Report - cf-ipfs.com/ipfs/QmRtXBdtEUVxZUWRWyB1XRtWdNXjs6nPBvoVrKLcexSzmR

Report Overview

Submitted URL
cf-ipfs.com/ipfs/QmRtXBdtEUVxZUWRWyB1XRtWdNXjs6nPBvoVrKLcexSzmR
IP
104.17.64.14
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 16:17:40
Access
public
Website Title
DHL | Tracking System
Final URL
bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
16
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu.ipfs.dweb.link	unknown	2017-02-24	2023-06-29	2024-04-18	535 B	86 kB	209.94.90.3
bafybeibvnblipnbvqerlzgcucuk5bs7eyj7by3rb5uapvpqecpvdje43h4.ipfs.dweb.link	unknown	2017-02-24	2023-08-19	2024-03-25	558 B	0 B	0.0.0.0
bafybeibififsngriseamxlan6gi6gm7ai6m24epcrlnjoumf4yhdkpobpm.ipfs.dweb.link	unknown	2017-02-24	2023-08-19	2024-04-09	551 B	0 B	0.0.0.0
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-05-09	512 B	1.2 kB	35.244.181.201
bafybeihtdqp4mpo54jpiwxw4kaxtsv2eg7vfbtauaky25f4lelnwd542pm.ipfs.dweb.link	unknown	2017-02-24	2023-07-01	2024-04-18	629 B	7.3 kB	209.94.90.2
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	502 B	2.6 kB	142.250.74.106
code.jquery.com	634	2005-12-10	2012-05-21	2024-05-09	475 B	24 kB	151.101.130.137
bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona.ipfs.dweb.link	unknown	2017-02-24	2023-07-02	2024-04-18	551 B	23 kB	209.94.90.3
bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com	unknown	2018-12-05	2023-10-18	2024-03-14	533 B	11 kB	104.17.64.14
cf-ipfs.com	655312	2018-12-05	2018-12-20	2024-05-08	517 B	1.1 kB	104.17.96.13
i.postimg.cc	23840	2016-06-11	2018-04-11	2024-05-09	502 B	55 kB	162.19.88.68
bafybeieea4qpxxzm4u47uj5ueece7tkmfgrsmrzk3wxgtm6jgmvjopgssu.ipfs.dweb.link	unknown	2017-02-24	2023-08-19	2024-03-25	557 B	0 B	0.0.0.0
bafybeicxb4b4jrsvc3zxpdg5htjel4z7qxaxjtwtcmse3droowlnhmg6sy.ipfs.dweb.link	unknown	2017-02-24	2023-08-19	2024-03-25	548 B	0 B	0.0.0.0
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-09	591 B	7.2 kB	104.17.24.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-10 16:17:16	low	Client IP	104.17.96.13	ET INFO Peer to Peer File Sharing Service Domain in TLS SNI (cf-ipfs .com)
2024-05-10 16:17:16	low	Client IP	104.17.96.13	ET INFO Peer to Peer File Sharing Service Domain in TLS SNI (cf-ipfs .com)
2024-05-10 16:17:16	low	Client IP	104.17.64.14	ET INFO Peer to Peer File Sharing Service Domain in TLS SNI (cf-ipfs .com)
2024-05-10 16:17:16	low	Client IP	104.17.64.14	ET INFO Peer to Peer File Sharing Service Domain in TLS SNI (cf-ipfs .com)
2024-05-10 16:17:17	low	Client IP	209.94.90.3	ET HUNTING Observed IPFS Gateway Domain (ipfs .dweb .link) in TLS SNI
2024-05-10 16:17:17	low	Client IP	209.94.90.3	ET HUNTING Observed IPFS Gateway Domain (ipfs .dweb .link) in TLS SNI
2024-05-10 16:17:17	low	Client IP	209.94.90.2	ET HUNTING Observed IPFS Gateway Domain (ipfs .dweb .link) in TLS SNI
2024-05-10 16:17:17	low	Client IP	209.94.90.2	ET HUNTING Observed IPFS Gateway Domain (ipfs .dweb .link) in TLS SNI
2024-05-10 16:17:17	low	Client IP	209.94.90.2	ET HUNTING Observed IPFS Gateway Domain (ipfs .dweb .link) in TLS SNI
2024-05-10 16:17:17	low	Client IP	209.94.90.2	ET HUNTING Observed IPFS Gateway Domain (ipfs .dweb .link) in TLS SNI
2024-05-10 16:17:17	low	Client IP	209.94.90.3	ET HUNTING Observed IPFS Gateway Domain (ipfs .dweb .link) in TLS SNI
2024-05-10 16:17:17	low	Client IP	209.94.90.3	ET HUNTING Observed IPFS Gateway Domain (ipfs .dweb .link) in TLS SNI
2024-05-10 16:17:17	low	Client IP	209.94.90.3	ET HUNTING Observed IPFS Gateway Domain (ipfs .dweb .link) in TLS SNI
2024-05-10 16:17:17	low	Client IP	209.94.90.3	ET HUNTING Observed IPFS Gateway Domain (ipfs .dweb .link) in TLS SNI
2024-05-10 16:17:17	low	Client IP	209.94.90.2	ET HUNTING Observed IPFS Gateway Domain (ipfs .dweb .link) in TLS SNI
2024-05-10 16:17:17	low	Client IP	209.94.90.2	ET HUNTING Observed IPFS Gateway Domain (ipfs .dweb .link) in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	cf-ipfs.com/ipfs/QmRtXBdtEUVxZUWRWyB1XRtWdNXjs6nPBvoVrKLcexSzmR	DHL Airways, Inc.
2024-04-18	medium	bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/	DHL Airways, Inc.

PhishTank

Scan Date	Severity	Indicator	Alert
2023-10-18	medium	cf-ipfs.com/ipfs/QmRtXBdtEUVxZUWRWyB1XRtWdNXjs6nPBvoVrKLcexSzmR	Other
2023-10-18	medium	bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (14)

URL IP Response Size

cf-ipfs.com/ipfs/QmRtXBdtEUVxZUWRWyB1XRtWdNXjs6nPBvoVrKLcexSzmR

104.17.96.13

301 Moved Permanently

120 B

URL User Request GET HTTP/2
cf-ipfs.com/ipfs/QmRtXBdtEUVxZUWRWyB1XRtWdNXjs6nPBvoVrKLcexSzmR
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint52:AB:96:DB:E9:BE:89:E5:DD:52:F1:32:96:17:32:F0:A3:F2:E7:41
ValidityThu, 04 Apr 2024 23:41:09 GMT - Wed, 03 Jul 2024 23:41:08 GMT

File type
HTML document, ASCII text
Size
120 B (120 bytes)
Hash
f922ad343b27c09f07d79d8ecce7faaa
b4135e280a028c093c0c44dd5ef5f875c8f15588
6848d1e05dcd05cd40ac2d61f145b689f6f25769516e1dea61dd979a71322a03

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/QmRtXBdtEUVxZUWRWyB1XRtWdNXjs6nPBvoVrKLcexSzmR HTTP/1.1
Host: cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 10 May 2024 16:17:16 GMT
content-type: text/html; charset=utf-8
content-length: 120
location: https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
cf-ray: 881b3d0c188c0b65-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: no-store
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
set-cookie: __cf_bm=KE6NfGHom_5bxIU2mu6XOYrv_uT8k2s4dCNToaRQUXY-1715357836-1.0.1.1-XSE5LOXbzDKUTpvy6sbfAgg31IvSXAQiYuQH5dumrzq.Bw_mHg3TZtjS4ioL6xdiPGoe1cosZqfYoe71yaT47w; path=/; expires=Fri, 10-May-24 16:47:16 GMT; domain=.cf-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

104.17.24.14

200 OK

6.2 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (19015)
Size
6.2 kB (6157 bytes)
Hash
70d3fda195602fe8b75e0097eed74dde
c3b977aa4b8dfb69d651e07015031d385ded964b
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

HTTP Headers

GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 16:17:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 849911
expires: Wed, 30 Apr 2025 16:17:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fGj91SI4IQ7zTYIEUf48P45J8I8ZMXohRnIZt7%2B0KOgpdNG1vysXPksMh4rcSfKZfSWIHjL0p%2FAF0KgVNMTtyR9XMnjcSxxN2hd66FCzNWoNEOz3HYNYYdDWUznstC8zsXJ2uV0y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881b3d14394d56a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.2.1.slim.min.js

151.101.130.137

200 OK

24 kB

URL GET HTTP/2
code.jquery.com/jquery-3.2.1.slim.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32012)
Size
24 kB (23856 bytes)
Hash
5f48fc77cac90c4778fa24ec9c57f37d
9e89d1515bc4c371b86f4cb1002fd8e377c1829f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

HTTP Headers

GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-10fdd"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 10 May 2024 16:17:17 GMT
age: 640459
x-served-by: cache-lga21963-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 43, 50355
x-timer: S1715357838.536638,VS0,VE0
vary: Accept-Encoding
content-length: 23856
X-Firefox-Spdy: h2

bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona.ipfs.dweb.link/?filename=bootstrap.min.css

209.94.90.3

200 OK

22 kB

URL GET HTTP/2
bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona.ipfs.dweb.link/?filename=bootstrap.min.css
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
ASCII text, with very long lines (65325)
Size
22 kB (22326 bytes)
Hash
450fc463b8b1a349df717056fbb3e078
895125a4522a3b10ee7ada06ee6503587cbf95c5
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

HTTP Headers

GET /?filename=bootstrap.min.css HTTP/1.1
Host: bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 16:17:17 GMT
content-type: text/css; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="bootstrap.min.css"; filename*=UTF-8''bootstrap.min.css
etag: W/"bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona"
x-ipfs-path: /ipfs/bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona/
x-ipfs-roots: bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona
x-ipfs-pop: rainbow-fr2-03
cf-cache-status: HIT
set-cookie: __cflb=0H28vRVDGWR9gmGbmkgFLpZ4nQKzpwNqWCmvpEzGLA8; SameSite=None; Secure; path=/; expires=Sat, 11-May-24 15:17:17 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b3d14da34b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.postimg.cc/1tdgbsQf/dhlall.png

162.19.88.68

200 OK

55 kB

URL GET HTTP/2
i.postimg.cc/1tdgbsQf/dhlall.png
IP
162.19.88.68:443
ASN
#16276 OVH SAS

Requested by
https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
Fingerprint53:90:A2:AC:6E:D0:9C:56:06:D5:4F:6E:EE:C9:67:58:10:CF:9A:D6
ValidityMon, 22 Apr 2024 06:32:22 GMT - Sun, 21 Jul 2024 06:32:21 GMT

File type
PNG image data, 1280 x 36, 8-bit/color RGBA, non-interlaced
Size
55 kB (55058 bytes)
Hash
83bee8387c8f7023848c03612be8e98e
7c7509a1284e93dae6f8fdc0a5248f9f7d2386f0
0798c740ac54ef287d0c04b7dcd0f13afb16e4b9a790a4517d9d5c6c8266c2d1

HTTP Headers

GET /1tdgbsQf/dhlall.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 16:17:17 GMT
content-type: image/png
content-length: 55058
last-modified: Wed, 10 May 2023 11:38:15 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=hPg4DpqdeP8B-g-Rmx7FozY8X7MiPKWGj0jm2quxPU_eXguAtxxlxriwgbxxkl1DqCxqJeqkDWAF9omS7W5SXU_nU-V0y9TuUbYKWhI5SjxRA6FuZVH63Y8T847S1es7
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Fri, 10 May 2024 16:16:26 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 68
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Ubuntu&display=swap

142.250.74.106

200 OK

1.9 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Ubuntu&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (1980), with no line terminators
Size
1.9 kB (1926 bytes)
Hash
038e0b34ca73f43678acfcf5cb71f252
f84bc99450f807bc2d1650a8bfbc0500debfa105
421bceb1746d6d03679ca1ba2d91c6e0575666442ba00b9fd7a8af0ae9d8242f

HTTP Headers

GET /css?family=Ubuntu&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 16:17:17 GMT
date: Fri, 10 May 2024 16:17:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/

104.17.64.14

200 OK

9.6 kB

URL User Request GET HTTP/2
bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint46:AD:9B:E1:02:E3:A8:FE:9B:E2:86:B5:A1:5C:07:B9:B7:3B:17:14
ValiditySat, 16 Mar 2024 23:28:47 GMT - Fri, 14 Jun 2024 23:28:46 GMT

File type
JavaScript source, ASCII text, with very long lines (10069), with no line terminators
Size
9.6 kB (9596 bytes)
Hash
1ba4bd3fa0e0926f3c0ab4f568b10c58
032ea8d83cd26dd62e2c4160a0e841b18b8e67e5
741b488874ec15a5933da6a0e8168b4f56ef7e355cdafad1d6b1d714c61c5566

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.
PhishTank	phishing	Other

HTTP Headers

GET / HTTP/1.1
Host: bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 16:17:17 GMT
content-type: text/html
cf-ray: 881b3d10ce2656cc-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq/
x-ipfs-roots: bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq
set-cookie: __cf_bm=Eg3o3cEyoiMUXsYJ9yVbVCL3mtG.BGQtl8aLOZOy.MA-1715357837-1.0.1.1-rBpJk3BNQZccUK1n3ZlS0UNqexHTd_WgnvJ8cDpnYoysQQGurkxQBbuLajMepQRXS9hpGPbOUXl.6S4eMS1kOA; path=/; expires=Fri, 10-May-24 16:47:17 GMT; domain=.bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bafybeieea4qpxxzm4u47uj5ueece7tkmfgrsmrzk3wxgtm6jgmvjopgssu.ipfs.dweb.link/?filename=mydhl-plus.svg

0.0.0.0

0 B

URL GET
bafybeieea4qpxxzm4u47uj5ueece7tkmfgrsmrzk3wxgtm6jgmvjopgssu.ipfs.dweb.link/?filename=mydhl-plus.svg
IP
0.0.0.0:0
ASN
#0

Requested by
https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?filename=mydhl-plus.svg HTTP/1.1
Host: bafybeieea4qpxxzm4u47uj5ueece7tkmfgrsmrzk3wxgtm6jgmvjopgssu.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu.ipfs.dweb.link/?filename=jquery.min.js

209.94.90.3

200 OK

86 kB

URL GET HTTP/2
bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu.ipfs.dweb.link/?filename=jquery.min.js
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
JavaScript source, ASCII text, with very long lines (32065), with CRLF line terminators
Size
86 kB (85584 bytes)
Hash
bceabde9d4ba653fd1f4bb171bff0c01
c8cdd4f8e91a77cddbc6d9ce8d5f302c52d74b6f
7496a1a9d658f14a47f7ee8dfa70840e47efa61b55b02cda8b316b0fc8dcc2c5

HTTP Headers

GET /?filename=jquery.min.js HTTP/1.1
Host: bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 16:17:17 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="jquery.min.js"; filename*=UTF-8''jquery.min.js
etag: W/"bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu"
x-ipfs-path: /ipfs/bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu/
x-ipfs-roots: bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu
x-ipfs-pop: rainbow-am6-03
cf-cache-status: HIT
age: 254502
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b3d14fa58b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bafybeicxb4b4jrsvc3zxpdg5htjel4z7qxaxjtwtcmse3droowlnhmg6sy.ipfs.dweb.link/?filename=dh-style.css

0.0.0.0

0 B

URL GET
bafybeicxb4b4jrsvc3zxpdg5htjel4z7qxaxjtwtcmse3droowlnhmg6sy.ipfs.dweb.link/?filename=dh-style.css
IP
0.0.0.0:0
ASN
#0

Requested by
https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?filename=dh-style.css HTTP/1.1
Host: bafybeicxb4b4jrsvc3zxpdg5htjel4z7qxaxjtwtcmse3droowlnhmg6sy.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

bafybeihtdqp4mpo54jpiwxw4kaxtsv2eg7vfbtauaky25f4lelnwd542pm.ipfs.dweb.link/?filename=bootstrap.min.js

209.94.90.2

410 Gone

6.9 kB

URL GET HTTP/2
bafybeihtdqp4mpo54jpiwxw4kaxtsv2eg7vfbtauaky25f4lelnwd542pm.ipfs.dweb.link/?filename=bootstrap.min.js
IP
209.94.90.2:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
HTML document, ASCII text, with very long lines (7348), with no line terminators
Size
6.9 kB (6875 bytes)
Hash
479d79915b6ce8f6a7c38b2e5080e7d2
72bb1e7d9fef8eb738f2e234944fb4a2f1b0f80c
c630b535721aa57cb4f33dddeae6ab331af95aadba7fc90f947fd0265eeee053

HTTP Headers

GET /?filename=bootstrap.min.js HTTP/1.1
Host: bafybeihtdqp4mpo54jpiwxw4kaxtsv2eg7vfbtauaky25f4lelnwd542pm.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 410 Gone
date: Fri, 10 May 2024 16:17:17 GMT
content-type: text/html
x-ipfs-pop: rainbow-am6-02
cf-cache-status: EXPIRED
set-cookie: __cflb=02DiuHRSjwkKBEdLrPx1ZG2H2Q1eu8Lwbkj5XJU2tr2UC; SameSite=None; Secure; path=/; expires=Sat, 11-May-24 15:17:17 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b3d14c94e56aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bafybeibvnblipnbvqerlzgcucuk5bs7eyj7by3rb5uapvpqecpvdje43h4.ipfs.dweb.link/?filename=favicon_dhl.ico

0.0.0.0

0 B

URL GET
bafybeibvnblipnbvqerlzgcucuk5bs7eyj7by3rb5uapvpqecpvdje43h4.ipfs.dweb.link/?filename=favicon_dhl.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?filename=favicon_dhl.ico HTTP/1.1
Host: bafybeibvnblipnbvqerlzgcucuk5bs7eyj7by3rb5uapvpqecpvdje43h4.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

bafybeibififsngriseamxlan6gi6gm7ai6m24epcrlnjoumf4yhdkpobpm.ipfs.dweb.link/?filename=logo.png

0.0.0.0

0 B

URL GET
bafybeibififsngriseamxlan6gi6gm7ai6m24epcrlnjoumf4yhdkpobpm.ipfs.dweb.link/?filename=logo.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?filename=logo.png HTTP/1.1
Host: bafybeibififsngriseamxlan6gi6gm7ai6m24epcrlnjoumf4yhdkpobpm.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeibuxurufn7popc4v2x5chavobvxql4ecn3tp4fhwlu3345vonerzq.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (14)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2