd4qagqjghy5zz36tqr4y4s7dta"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/jquery-3.js
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreietmwjarb5rdmz2hxclukfa7e4vd4qagqjghy5zz36tqr4y4s7dta
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361522f3bb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/popper.js | 209.94.90.3 | 200 OK | 19 kB |
URL GET HTTP/3bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/popper.js IP209.94.90.3:443
Requested byhttps://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ CertificateIssuerLet's Encrypt Subjectdweb.link FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2 ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (19015) Hash70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Analyzer | Verdict | Alert | OpenPhish | phishing | DHL Airways, Inc. | Quad9 DNS | malicious | Sinkholed |
GET /index_files/popper.js HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreifff55kktl3zkx2avxobicqeyw7yvuuvyun52fuzlbufgxtp7ynmy"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/popper.js
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreifff55kktl3zkx2avxobicqeyw7yvuuvyun52fuzlbufgxtp7ynmy
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361522f3db521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap_002.js | 209.94.90.3 | 200 OK | 51 kB |
URL GET HTTP/3bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap_002.js IP209.94.90.3:443
Requested byhttps://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ CertificateIssuerLet's Encrypt Subjectdweb.link FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2 ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (50758) Hash67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Analyzer | Verdict | Alert | OpenPhish | phishing | DHL Airways, Inc. | Quad9 DNS | malicious | Sinkholed |
GET /index_files/bootstrap_002.js HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreicwyevbewycduq2nhtb24mqz35bndlmfdhhcutfz2q3hmarfuljyq"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/bootstrap_002.js
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreicwyevbewycduq2nhtb24mqz35bndlmfdhhcutfz2q3hmarfuljyq
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361523f4eb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ | 209.94.90.3 | 200 OK | 7.5 kB |
URL User Request GET HTTP/2bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ IP209.94.90.3:443
CertificateIssuerLet's Encrypt Subjectdweb.link FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2 ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT
File typeHTML document, ASCII text, with very long lines (8179), with no line terminators Hashbdeeeaa9b6ff73e70289b0443cb5c3e4 2d0a0c9dec968d01dd337d30404924359a2a7d6e 258b922602fedc52fb1229d13eadd0b05af321d556009fe6dea06eacf3278ca6
Analyzer | Verdict | Alert | OpenPhish | phishing | DHL Airways, Inc. | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/html
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
set-cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG; SameSite=None; Secure; path=/; expires=Fri, 10-May-24 16:23:55 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813614ebe677129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap.css | 209.94.90.3 | 200 OK | 160 kB |
URL GET HTTP/3bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap.css IP209.94.90.3:443
Requested byhttps://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ CertificateIssuerLet's Encrypt Subjectdweb.link FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2 ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT
File typeASCII text, with very long lines (65326) Size160 kB (160302 bytes) Hash816af0eddd3b4822c2756227c7e7b7ee c470239d4c7db36d56dc3a74a080c62218c6edc4 5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
Analyzer | Verdict | Alert | OpenPhish | phishing | DHL Airways, Inc. | Quad9 DNS | malicious | Sinkholed |
GET /index_files/bootstrap.css HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/css; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreic3b67fw6wxax3ksn6etgfnal3t3dyns5x6emnxjlxq5smwtegjhi"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/bootstrap.css
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreic3b67fw6wxax3ksn6etgfnal3t3dyns5x6emnxjlxq5smwtegjhi
x-ipfs-pop: rainbow-am6-01
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361521f04b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery_003.js | 209.94.90.3 | 200 OK | 90 kB |
URL GET HTTP/3bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery_003.js IP209.94.90.3:443
Requested byhttps://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ CertificateIssuerLet's Encrypt Subjectdweb.link FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2 ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Analyzer | Verdict | Alert | OpenPhish | phishing | DHL Airways, Inc. | Quad9 DNS | malicious | Sinkholed |
GET /index_files/jquery_003.js HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreihx62systy5dho2235dskzozywf4v4mx562j2ualnuil23jqw3ohu"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/jquery_003.js
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreihx62systy5dho2235dskzozywf4v4mx562j2ualnuil23jqw3ohu
x-ipfs-pop: rainbow-am6-01
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361521f0bb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/popper_002.js | 209.94.90.3 | 200 OK | 21 kB |
URL GET HTTP/3bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/popper_002.js IP209.94.90.3:443
Requested byhttps://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ CertificateIssuerLet's Encrypt Subjectdweb.link FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2 ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (21084) Hash84415b7368fd6fc764cbe86039ce0626 62f238e73348c77eb9e865426a7d1b7de23cbb2d c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Analyzer | Verdict | Alert | OpenPhish | phishing | DHL Airways, Inc. | Quad9 DNS | malicious | Sinkholed |
GET /index_files/popper_002.js HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreighoymvvvddgpdmtkp6hr2fal76vgqc7lyseoeounlhsiwmmwrqma"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/popper_002.js
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreighoymvvvddgpdmtkp6hr2fal76vgqc7lyseoeounlhsiwmmwrqma
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361522f33b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery_002.js | 209.94.90.3 | 200 OK | 2.3 kB |
URL GET HTTP/3bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery_002.js IP209.94.90.3:443
Requested byhttps://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ CertificateIssuerLet's Encrypt Subjectdweb.link FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2 ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT
File typeASCII text, with very long lines (2368), with no line terminators Hash0e6e66d900256c806b3a9dac174b2ebb 68dd2a54579d1895fbe35383da6f56ed841e6d7a 785b2383673ae9ccb86d36969c8e8d9593edaeb6d435aab4adad805898dce5f8
Analyzer | Verdict | Alert | OpenPhish | phishing | DHL Airways, Inc. | Quad9 DNS | malicious | Sinkholed |
GET /index_files/jquery_002.js HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreidwvvsyjlc33vczsoo4ouzpvz6cxxmoellxh7yw2iyg6qvb77cwtq"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/jquery_002.js
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreidwvvsyjlc33vczsoo4ouzpvz6cxxmoellxh7yw2iyg6qvb77cwtq
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361523f50b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap.js | 209.94.90.3 | 200 OK | 60 kB |
URL GET HTTP/3bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap.js IP209.94.90.3:443
Requested byhttps://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ CertificateIssuerLet's Encrypt Subjectdweb.link FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2 ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (59765) Hash02d223393e00c273efdcb1ade8f4f8b1 0cc93b8421d89c24a889642428b363cb831de78a 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
Analyzer | Verdict | Alert | OpenPhish | phishing | DHL Airways, Inc. | Quad9 DNS | malicious | Sinkholed |
GET /index_files/bootstrap.js HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreidzywm525qm5qgbminbv5e5tivetws5ixq3g7kfow5m4cs6aitfqi"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/bootstrap.js
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreidzywm525qm5qgbminbv5e5tivetws5ixq3g7kfow5m4cs6aitfqi
x-ipfs-pop: rainbow-am6-01
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361522f36b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery.js | 209.94.90.3 | 200 OK | 86 kB |
URL GET HTTP/3bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/jquery.js IP209.94.90.3:443
Requested byhttps://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ CertificateIssuerLet's Encrypt Subjectdweb.link FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2 ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (32065) Hash2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Analyzer | Verdict | Alert | OpenPhish | phishing | DHL Airways, Inc. | Quad9 DNS | malicious | Sinkholed |
GET /index_files/jquery.js HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreiafxbozn5a774knr5qi3lidvny6fqibpqw2beknprmssg5npjkpry"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/jquery.js
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreiafxbozn5a774knr5qi3lidvny6fqibpqw2beknprmssg5npjkpry
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361523f4db521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap_003.js | 209.94.90.3 | 200 OK | 49 kB |
URL GET HTTP/3bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/bootstrap_003.js IP209.94.90.3:443
Requested byhttps://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ CertificateIssuerLet's Encrypt Subjectdweb.link FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2 ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (48664) Hash14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Analyzer | Verdict | Alert | OpenPhish | phishing | DHL Airways, Inc. | Quad9 DNS | malicious | Sinkholed |
GET /index_files/bootstrap_003.js HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:55 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreihh5u3m53sukc2cio54gumiv6v57nbibr6fowlqahpa5ulhfgnqdm"
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/bootstrap_003.js
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreihh5u3m53sukc2cio54gumiv6v57nbibr6fowlqahpa5ulhfgnqdm
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 881361522f3eb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/vd.htm | 209.94.90.3 | 200 OK | 3.0 kB |
URL GET HTTP/3bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/index_files/vd.htm IP209.94.90.3:443
Requested byhttps://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/ CertificateIssuerLet's Encrypt Subjectdweb.link FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2 ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT
File typeHTML document, ASCII text, with very long lines (3096), with no line terminators Hash2e2976cb50f949666a45151811c98847 a798b29f0d3e218b3024d8e29eb182d21d424fbd b6b95e78fd27c74d31106b2895b35f7e73a2c60df0c250f79a980b2869c9900d
Analyzer | Verdict | Alert | OpenPhish | phishing | DHL Airways, Inc. | Quad9 DNS | malicious | Sinkholed |
GET /index_files/vd.htm HTTP/1.1
Host: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi.ipfs.dweb.link/
Cookie: __cflb=0H28vqRTftyM7D2nT68FW2ftGiinALcV2B42XHD8CWG; __session:0.7462979226477361:=https:
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 17:23:56 GMT
content-type: text/html
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi/index_files/vd.htm
x-ipfs-roots: bafybeibml5jr24naaptk53bmjhrt6oghfz7nbau5ie7nqsdzm7ofhwxvzi,bafybeicelldjnhgvfxrkdefpcjeh7bfb5vjf5dntq4d45yxp5zwebdne2i,bafkreibg3teiyyk5gi2kq4myplu3qncvr3trhhiktiw5o7o2nwzx4fgsyq
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 88136156f8e1b521-OSL
alt-svc: h3=":443"; ma=86400
|
|