Report - bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw

Report Overview

Visited public
2023-09-12 06:50:07
Tags
phishing
URL
bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw
Finishing URL
bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw
IP / ASN
209.94.90.1
#40680 PROTOCOL
Title
FAMETECH
Phishing - Generic / Unknown
Phishing - Generic phishing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-09-11 19:24:03	1.0 kB	55 kB	69.16.175.42
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-09-11 19:36:26	996 B	62 kB	216.58.207.234
stackpath.bootstrapcdn.com	2467	unknown	2018-06-15 22:36:43	2023-09-11 18:23:53	497 B	16 kB	104.18.10.207
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-09-11 18:14:31	510 B	1.9 kB	142.250.74.106
bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link	unknown	unknown	No data	No data	2.6 kB	187 kB	209.94.90.1
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-09-11 18:35:01	589 B	7.2 kB	104.17.24.14
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-11 18:12:04	666 B	1.4 kB	142.250.74.131
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2023-09-11 18:50:33	583 B	15 kB	104.18.11.207
ka-f.fontawesome.com	3598	unknown	2019-12-17 07:36:13	2023-09-11 18:21:18	1.8 kB	231 kB	172.64.130.9
logo.clearbit.com	27344	unknown	2015-06-30 18:39:45	2023-09-11 19:42:05	491 B	7.4 kB	143.204.55.28
kit.fontawesome.com	1868	unknown	2019-12-16 20:51:31	2023-09-11 18:19:13	559 B	12 kB	104.18.22.52

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-12 06:49:49	low	Client IP	Internal IP	ET HUNTING IPFS Gateway Domain in DNS Lookup (ipfs .dweb .link)
2023-09-12 06:49:49	low	Client IP	Internal IP	ET HUNTING IPFS Gateway Domain in DNS Lookup (ipfs .dweb .link)
2023-09-12 06:49:49	low	Client IP	209.94.90.1	ET HUNTING Observed IPFS Gateway Domain (ipfs .dweb .link) in TLS SNI
2023-09-12 06:49:50	low	Client IP	Internal IP	ET INFO Clearbit Logo Query in DNS Lookup
2023-09-12 06:49:50	low	Client IP	Internal IP	ET INFO Clearbit Logo Query in DNS Lookup

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-12	medium	bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link	Sinkholed
2023-09-12	medium	bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link	Sinkholed
2023-09-12	medium	bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link	Sinkholed
2023-09-12	medium	bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	ScriptElement	51 kB	2023-03-07	2025-05-11
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:20 Times Seen98955 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw	ScriptElement	183 kB	2024-08-21	2024-08-21
Pretty URL bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 07:01 Last Seen2024-08-21 07:01 Times Seen1 Hash 468634bdd4aae5bba910d03a65a75222 a48fb8cea41544b3f4910a2f53776e531ebd2275 4eb0e04855e492251363d439eba1875ccdad9aac0bb6f5ea28c270b5b2a70f7c Loading...

	kit.fontawesome.com/585b051251.js	ScriptElement	12 kB	2023-05-30	2024-08-21
Pretty URL kit.fontawesome.com/585b051251.js IP 104.18.22.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-30 20:41 Last Seen2024-08-21 09:44 Times Seen2785 Hash 4ec685b1e2c1ca5fd6d56e2f4cb0569d a41e1f45db2fbc59562390ba8567ec3373d69510 cac5a0bd86eba50bf4a83d4dc43fe38b759ed39cc8397fdbbaa7ea68b9c63cfa Loading...

	code.jquery.com/jquery-3.2.1.slim.min.js	ScriptElement	70 kB	2023-03-07	2025-05-11
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:20 Times Seen57184 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	ScriptElement	19 kB	2023-03-07	2025-05-11
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:20 Times Seen72299 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	ScriptElement	49 kB	2023-03-07	2025-05-11
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:20 Times Seen74915 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	ScriptElement	86 kB	2023-03-07	2025-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:20 Times Seen174129 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	unknown	ScriptElement	3.7 kB	2024-08-21	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 07:01 Last Seen2024-08-21 07:01 Times Seen1 Hash fdc218c872e4c8c25e2a5f4e2bc869f5 9b1917f05d98b81b8a2813d5e575c5c68f026fc5 af2cb7e522face622cdb8b476bda0acff1b45de1476efbe72d234d794ed81d19 Loading...

	code.jquery.com/jquery-3.1.1.min.js	ScriptElement	87 kB	2023-03-07	2025-05-11
Pretty URL code.jquery.com/jquery-3.1.1.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:00 Times Seen112280 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

		Size	First Seen	Last Seen
	#1 Write - 52c709caa1d002e7bc753de25f6499ac	144 kB	2024-08-21 07:01	2024-08-21 07:01
Pretty Observations First Seen2024-08-21 07:01 Last Seen2024-08-21 07:01 Times Seen1 Hash 52c709caa1d002e7bc753de25f6499ac dcad75002458a46280abad849c726fd15a702390 aff8478ffd89470b931caae41da15ec8850906461d3aaf9d1d6b515551572028 Loading...

HTTP Transactions (19)

URL IP Response Size

bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/css/hover.css

209.94.90.1

404 Not Found

185 B

URL GET HTTP/2
bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/css/hover.css
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintDC:9D:6C:D8:0D:F2:9C:6C:A8:73:22:4E:0D:D5:B5:9B:81:78:F1:39
ValiditySat, 26 Aug 2023 17:15:50 GMT - Fri, 24 Nov 2023 17:15:49 GMT

File type
ASCII text
Size
185 B (185 bytes)
Hash
c35b97b8ed376aeca5b03c280fbfc53d
bae7f7f0579df18cb037ad8ab10e3b47f518f46f
38b77bc9c40a9cdb490d2f6c564a8c2237ccea08f80cb2c3917b681260a4c00a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/hover.css HTTP/1.1
Host: bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: openresty
date: Tue, 12 Sep 2023 06:49:49 GMT
content-type: text/plain; charset=utf-8
content-length: 185
access-control-allow-methods: GET, HEAD, OPTIONS, GET, POST, OPTIONS
x-content-type-options: nosniff
x-ipfs-gateway-host: ipfs-bank8-fr2
x-ipfs-path: /ipfs/bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju/css/hover.css
x-ipfs-pop: ipfs-bank8-fr2
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
x-ipfs-lb-pop: gateway-bank3-fr2
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

104.17.24.14

200 OK

6.2 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (19015)
Size
6.2 kB (6157 bytes)
Hash
70d3fda195602fe8b75e0097eed74dde
c3b977aa4b8dfb69d651e07015031d385ded964b
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

HTTP Headers

GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link
DNT: 1
Connection: keep-alive
Referer: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 12 Sep 2023 06:49:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64942d85-180d"
last-modified: Thu, 22 Jun 2023 11:16:21 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1013980
expires: Sun, 01 Sep 2024 06:49:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDfY8Ds9hlXXHGdRUCcTIDTB%2BtDwfw%2Fw9qZWYdq%2BqMqvFdD%2BHFIVO2DOfTRw4DcvYmRW183N2esImHHabkRd8cphHfrD0E%2BAH5LrGd%2BJVzbsOyrU7eDZfTsEwYO5GjP6Kd6HCjN8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 80563674de7ab50c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.2.1.slim.min.js

69.16.175.42

200 OK

24 kB

URL GET HTTP/2
code.jquery.com/jquery-3.2.1.slim.min.js
IP
69.16.175.42:443
ASN
#20446 STACKPATH-CDN

Requested by
https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32012)
Size
24 kB (23856 bytes)
Hash
5f48fc77cac90c4778fa24ec9c57f37d
9e89d1515bc4c371b86f4cb1002fd8e377c1829f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

HTTP Headers

GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link
DNT: 1
Connection: keep-alive
Referer: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 12 Sep 2023 06:49:49 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1694501389.dop021.sk1.t,1694501389.cds247.sk1.hn,1694501389.cds253.sk1.c
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.1.1.min.js

69.16.175.42

200 OK

30 kB

URL GET HTTP/2
code.jquery.com/jquery-3.1.1.min.js
IP
69.16.175.42:443
ASN
#20446 STACKPATH-CDN

Requested by
https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32030)
Size
30 kB (30070 bytes)
Hash
e071abda8fe61194711cfc2ab99fe104
f647a6d37dc4ca055ced3cf64bbc1f490070acba
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

HTTP Headers

GET /jquery-3.1.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 12 Sep 2023 06:49:49 GMT
content-encoding: gzip
content-length: 30070
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-152b5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1694501389.dop003.sk1.t,1694501389.cds017.sk1.hn,1694501389.cds010.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e0136a83019bb98507505e5a2ec28440
c9cdee97289cf0d3c1f0a77d49e45ce52ae1dee7
ff438dc0dcaeb1126024c08325ecfc53ec626c9e97d22e26e85ac702a99d3dde

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 12 Sep 2023 06:49:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e0136a83019bb98507505e5a2ec28440
c9cdee97289cf0d3c1f0a77d49e45ce52ae1dee7
ff438dc0dcaeb1126024c08325ecfc53ec626c9e97d22e26e85ac702a99d3dde

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 12 Sep 2023 06:49:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

216.58.207.234

200 OK

30 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT

File type
ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Sep 2023 21:21:03 GMT
expires: Wed, 04 Sep 2024 21:21:03 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 552526
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.10.207

200 OK

15 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (50758)
Size
15 kB (14935 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 12 Sep 2023 06:49:49 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 674, 718, 718
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 2021-06-08 05:11:08
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: d57b249fbc897a386cb949167a1340aa
cdn-cache: HIT
cf-cache-status: HIT
age: 1016640
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 805636750e94b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.11.207

200 OK

14 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (48664)
Size
14 kB (14000 bytes)
Hash
14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link
DNT: 1
Connection: keep-alive
Referer: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 12 Sep 2023 06:49:49 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/25/2022 23:23:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: af4fd08c8b4b3b09ef2bf101d7b4df66
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80563674fee10b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/css/hover.css

209.94.90.1

404 Not Found

185 B

URL GET HTTP/2
bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/css/hover.css
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintDC:9D:6C:D8:0D:F2:9C:6C:A8:73:22:4E:0D:D5:B5:9B:81:78:F1:39
ValiditySat, 26 Aug 2023 17:15:50 GMT - Fri, 24 Nov 2023 17:15:49 GMT

File type
ASCII text
Size
185 B (185 bytes)
Hash
c35b97b8ed376aeca5b03c280fbfc53d
bae7f7f0579df18cb037ad8ab10e3b47f518f46f
38b77bc9c40a9cdb490d2f6c564a8c2237ccea08f80cb2c3917b681260a4c00a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/hover.css HTTP/1.1
Host: bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: openresty
date: Tue, 12 Sep 2023 06:49:49 GMT
content-type: text/plain; charset=utf-8
content-length: 185
access-control-allow-methods: GET, HEAD, OPTIONS, GET, POST, OPTIONS
x-content-type-options: nosniff
x-ipfs-gateway-host: ipfs-bank8-fr2
x-ipfs-path: /ipfs/bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju/css/hover.css
x-ipfs-pop: ipfs-bank8-fr2
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
x-ipfs-lb-pop: gateway-bank3-fr2
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

216.58.207.234

200 OK

30 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT

File type
ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Sep 2023 21:21:03 GMT
expires: Wed, 04 Sep 2024 21:21:03 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 552527
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251

172.64.130.9

200 OK

89 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251
IP
172.64.130.9:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw
Certificate
IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
Fingerprint64:27:AB:CA:DB:24:8C:C9:87:09:13:04:21:49:9C:6A:4E:DD:97:93
ValiditySun, 10 Sep 2023 05:39:32 GMT - Sat, 09 Dec 2023 05:39:31 GMT

File type
ASCII text, with very long lines (26500)
Size
89 kB (89246 bytes)
Hash
76f34b71fc9fb641507ff6a822cc07f5
73ed2f8f21cd40fb496e61306acbb5849d4dbff4
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

HTTP Headers

GET /releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/
Origin: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 12 Sep 2023 06:49:50 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cdd8daeefcf66738f6e908663e79c33e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: ORsTUL5zZ2dDY4yjhoJmRLl03phTVZD1pZCY40jWI1teNOEL4UcYQg==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xg5mvOetsu98fxiID4SADfmY6%2FdhZRJKrIpI2NxqnNxdLwg3k3zLSyheoU4lFMIXSnWdQGjcjG9AXiVKfY1sQbhJ%2BPd827Pu5uZnl%2F6IBQTyXbGuScXfyXA6UdvT1T9vKLaFtZ4D6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 805636779d4a48b8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/favicon.ico

209.94.90.1

404 Not Found

191 B

URL GET HTTP/2
bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/favicon.ico
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintDC:9D:6C:D8:0D:F2:9C:6C:A8:73:22:4E:0D:D5:B5:9B:81:78:F1:39
ValiditySat, 26 Aug 2023 17:15:50 GMT - Fri, 24 Nov 2023 17:15:49 GMT

File type
ASCII text
Size
191 B (191 bytes)
Hash
07cecc5fa2aab49fc9a18b69a926c1ce
b5789787db95f3bc3f3ec6b7eb8b65ad7576a9c5
65ebe55e77fb9d75817c6f378f6d598403b0ee2924cf6d3ae1b88d5bbbc78065

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: openresty
date: Tue, 12 Sep 2023 06:49:50 GMT
content-type: text/plain; charset=utf-8
content-length: 191
access-control-allow-methods: GET, HEAD, OPTIONS, GET, POST, OPTIONS
x-content-type-options: nosniff
x-ipfs-gateway-host: ipfs-bank16-fr2
x-ipfs-path: /ipfs/bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju/favicon.ico
x-ipfs-pop: ipfs-bank16-fr2
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
x-ipfs-lb-pop: gateway-bank3-fr2
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

logo.clearbit.com/fametech.com.tw

143.204.55.28

200 OK

6.9 kB

URL GET HTTP/2
logo.clearbit.com/fametech.com.tw
IP
143.204.55.28:443
ASN
#16509 AMAZON-02

Requested by
https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw
Certificate
IssuerAmazon
Subjectclearbit.com
Fingerprint31:EB:6C:93:D2:64:5D:C7:18:D5:50:63:59:4E:0E:0D:87:08:36:3D
ValidityTue, 21 Feb 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced\012- data
Size
6.9 kB (6898 bytes)
Hash
1e2a27cedd9ee4a5c426bf6e537de9f5
fa2579eeac9523b06b4829bd167c7edb1efe2602
574b0fa528be3c02c3ddc8164ba5fc913cba612576852c4276607efbf7e7244b

HTTP Headers

GET /fametech.com.tw HTTP/1.1
Host: logo.clearbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Mon, 11 Sep 2023 01:30:45 GMT
x-envoy-response-flags: -
server: envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1XCr87xV8CDDliKAXdP-fmeLGTJUCDYmTvDkjs2diLhOl6TUVYIzfw==
age: 105545
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Archivo+Narrow&display=swap

142.250.74.106

200 OK

1.3 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Archivo+Narrow&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT

File type
ASCII text, with very long lines (1320), with no line terminators
Size
1.3 kB (1293 bytes)
Hash
1438d721a96f081ae0cbca8b142cfed0
54d195d18a5691d999d88592aaf84b865030dd69
e7578d54c23bf5f7069220f26cf655caa20935e42a873299e28f3d51d08f8d9b

HTTP Headers

GET /css?family=Archivo+Narrow&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 12 Sep 2023 06:49:49 GMT
date: Tue, 12 Sep 2023 06:49:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

kit.fontawesome.com/585b051251.js

104.18.22.52

200 OK

12 kB

URL GET HTTP/2
kit.fontawesome.com/585b051251.js
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (11213)
Size
12 kB (11645 bytes)
Hash
4ec685b1e2c1ca5fd6d56e2f4cb0569d
a41e1f45db2fbc59562390ba8567ec3373d69510
cac5a0bd86eba50bf4a83d4dc43fe38b759ed39cc8397fdbbaa7ea68b9c63cfa

HTTP Headers

GET /585b051251.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link
DNT: 1
Connection: keep-alive
Referer: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 12 Sep 2023 06:49:49 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F4Pkwrr4wsWtjdsW6Z6B
cf-cache-status: HIT
server: cloudflare
cf-ray: 805636750aad56cb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2

172.64.130.9

200 OK

78 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
IP
172.64.130.9:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw
Certificate
IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
Fingerprint64:27:AB:CA:DB:24:8C:C9:87:09:13:04:21:49:9C:6A:4E:DD:97:93
ValiditySun, 10 Sep 2023 05:39:32 GMT - Sat, 09 Dec 2023 05:39:31 GMT

File type
Web Open Font Format (Version 2), TrueType, length 78168, version 331.-31196\012- data
Size
78 kB (78168 bytes)
Hash
a9fd1225fb2cd32320e2b931dca01089
44ec5c6a868b4ce62350d9f040ed8e18f7a1d128
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

HTTP Headers

GET /releases/v5.15.4/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link
DNT: 1
Connection: keep-alive
Referer: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 12 Sep 2023 06:49:50 GMT
content-type: font/woff2
content-length: 78168
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
etag: "a9fd1225fb2cd32320e2b931dca01089"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 c58391b07051938ceda6615614fbabb0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: kuLL9roCPsvQ_3ugXqFapRLLxL787T8xExrHs_5s6FlXLn-OccJ-sw==
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJYeZN9cseK%2Flz8fCruJ5%2FdQF4HYLDyfh412am%2FlGjlDzoTyDY0gq68h9znr8ZDW3FTrWENAQyfs0s4YXUTNiEy3xu0aw%2FY8A%2Fdbn%2Fqg%2BsZ3ejG0LVdGJOY65X4RFcKc%2FkigjNsA6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80563678be4648b8-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251

172.64.130.9

200 OK

60 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251
IP
172.64.130.9:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/#info@fametech.com.tw
Certificate
IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
Fingerprint64:27:AB:CA:DB:24:8C:C9:87:09:13:04:21:49:9C:6A:4E:DD:97:93
ValiditySun, 10 Sep 2023 05:39:32 GMT - Sat, 09 Dec 2023 05:39:31 GMT

File type
ASCII text, with very long lines (60130)
Size
60 kB (60312 bytes)
Hash
a12ec7ebe75a4d59a5dd6b79e2ba2e16
28f5dcc595ee6d4163481ef64170180502c8629b
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

HTTP Headers

GET /releases/v5.15.4/css/free.min.css?token=585b051251 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/
Origin: https://bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 12 Sep 2023 06:49:50 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7fcc9354bd594831abf31608fb6cde60.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: gHY1W_hPi1p1prrlEjo626t8s4pGnjFw0PsVj93SLn2omWHAqq7SXw==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jb%2BL6I1pLV8FytAfG2JvLqBSmeBhmPmXaa3xPtblnkQSXuV8IOp%2Fqbcqx8kAL77dMINDZPf4jBbUq3dN9YMdNXmgginCiO09NZLiCV6i1g2V19%2Fc8Rr8UZfftEZ6xj8mQJe%2B0%2BqtgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 805636778d4548b8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/

209.94.90.1

200 OK

183 kB

URL User Request GET HTTP/2
bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link/?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintDC:9D:6C:D8:0D:F2:9C:6C:A8:73:22:4E:0D:D5:B5:9B:81:78:F1:39
ValiditySat, 26 Aug 2023 17:15:50 GMT - Fri, 24 Nov 2023 17:15:49 GMT

File type
HTML document, ASCII text, with very long lines (65526), with CRLF line terminators
Size
183 kB (183064 bytes)
Hash
d6d16799c8751ea3e6e44dbad6af7fec
e25143cb45520677f4545a898030ce69b4f9afba
532eb23a463b7b83d3945e1c9644dd7d90da19ef796528a750c6d92b9ffc2efa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?openboxmailer/auto/eMail.web/987FTmail.authenticate/checking_auth0/authenticate-userid/84778949884903948993839/ HTTP/1.1
Host: bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Tue, 12 Sep 2023 06:49:49 GMT
content-type: text/html
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS, GET, POST, OPTIONS
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju"
x-ipfs-gateway-host: ipfs-bank12-fr2
x-ipfs-path: /ipfs/bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju/
x-ipfs-roots: bafybeib3bcyqd4rhayhebbxusnetlstxu2vyyho5njqptbigfluj6svvju
x-ipfs-pop: ipfs-bank12-fr2
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
x-ipfs-lb-pop: gateway-bank3-fr2
x-proxy-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (19)

URL GET HTTP/2

IP

ASN

Requested by