Report - www.valhalla-release.xyz/

Report Overview

Submitted URL
www.valhalla-release.xyz/
IP
34.141.72.9
ASN
#396982 GOOGLE-CLOUD-PLATFORM
Submitted
2023-01-09 04:50:43
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
52

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	495 B	37 kB	216.58.207.227
unpkg.com	11693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	755 B	1.1 kB	104.16.125.175
www.valhalla-release.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	810 B	625 B	34.159.168.235
valhalla-release.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	3.1 MB	34.159.168.235
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.6 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.161.148.163
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.131
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	431 B	99 kB	151.101.1.229
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	2.0 kB	151.101.130.133
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	8.9 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	393 B	234 kB	104.17.25.14
bridge.walletconnect.org	34284	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	558 B	124 B	3.120.133.209

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-09	medium	www.valhalla-release.xyz/	Phishing
2023-01-09	medium	www.valhalla-release.xyz/	Phishing
2023-01-09	medium	valhalla-release.xyz/	Phishing
2023-01-09	medium	valhalla-release.xyz/js/utils.js	Phishing
2023-01-09	medium	valhalla-release.xyz/js/showMess.js	Phishing
2023-01-09	medium	valhalla-release.xyz/jquery-3.6.0.js.download	Phishing
2023-01-09	medium	valhalla-release.xyz/webpack.js.download	Phishing
2023-01-09	medium	valhalla-release.xyz/js/web3.min.js	Phishing
2023-01-09	medium	valhalla-release.xyz/js/axios.min.js	Phishing
2023-01-09	medium	valhalla-release.xyz/js/ethereumjs-tx-1.3.3.min.js	Phishing
2023-01-09	medium	valhalla-release.xyz/js/index.min.js	Phishing
2023-01-09	medium	valhalla-release.xyz/polyfills.js.download	Phishing
2023-01-09	medium	valhalla-release.xyz/fonts/Discord_Icon.svg	Phishing
2023-01-09	medium	valhalla-release.xyz/ethers.umd.min.js.download	Phishing
2023-01-09	medium	valhalla-release.xyz/js/loader.js	Phishing
2023-01-09	medium	valhalla-release.xyz/js/axios.min.js	Phishing
2023-01-09	medium	valhalla-release.xyz/jquery-3.6.0.js%281%29.Download	Phishing
2023-01-09	medium	valhalla-release.xyz/js/moralis.js	Phishing
2023-01-09	medium	valhalla-release.xyz/js/index.min.js	Phishing
2023-01-09	medium	valhalla-release.xyz/js/ethereumjs-tx-1.3.3.min.js	Phishing
2023-01-09	medium	valhalla-release.xyz/js/utils.js	Phishing
2023-01-09	medium	valhalla-release.xyz/js/showMess.js	Phishing
2023-01-09	medium	valhalla-release.xyz/index.min.js.download	Phishing
2023-01-09	medium	valhalla-release.xyz/index.js.download	Phishing
2023-01-09	medium	valhalla-release.xyz/fonts/Twitter_Icon.svg	Phishing
2023-01-09	medium	valhalla-release.xyz/media/bg.mp4	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 11:29:31 Times Seen37062258 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	valhalla-release.xyz/webpack.js.download	10 kB	2023-03-11	2023-03-14
Pretty URL valhalla-release.xyz/webpack.js.download IP 34.159.168.235 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:34:08 Last Seen2023-03-14 11:25:04 Times Seen1 Hash 39fee76b28969daaa3370a8210af82fc 6a2e361d8f762d8a811fdda401dd4b4843095de2 9d76a6b2e85116d547dae50d4d1f8f54c63a96d541835d5e4cbd3e939211f6f3 Loading...

	valhalla-release.xyz/polyfills.js.download	10 kB	2023-03-11	2023-03-14
Pretty URL valhalla-release.xyz/polyfills.js.download IP 34.159.168.235 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:34:08 Last Seen2023-03-14 11:25:04 Times Seen1 Hash ed792ed73544cbedabd66a1f978988b2 81204587d2b155047f39909129e7712ae939073f 7049615b6b59d3533adfd970de81395fd9647924e80842b2a9d9f0c0c63e14c6 Loading...

	valhalla-release.xyz/index.min.js.download	1.1 MB	2023-03-07	2024-04-18
Pretty URL valhalla-release.xyz/index.min.js.download IP 34.159.168.235 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:27 Last Seen2024-04-18 16:44:25 Times Seen164 Hash 35302294a9bfa1b9d75fa08835259a65 4909291f89dfd05b36d7773a79127ae53640d0ba 05e0ca3f38966965b3400dc05db506c462ebf67ed71a9e9d3e28f7672647e0a6 Loading...

	unpkg.com/moralis-v1/dist/moralis.js	2.9 MB	2023-03-08	2024-03-19
Pretty URL unpkg.com/moralis-v1/dist/moralis.js IP 104.16.125.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:53:15 Last Seen2024-03-19 16:59:56 Times Seen27 Hash 4543597acf1ba855730114c585e32f85 49d00c7fe74048a01e182f42092a613652f652c8 c34b1681a23d6ee273542390c3a34d9de0c75505ad3bf1e40e1543a43262e647 Loading...

	valhalla-release.xyz/js/utils.js	47 kB	2023-03-11	2023-03-14
Pretty URL valhalla-release.xyz/js/utils.js IP 34.159.168.235 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:34:08 Last Seen2023-03-14 11:25:04 Times Seen1 Hash bead46549be00ffa14df8fda9f0bbd77 87557f17e69a065ac11dc8bec4647a6dcfebcd5b 0457f9ade6d595978c6d313916a6d0605a115dd4a1b5d0ada9be5518864c1d3a Loading...

	unpkg.com/axios@1.0.0/dist/axios.min.js	26 kB	2023-03-08	2024-01-12
Pretty URL unpkg.com/axios@1.0.0/dist/axios.min.js IP 104.16.125.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:24:52 Last Seen2024-01-12 18:08:22 Times Seen39 Hash d4079fdb3aef1a6ec7d17f6073570dec 250553ee309b237ebbe5266ca5c252d4256ace1e fa369087f636a9cbded47d673c29bdfb5afbef670537edbe2546f4a20b021347 Loading...

	unpkg.com/@walletconnect/web3-provider@1.7.5/dist/umd/index.min.js	747 kB	2023-03-07	2024-03-19
Pretty URL unpkg.com/@walletconnect/web3-provider@1.7.5/dist/umd/index.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:42 Last Seen2024-03-19 16:59:56 Times Seen68 Hash 6d56e1a5c2793a9b9a00afaf56cc24cd 31311b37d385a944489f44aac89241978a9648d9 1db31bd72954a6d0dd472016a4956d397f2002e8d95d941ae60ea178acfd2f54 Loading...

	valhalla-release.xyz/ethers.umd.min.js.download	736 kB	2023-03-07	2024-04-12
Pretty URL valhalla-release.xyz/ethers.umd.min.js.download IP 34.159.168.235 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:58:29 Last Seen2024-04-12 20:20:14 Times Seen766 Hash 268d19762594655239a29d058a7e8b44 f06da2f7a68114b8dda38a0d782d65ddacc9c0e8 95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618 Loading...

	valhalla-release.xyz/js/showMess.js	135 B	2023-03-08	2023-08-10
Pretty URL valhalla-release.xyz/js/showMess.js IP 34.159.168.235 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:45:25 Last Seen2023-08-10 00:50:43 Times Seen9 Hash 65e6861af3c4a2e7705d4f3ff5b32f1d a8d48f520b23cc4f6439f79cade9dee050ac0488 38d5963e09a8ddafe44d7983d9e67f54bac4b40a9e8758fd2a60bc33d3f5c399 Loading...

HTTP Transactions (68)

URL IP Response Size

www.valhalla-release.xyz/

34.159.168.235

301 Moved Permanently

48 B

URL HTTP/1.1
www.valhalla-release.xyz/
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with no line terminators
Size
48 B (48 bytes)
Hash
431753c0708d592728e1718096e1cf35
5d21470e03b230f856f6adcc1164df036ab40481
25814ab9c59e4d16f6d00909cfdad9086e2bb31fa75a5dff763b98d3b60af95a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://www.valhalla-release.xyz/
Server: Netlify
X-Nf-Request-Id: 01GPADV7ZRXVYKKP2B19KWZ4KR
Date: Mon, 09 Jan 2023 04:50:30 GMT
Content-Length: 48
Content-Type: text/plain; charset=utf-8

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10670
Expires: Mon, 09 Jan 2023 07:48:20 GMT
Date: Mon, 09 Jan 2023 04:50:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
516b9d6951b09439a51d5284994ed92f
5c78edb38bae36caa8e2db8ed6635a32e46c91dd
eaaf4ebc59d2a06d02b552154c5adb7c713ffc4a7f5caabcff1c2b4cd6ec5c7b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAAF4EBC59D2A06D02B552154C5ADB7C713FFC4A7F5CAABCFF1C2B4CD6EC5C7B"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11448
Expires: Mon, 09 Jan 2023 08:01:18 GMT
Date: Mon, 09 Jan 2023 04:50:30 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 09 Jan 2023 04:41:37 GMT
content-type: application/json
age: 533
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
89a058935fd04697c87e9441fbb466a9
59b5b08119374b1da34cff7e43a7c6dc80103f6e
3a3261f495323ff0f60067b2930b8d0e5e4e5cd6ae9b14929a88047587b735da

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A3261F495323FF0F60067B2930B8D0E5E4E5CD6AE9B14929A88047587B735DA"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11573
Expires: Mon, 09 Jan 2023 08:03:23 GMT
Date: Mon, 09 Jan 2023 04:50:30 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 5WbxpIULVUORoe6vIy75usB6B8EzxM+hQeLV1eaguFyj9cup3TFMXK16u+1oCDgwAlUR+5Lx+qU=
x-amz-request-id: HWJ4FABWY6B070V8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 09 Jan 2023 04:01:05 GMT
age: 2965
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 04:50:30 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b47d7d5df4908c6bd1aa6b5bf557fd38
b912186d3b5abfc5656c501a4a811cebb95f27b0
0c66da1c5e3bc202af332548559e1ead5f20611f5f3fdc317d91340c05ef3605

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C66DA1C5E3BC202AF332548559E1EAD5F20611F5F3FDC317D91340C05EF3605"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 09 Jan 2023 10:50:31 GMT
Date: Mon, 09 Jan 2023 04:50:31 GMT
Connection: keep-alive

www.valhalla-release.xyz/

34.159.168.235

301 Moved Permanently

44 B

URL HTTP/2
www.valhalla-release.xyz/
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with no line terminators
Size
44 B (44 bytes)
Hash
971d9b83a4194e343167735c5041824b
4c8465d31500ba3b9ec76b9b4576bd5551ad6e3b
496615cfb89b94672d74d6e641c3e9815dcb071e5e4aee04bf1c430ec4457df1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
location: https://valhalla-release.xyz/
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GPADV8KEEJ6DMFC7VDB5VCFN
content-type: text/plain; charset=utf-8
content-length: 44
date: Mon, 09 Jan 2023 04:50:31 GMT
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 09 Jan 2023 04:33:44 GMT
age: 1007
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

valhalla-release.xyz/

34.159.168.235

200 OK

1.3 kB

URL HTTP/2
valhalla-release.xyz/
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (395)
Size
1.3 kB (1344 bytes)
Hash
6f1b132fee059535bb158dfc8fce5d3a
ca9d1a45fdb1a48354391f36db0bf07cafa9d6ff
a26ceaaf73c89f357d5256c87fcb48da96f844ea33d9d03f5f0b33fa102b6900

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
age: 17921
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 08 Jan 2023 23:51:50 GMT
etag: "4f62c97640038a85fe1e3da7a35285ab-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADV8PH120B4E2QGWYSG10B
content-length: 1344
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/web3/1.7.5/web3.min.js

104.17.25.14

200 OK

233 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/web3/1.7.5/web3.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (64083)
Size
233 kB (232551 bytes)
Hash
336f8552bf58b4266b3d5207d3ab668e
57cf835a925d2a8e7807f281336444f12c5050f3
05659caf27a9d509a808692661a0bfeb798348360a386c9efc1e9aff77554658

HTTP Headers

GET /ajax/libs/web3/1.7.5/web3.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 09 Jan 2023 04:50:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 232551
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62e7f266-38c67"
last-modified: Mon, 01 Aug 2022 15:33:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6952253
expires: Sat, 30 Dec 2023 04:50:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHQhaWvFnnyRRZDI50SgALkN3sTzy7XahIVtEQn6%2FlDVBJ%2FppujKZwTIepE60P6SmNBfW9y76QKVQzSRtydXkesjmyQXrJmMPpwHrc4q9ZVHTI7yySYvkPz4yGp1pWDWwAicRlkK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 786a8d72c9e5b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

valhalla-release.xyz/js/utils.js

34.159.168.235

200 OK

10 kB

URL HTTP/2
valhalla-release.xyz/js/utils.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (9158), with CRLF line terminators
Size
10 kB (10279 bytes)
Hash
55c35130ddafca281e75883a8e57bbe0
13ff8240ad1725becab2d5176311a78514c67ec3
2543794a7daf8c9e85820a0a405b38cef8ea09da7e4976ff786df4ca059926bc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/utils.js HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 17922
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Sun, 08 Jan 2023 23:51:50 GMT
etag: "ca26d2c7d4e5cf075b2e35ded79ca589-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADV8WMJR0DEM7PH7RN5ZCZ
content-length: 10279
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
54ac41a005cad66e958c904071ea1d4f
66932889be57eb15ab99237a69d292b12090c68d
52545e144a7ca5c37c5369d5f5b566b4e5e820b1920ab7fe8e413e7fe022e21b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5785
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 04:50:31 GMT
Last-Modified: Mon, 09 Jan 2023 03:14:06 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
634e0e814bce2a88d781f65f4d747e2e
1f3f7e9756416779eb95fd76e293afe7d484585a
404f5489d744b72f60acd6be14ab790cf2be4e80ec5061b2cda5894f005dde1a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3036
Cache-Control: max-age=125704
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 04:50:31 GMT
Etag: "63bad943-117"
Expires: Tue, 10 Jan 2023 15:45:35 GMT
Last-Modified: Sun, 08 Jan 2023 14:54:59 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
634e0e814bce2a88d781f65f4d747e2e
1f3f7e9756416779eb95fd76e293afe7d484585a
404f5489d744b72f60acd6be14ab790cf2be4e80ec5061b2cda5894f005dde1a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6102
Cache-Control: max-age=128770
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 04:50:31 GMT
Etag: "63bad943-117"
Expires: Tue, 10 Jan 2023 16:36:41 GMT
Last-Modified: Sun, 08 Jan 2023 14:54:59 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279

valhalla-release.xyz/js/showMess.js

34.159.168.235

200 OK

135 B

URL HTTP/2
valhalla-release.xyz/js/showMess.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text
Size
135 B (135 bytes)
Hash
65e6861af3c4a2e7705d4f3ff5b32f1d
a8d48f520b23cc4f6439f79cade9dee050ac0488
38d5963e09a8ddafe44d7983d9e67f54bac4b40a9e8758fd2a60bc33d3f5c399

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/showMess.js HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 17922
cache-control: public, max-age=0, must-revalidate
content-type: application/javascript; charset=UTF-8
date: Sun, 08 Jan 2023 23:51:50 GMT
etag: "13a1c03af2e2c5c95ce250a8ca1b32aa-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GPADV8WS1QAJ6A4MDNYE5BAG
content-length: 135
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
634e0e814bce2a88d781f65f4d747e2e
1f3f7e9756416779eb95fd76e293afe7d484585a
404f5489d744b72f60acd6be14ab790cf2be4e80ec5061b2cda5894f005dde1a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4993
Cache-Control: max-age=127661
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 04:50:31 GMT
Etag: "63bad943-117"
Expires: Tue, 10 Jan 2023 16:18:12 GMT
Last-Modified: Sun, 08 Jan 2023 14:54:59 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js

151.101.1.229

200 OK

98 kB

URL HTTP/2
cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js
IP
151.101.1.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (43040)
Size
98 kB (97784 bytes)
Hash
bc7f9f4b180da64e75549763afd31827
e8ce0cc0620291281ac93fcb790efadb459ed58d
0d84d9bbaa6afffeec141eda5a989c4874342265c707e51074c2dc271acdc811

HTTP Headers

GET /gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"4edeb-1sQW5dFT9QD3rGbSWitz20WGetQ"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 09 Jan 2023 04:50:31 GMT
age: 25778
x-served-by: cache-fra-eddf8230099-FRA, cache-bma1647-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 97784
X-Firefox-Spdy: h2

valhalla-release.xyz/jquery-3.6.0.js.download

34.159.168.235

200 OK

81 kB

URL HTTP/2
valhalla-release.xyz/jquery-3.6.0.js.download
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text
Size
81 kB (81288 bytes)
Hash
c04950820d3dc710928a95e2fdbad665
d8a65fb1543263d40945e1103bb9c7a57e10334c
0f0cda898f8b9b29158bfd805db30539727001c1f3ffd2c6299810705dd626d0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /jquery-3.6.0.js.download HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 17918
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/octet-stream
date: Sun, 08 Jan 2023 23:51:53 GMT
etag: "fe45d9de3ab556bb57ae0212ce095a35-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADV8WVAQA4NXC5757E3WZZ
content-length: 81288
X-Firefox-Spdy: h2

valhalla-release.xyz/webpack.js.download

34.159.168.235

200 OK

2.0 kB

URL HTTP/2
valhalla-release.xyz/webpack.js.download
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (878)
Size
2.0 kB (1960 bytes)
Hash
ef13321b80a82cda761f4d57872148d5
b76cc783ac2ca7ccf7c22bf0cb1ba42f99527344
8fabc94e842e264fa694e4bcc62897a2da46eaca039b16aecae5bcb33abe4ffb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webpack.js.download HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 207689
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/octet-stream
date: Fri, 06 Jan 2023 19:09:02 GMT
etag: "663e920888865f6411c1c60786d623f7-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADV8XKQEJCDVR6FH9XDDXP
content-length: 1960
X-Firefox-Spdy: h2

valhalla-release.xyz/js/web3.min.js

34.159.168.235

404 Not Found

1.2 kB

URL HTTP/2
valhalla-release.xyz/js/web3.min.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.2 kB (1245 bytes)
Hash
3530ab3fb068ffb26ab9b3e9184cfcbe
5abe9ee23f42cb727de0567589872f2f5aad57c7
18c9246dec79e05803b6c95c0247f989bf655c1e1809d591b2be37f8bf6f2e22

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/web3.min.js HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
age: 207687
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Jan 2023 19:09:04 GMT
etag: 1669748684-ssl-df
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADV8XMVJHFGFM53X2X7SQE
content-length: 1245
X-Firefox-Spdy: h2

valhalla-release.xyz/js/axios.min.js

34.159.168.235

404 Not Found

1.2 kB

URL HTTP/2
valhalla-release.xyz/js/axios.min.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.2 kB (1245 bytes)
Hash
3530ab3fb068ffb26ab9b3e9184cfcbe
5abe9ee23f42cb727de0567589872f2f5aad57c7
18c9246dec79e05803b6c95c0247f989bf655c1e1809d591b2be37f8bf6f2e22

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/axios.min.js HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
age: 207687
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Jan 2023 19:09:04 GMT
etag: 1669748684-ssl-df
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADV8XMDRT19WX4NJTZS400
content-length: 1245
X-Firefox-Spdy: h2

valhalla-release.xyz/js/ethereumjs-tx-1.3.3.min.js

34.159.168.235

404 Not Found

1.2 kB

URL HTTP/2
valhalla-release.xyz/js/ethereumjs-tx-1.3.3.min.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.2 kB (1245 bytes)
Hash
3530ab3fb068ffb26ab9b3e9184cfcbe
5abe9ee23f42cb727de0567589872f2f5aad57c7
18c9246dec79e05803b6c95c0247f989bf655c1e1809d591b2be37f8bf6f2e22

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/ethereumjs-tx-1.3.3.min.js HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
age: 207687
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Jan 2023 19:09:04 GMT
etag: 1669748684-ssl-df
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADV8Y0V65MXRHTVVN9DT6C
content-length: 1245
X-Firefox-Spdy: h2

valhalla-release.xyz/js/index.min.js

34.159.168.235

404 Not Found

1.2 kB

URL HTTP/2
valhalla-release.xyz/js/index.min.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.2 kB (1245 bytes)
Hash
3530ab3fb068ffb26ab9b3e9184cfcbe
5abe9ee23f42cb727de0567589872f2f5aad57c7
18c9246dec79e05803b6c95c0247f989bf655c1e1809d591b2be37f8bf6f2e22

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/index.min.js HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
age: 207687
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Jan 2023 19:09:04 GMT
etag: 1669748684-ssl-df
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADV8XSFQDAFNYZE3BJA01X
content-length: 1245
X-Firefox-Spdy: h2

valhalla-release.xyz/polyfills.js.download

34.159.168.235

200 OK

2.0 kB

URL HTTP/2
valhalla-release.xyz/polyfills.js.download
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (878)
Size
2.0 kB (1959 bytes)
Hash
2dd5db686a32fae8aa9ac76315439893
f35b8e6538100859e97f0cedb97ca9793973b74a
1b5836d8bdd03337a77bd9f0aed83e15b4f050107a8fad89dd1a6ca74b7631ef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /polyfills.js.download HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 207689
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/octet-stream
date: Fri, 06 Jan 2023 19:09:02 GMT
etag: "dc09c5d60ee1f5824d9783980b2f1659-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADV8XMQMV4N15ZSCJVTA6E
content-length: 1959
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

151.101.130.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
151.101.130.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1462 bytes)
Hash
5c3702833b56fd5ee1c13939b2857238
ff9a1a89eb513c4f51852fa03b000a52740fc3ae
f0ad2da128571f921f9e737f4d1cab330926ea5ca70ef1074a3ca2bed8d455b4

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "888B78DC94FAF4EF8406DCE0452C7FFC28828753"
Expires: Mon, 09 Jan 2023 16:00:00 UTC
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Mon, 09 Jan 2023 04:50:31 GMT
Via: 1.1 varnish
Age: 2263
X-Served-By: cache-bma1654-BMA
X-Cache: HIT
X-Cache-Hits: 3
X-Timer: S1673239832.653588,VS0,VE0

valhalla-release.xyz/css/normalize.css

34.159.168.235

200 OK

483 B

URL HTTP/2
valhalla-release.xyz/css/normalize.css
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with CRLF line terminators
Size
483 B (483 bytes)
Hash
98ddae36d31538f3cf9fd88fa733d774
0fc460b095ba311e1dd9b7dd8c7d01687f796a32
eb73e87099c4714913804ee81bd35ebabcb2d5042ef52add1fa5e4222a4ade53

HTTP Headers

GET /css/normalize.css HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/css; charset=UTF-8
date: Mon, 09 Jan 2023 04:50:31 GMT
etag: "130d5633819fb6168d4a6b21981b3b2f-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADV8WSWK4212F47EGYC9ZC
content-length: 483
X-Firefox-Spdy: h2

valhalla-release.xyz/fonts/Discord_Icon.svg

34.159.168.235

200 OK

802 B

URL HTTP/2
valhalla-release.xyz/fonts/Discord_Icon.svg
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1647)
Size
802 B (802 bytes)
Hash
0a346f7c49524e253ae65a1a2c000b0a
62f8d74678349d7d0a1af7c235cc627438090438
38ca0abf42c4c665102c11346dbdbe088f05d0cb768f1de5f5f4e371d252b2af

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/Discord_Icon.svg HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: image/svg+xml
date: Mon, 09 Jan 2023 04:50:31 GMT
etag: "9df7c1d67687bc6832325e0dc8e9dee2-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADV8WTVK02DC4JV7R8WN63
content-length: 802
X-Firefox-Spdy: h2

valhalla-release.xyz/ethers.umd.min.js.download

34.159.168.235

200 OK

159 kB

URL HTTP/2
valhalla-release.xyz/ethers.umd.min.js.download
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (65536), with no line terminators
Size
159 kB (159199 bytes)
Hash
bfeb80d419c1a94e179d3c3fd9e754de
05811f6e0d4e4220054b03ef3963eed419b2c5a4
10171914005ffc419fe3491ec5c7d4dc32d6dc637536ed93219fa29f182f27f4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ethers.umd.min.js.download HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 17918
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/octet-stream
date: Sun, 08 Jan 2023 23:51:53 GMT
etag: "bee3daf4ebf270dcffc734e8520e806f-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADV8XKX0168YTNNQE8X1PQ
content-length: 159199
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.161.148.163

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.148.163:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: drlt0cDmIhOX45G9PomWmg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VexEpQrL51HCMFtkTkJmp8pyZkA=

valhalla-release.xyz/images/gifs.gif

34.159.168.235

200 OK

2.3 MB

URL HTTP/2
valhalla-release.xyz/images/gifs.gif
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
GIF image data, version 89a, 500 x 500\012- data
Size
2.3 MB (2288033 bytes)
Hash
0ef1755d8db3b1d6f62d95a6dd424294
e6a4787ea30ada9ee56794c93251d2be6c784a5c
0da0bac3407d40736f22b549573bd19ad1ae298fdbef0c47e4961105c740927c

HTTP Headers

GET /images/gifs.gif HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: image/gif
date: Mon, 09 Jan 2023 04:50:31 GMT
etag: "51f04be42d7e24cc5317e1893dffed8e-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GPADV8WVVG363JGMVTZ3XHYE
content-length: 2288033
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 04:50:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 04:50:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

valhalla-release.xyz/js/loader.js

34.159.168.235

404 Not Found

1.2 kB

URL HTTP/2
valhalla-release.xyz/js/loader.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.2 kB (1245 bytes)
Hash
3530ab3fb068ffb26ab9b3e9184cfcbe
5abe9ee23f42cb727de0567589872f2f5aad57c7
18c9246dec79e05803b6c95c0247f989bf655c1e1809d591b2be37f8bf6f2e22

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/loader.js HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
age: 17921
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 08 Jan 2023 23:51:51 GMT
etag: 1669748684-ssl-df
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADVA29XNNEV8XJCF0GKYSR
content-length: 1245
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 04:50:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 04:50:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lexenddeca/v17/K2F1fZFYk-dHSE0UPPuwQ5qnJy8.woff2

216.58.207.227

200 OK

36 kB

URL HTTP/2
fonts.gstatic.com/s/lexenddeca/v17/K2F1fZFYk-dHSE0UPPuwQ5qnJy8.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 36200, version 1.0\012- data
Size
36 kB (36200 bytes)
Hash
513e591f9bba848df98eae4a3263dd91
89bf5fd0eb2f5dd57f099e6af5f19babc60ca853
2aa9b929e6ed9e06d10610f05ea3b4bb9b202dfc90a6833a50a1c04329b18a1c

HTTP Headers

GET /s/lexenddeca/v17/K2F1fZFYk-dHSE0UPPuwQ5qnJy8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://valhalla-release.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 36200
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 16:44:19 GMT
expires: Fri, 05 Jan 2024 16:44:19 GMT
cache-control: public, max-age=31536000
age: 302773
last-modified: Mon, 11 Jul 2022 20:29:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 04:50:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

valhalla-release.xyz/js/axios.min.js

34.159.168.235

404 Not Found

1.2 kB

URL HTTP/2
valhalla-release.xyz/js/axios.min.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.2 kB (1245 bytes)
Hash
3530ab3fb068ffb26ab9b3e9184cfcbe
5abe9ee23f42cb727de0567589872f2f5aad57c7
18c9246dec79e05803b6c95c0247f989bf655c1e1809d591b2be37f8bf6f2e22

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/axios.min.js HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
age: 207688
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Jan 2023 19:09:04 GMT
etag: 1669748684-ssl-df
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADVA74DC5JH08CKKQK7X3W
content-length: 1245
X-Firefox-Spdy: h2

valhalla-release.xyz/jquery-3.6.0.js%281%29.Download

34.159.168.235

200 OK

554 kB

URL HTTP/2
valhalla-release.xyz/jquery-3.6.0.js%281%29.Download
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
data
Size
554 kB (553523 bytes)
Hash
2fae487d05bb5de8abcc79f79780de42
3fb84aa3947bf2680eb2b880a1ce641ef5fa0ff8
b9b8f34e471a8493c9a96067a27e3e22e92d61c4c1add218f98f03be9656d665

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /jquery-3.6.0.js%281%29.Download HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 207687
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/octet-stream
date: Fri, 06 Jan 2023 19:09:04 GMT
etag: "0808ff125c8e98eba41cee905c00b228-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADV8Y1RW4TFMDM4XDAJPKD
content-length: 1963
X-Firefox-Spdy: h2

valhalla-release.xyz/js/moralis.js

34.159.168.235

404 Not Found

1.2 kB

URL HTTP/2
valhalla-release.xyz/js/moralis.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.2 kB (1245 bytes)
Hash
3530ab3fb068ffb26ab9b3e9184cfcbe
5abe9ee23f42cb727de0567589872f2f5aad57c7
18c9246dec79e05803b6c95c0247f989bf655c1e1809d591b2be37f8bf6f2e22

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/moralis.js HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
age: 207688
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Jan 2023 19:09:04 GMT
etag: 1669748684-ssl-df
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADVA9VS8MBXQF5C3KN3KS8
content-length: 1245
X-Firefox-Spdy: h2

valhalla-release.xyz/js/index.min.js

34.159.168.235

404 Not Found

1.2 kB

URL HTTP/2
valhalla-release.xyz/js/index.min.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.2 kB (1245 bytes)
Hash
3530ab3fb068ffb26ab9b3e9184cfcbe
5abe9ee23f42cb727de0567589872f2f5aad57c7
18c9246dec79e05803b6c95c0247f989bf655c1e1809d591b2be37f8bf6f2e22

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/index.min.js HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
age: 207688
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Jan 2023 19:09:04 GMT
etag: 1669748684-ssl-df
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADVAB2BJ3MQF0A10XJTK6A
content-length: 1245
X-Firefox-Spdy: h2

valhalla-release.xyz/js/ethereumjs-tx-1.3.3.min.js

34.159.168.235

404 Not Found

1.2 kB

URL HTTP/2
valhalla-release.xyz/js/ethereumjs-tx-1.3.3.min.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.2 kB (1245 bytes)
Hash
3530ab3fb068ffb26ab9b3e9184cfcbe
5abe9ee23f42cb727de0567589872f2f5aad57c7
18c9246dec79e05803b6c95c0247f989bf655c1e1809d591b2be37f8bf6f2e22

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/ethereumjs-tx-1.3.3.min.js HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
age: 207688
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Jan 2023 19:09:04 GMT
etag: 1669748684-ssl-df
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADVAC9F6EWTZ1QFWRYP5QY
content-length: 1245
X-Firefox-Spdy: h2

valhalla-release.xyz/js/utils.js

34.159.168.235

304 Not Modified

0 B

URL HTTP/2
valhalla-release.xyz/js/utils.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/utils.js HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-None-Match: "ca26d2c7d4e5cf075b2e35ded79ca589-ssl-df"
TE: trailers

HTTP/2 304 Not Modified
cache-control: public, max-age=0, must-revalidate
date: Mon, 09 Jan 2023 04:50:33 GMT
etag: "ca26d2c7d4e5cf075b2e35ded79ca589-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADVADP1AAMS2CMKR5P8NH3
X-Firefox-Spdy: h2

valhalla-release.xyz/js/showMess.js

34.159.168.235

304 Not Modified

0 B

URL HTTP/2
valhalla-release.xyz/js/showMess.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/showMess.js HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-None-Match: "13a1c03af2e2c5c95ce250a8ca1b32aa-ssl"
TE: trailers

HTTP/2 304 Not Modified
cache-control: public, max-age=0, must-revalidate
date: Mon, 09 Jan 2023 04:50:33 GMT
etag: "13a1c03af2e2c5c95ce250a8ca1b32aa-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GPADVAF2QJ871CEHF0YFN5D1
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13279
Expires: Mon, 09 Jan 2023 08:31:52 GMT
Date: Mon, 09 Jan 2023 04:50:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13279
Expires: Mon, 09 Jan 2023 08:31:52 GMT
Date: Mon, 09 Jan 2023 04:50:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13279
Expires: Mon, 09 Jan 2023 08:31:52 GMT
Date: Mon, 09 Jan 2023 04:50:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13279
Expires: Mon, 09 Jan 2023 08:31:52 GMT
Date: Mon, 09 Jan 2023 04:50:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13279
Expires: Mon, 09 Jan 2023 08:31:52 GMT
Date: Mon, 09 Jan 2023 04:50:33 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9539 bytes)
Hash
a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 9f388939-cfb7-432e-a921-e9188736bb45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTw5QGZ6oAMFxQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c83b-4f9d5bfc30e5ee126333d54e;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:05:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b85TTh5GZmQqmHRmmdz9bAw6COe0CeTyHotfElj0qpL9H051dywT3Q==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 09:29:35 GMT
age: 69658
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a2529-b52c-4956-93ad-e18515541dfa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7226 bytes)
Hash
a287e312b7ea41cf63badb369b85158b
65763688f4b00b498d0e70151a09d4ebb14e2b33
a9dc69148414c0794cfb5b576b5cf74221c465e8dccbe9da71b40521e8cff129

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a2529-b52c-4956-93ad-e18515541dfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7226
x-amzn-requestid: 5b7b8eb4-7a80-4a00-b693-d624ed174108
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZ0WsHvZIAMF34Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba342a-19e87b9b175b436e72df3fd9;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 03:10:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hdc491ffyGWQBonhGSYOi9j3z2KpdmhJiDPWgPVhDQUO-PS5mecUuQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:33:46 GMT
age: 4607
etag: "65763688f4b00b498d0e70151a09d4ebb14e2b33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda43bc0d-0825-4748-8f7d-b54ad2bca423.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9717 bytes)
Hash
a3984d65cb560a59f1de5cf9262a72e6
13b0d566380fcd714eb763b8ab1684ccfde427ad
196e4971eb72d9927bc079c21096753ed389b1b3716fb928f6d05edbaea567ba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda43bc0d-0825-4748-8f7d-b54ad2bca423.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9717
x-amzn-requestid: 7b3644e9-418f-47be-bb44-0b5ac8bbf05a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eQd9MG5zoAMFS2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b676ba-79ea0f641de7664042c65402;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 07:05:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ds_k2AOGKcMMNWiYhBthXE5d37CmD3edyKuPfeKxtOoWfNsRHhN-mA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 07:35:55 GMT
age: 76478
etag: "13b0d566380fcd714eb763b8ab1684ccfde427ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a0aac24-0b28-48c6-89a3-cf4a373ab0fa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6078 bytes)
Hash
4938f6e4d145d1bb761e7908e97d5424
712c532e08559853db273decf0f3195587b17d11
d80291d9e2471e57181f76a764761f49e643e9b7e8bda3a4e30a87128bb48831

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a0aac24-0b28-48c6-89a3-cf4a373ab0fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: 1c7e11a3-9639-43d0-b177-ae5eab1f2d2c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJ3_2EPaIAMFxxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b3d398-34f3d8f31c9d79e22eaa6c50;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 07:04:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TDA117TU9CyZ9gtHTqMZm9__3RXc-4LgBh9bT_EmZPhxQLA8dI7fyg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 15:23:57 GMT
age: 48396
etag: "712c532e08559853db273decf0f3195587b17d11"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab696bdd-92ae-4c01-855b-6bbe0e8165ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8866 bytes)
Hash
e0189748e9478c37ab22a71c0826ca99
08186f7c9717eb7165ee8b9b803760da967b82e7
40a9b3a38f6799c2005bc7cc2716104b175a2178efc8029188b9aff19e598483

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab696bdd-92ae-4c01-855b-6bbe0e8165ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8866
x-amzn-requestid: b4a6c607-98b7-4689-96c3-646756db23df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZblsHkmIAMFzKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba0c8a-02beb65706f8d3d44a812788;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 00:21:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MzzI0YmTAJhriuvne16lq57vyPB1DKLu_KhfpDQ3cUmmtRwO_AQsJQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 09:02:38 GMT
age: 71275
etag: "08186f7c9717eb7165ee8b9b803760da967b82e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aedb000-bce4-4515-80dc-28bbfbf2801b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4842 bytes)
Hash
ee0100ded5c40b35292c57e0cde4d423
eafacf389372d4cc059d0fb7fb3e1fccf506d69b
7a2dab5cd0a5a6e96f22771ac84b86df910036186ddb7521dcc41dc82125b272

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aedb000-bce4-4515-80dc-28bbfbf2801b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4842
x-amzn-requestid: ff29171f-d040-479e-a4c7-d19b8bee76fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ8EexoAMFdHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-04e89f5b50e2dfba7c13b3b6;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VrcHN8FYhIPxGifDE34G4Q2kj6dx5dZBap4lkVHDcogkKVF85bsv3Q==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:18:27 GMT
age: 5526
etag: "eafacf389372d4cc059d0fb7fb3e1fccf506d69b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22463526227927bd01d0f6a6bfd584e0
8a7223689e252f2fcc3539ba891f003012923d0e
bb5cbcebb2693d32b3baa41cd1e61fb482ec8c4abd69792af80a9c45a61236c9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB5CBCEBB2693D32B3BAA41CD1E61FB482EC8C4ABD69792AF80A9C45A61236C9"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3026
Expires: Mon, 09 Jan 2023 05:40:59 GMT
Date: Mon, 09 Jan 2023 04:50:33 GMT
Connection: keep-alive

bridge.walletconnect.org/

3.120.133.209

200 OK

0 B

URL HTTP/2
bridge.walletconnect.org/
IP
3.120.133.209:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: bridge.walletconnect.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://valhalla-release.xyz
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: d1wMoBae72O6M5NkusLzlw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/2 200 OK
sec-websocket-accept: exWx8moIQQTclySq5ALy2p2sBQQ=
date: Mon, 09 Jan 2023 04:50:32 GMT
X-Firefox-Spdy: h2

valhalla-release.xyz/index.min.js.download

34.159.168.235

200 OK

0 B

URL HTTP/2
valhalla-release.xyz/index.min.js.download
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index.min.js.download HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 207687
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/octet-stream
date: Fri, 06 Jan 2023 19:09:04 GMT
etag: "92e6762672a3876bc3a17b5cd5644d91-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADV8XMAQPWWSPXKBH4W1G3
content-length: 366410
X-Firefox-Spdy: h2

valhalla-release.xyz/css/main.css

34.159.168.235

200 OK

0 B

URL HTTP/2
valhalla-release.xyz/css/main.css
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/main.css HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/css; charset=UTF-8
date: Mon, 09 Jan 2023 04:50:31 GMT
etag: "bda05b81b1b952efb8f536a1a7839ce1-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADV8WTCC98HRT6P56CW6F0
X-Firefox-Spdy: h2

valhalla-release.xyz/index.js.download

34.159.168.235

200 OK

0 B

URL HTTP/2
valhalla-release.xyz/index.js.download
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index.js.download HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 207687
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/octet-stream
date: Fri, 06 Jan 2023 19:09:04 GMT
etag: "e37de204358752dd826cac4ad44fc965-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADV8XME9VBTDFG3EKTYHNE
content-length: 191035
X-Firefox-Spdy: h2

valhalla-release.xyz/css/fonts.css

34.159.168.235

200 OK

0 B

URL HTTP/2
valhalla-release.xyz/css/fonts.css
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/fonts.css HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/css; charset=UTF-8
date: Mon, 09 Jan 2023 04:50:31 GMT
etag: "8767422d51e53ba788398cb33b848d55-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADV8WSBAF1A3XN8MXREF4G
X-Firefox-Spdy: h2

valhalla-release.xyz/fonts/Twitter_Icon.svg

34.159.168.235

200 OK

0 B

URL HTTP/2
valhalla-release.xyz/fonts/Twitter_Icon.svg
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/Twitter_Icon.svg HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: image/svg+xml
date: Mon, 09 Jan 2023 04:50:31 GMT
etag: "e8c4d4c95886d68d46cb9014d2755e13-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADV8WVG4YWZAJNRD1J7W0P
X-Firefox-Spdy: h2

unpkg.com/moralis-v1/dist/moralis.js

104.16.125.175

302 Found

0 B

URL HTTP/2
unpkg.com/moralis-v1/dist/moralis.js
IP
104.16.125.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /moralis-v1/dist/moralis.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Mon, 09 Jan 2023 04:50:32 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /moralis-v1@1.12.0/dist/moralis.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GPADV8ZZKVMP8XP24KTBJ4J1-ams
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 786a8d7318d91bfa-OSL
X-Firefox-Spdy: h2

valhalla-release.xyz/media/bg.mp4

34.159.168.235

206 Partial Content

0 B

URL HTTP/2
valhalla-release.xyz/media/bg.mp4
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/bg.mp4 HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 206 Partial Content
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-range: bytes 0-23428390/23428391
content-type: video/mp4
date: Mon, 09 Jan 2023 04:50:32 GMT
etag: "cea169798e5a0b569fb5bb596673cbe8-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GPADVA3ASKJ2Q6H1H74EGPNG
content-length: 23428391
X-Firefox-Spdy: h2

valhalla-release.xyz/favicon.ico

34.159.168.235

404 Not Found

0 B

URL HTTP/2
valhalla-release.xyz/favicon.ico
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: valhalla-release.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 09 Jan 2023 04:50:33 GMT
etag: 1669748684-ssl-df
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GPADVAGDRVM1K8QME4P61HAR
X-Firefox-Spdy: h2

unpkg.com/axios@1.0.0/dist/axios.min.js

104.16.125.175

200 OK

0 B

URL HTTP/2
unpkg.com/axios@1.0.0/dist/axios.min.js
IP
104.16.125.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /axios@1.0.0/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://valhalla-release.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 09 Jan 2023 04:50:31 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"6782-JQVT7jCbI3675SZspcJS1CVqzh4"
via: 1.1 fly.io
fly-request-id: 01GEJ7Q0BKYB33RR9JDFHRCKH9-fra
cf-cache-status: HIT
age: 8327930
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 786a8d7318db1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP