Report - bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/

Report Overview

Visited public
2023-12-05 12:47:22
Tags
phishing suspicious
URL
bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Finishing URL
bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
IP / ASN
104.17.64.14
#13335 CLOUDFLARENET
Title
Track & Trace Express | DHL
Phishing - Generic phishing
Suspicious - Suspicious Javascript code

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
prod-cdn.wetransfer.net	25787	2009-02-02	2018-10-23 10:53:42	2023-12-05 00:12:19	2.3 kB	483 kB	54.230.111.99
bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com	unknown	2018-12-05	2023-07-11 02:36:44	2023-11-13 10:13:28	545 B	457 kB	104.17.96.13
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2023-12-05 05:18:59	1.7 kB	198 kB	104.18.11.207
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-12-05 05:09:58	527 B	12 kB	104.17.25.14
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-05 08:15:49	1.0 kB	67 kB	216.58.207.234
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-12-05 05:09:20	483 B	34 kB	151.101.2.137
www.dhl.com	40018	1989-05-25	2012-07-02 18:21:37	2023-12-04 16:20:26	1.7 kB	59 kB	96.6.17.154
api.ipregistry.co	207993	2019-02-16	2019-06-15 23:08:20	2023-12-05 08:33:59	576 B	570 B	104.18.26.170
firebasestorage.googleapis.com	9937	2005-01-25	2017-01-30 03:42:50	2023-12-05 09:39:14	712 B	605 B	216.58.207.234

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-05 12:47:09	low	Client IP	Internal IP	ET INFO Peer to Peer File Sharing Service in DNS Lookup (cf-ipfs .com)
2023-12-05 12:47:09	low	Client IP	Internal IP	ET INFO Peer to Peer File Sharing Service in DNS Lookup (cf-ipfs .com)
2023-12-05 12:47:09	low	Client IP	104.17.96.13	ET INFO Peer to Peer File Sharing Service Domain in TLS SNI (cf-ipfs .com)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-12-05	medium	bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/	DHL Airways, Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js	ScriptElement	37 kB	2023-03-07	2025-05-09
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 12:32 Times Seen27459 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	code.jquery.com/jquery-1.12.0.min.js	ScriptElement	97 kB	2023-03-07	2025-05-09
Pretty URL code.jquery.com/jquery-1.12.0.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-09 02:40 Times Seen2535 Hash cbb11b58473b2d672f4ed53abbb67336 66f47b885d587aa9a6c453ae3f2c9a382e5c7ec7 5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-05-09
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 12:37 Times Seen108614 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/	ScriptElement	448 kB	2023-07-13	2024-08-21
Pretty URL bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/ IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-13 02:21 Last Seen2024-08-21 09:15 Times Seen20 Hash e84ab8c7cb37f309de617ed79ffb9d0a 18c5325c890e5d15b9134a36b20a1298615755a0 1b2adc12599ba67da9317745df217ade823ee2fc75e557f30f86f609660014e4 Loading...

	bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/	ScriptElement	7.6 kB	2023-07-13	2024-08-21
Pretty URL bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/ IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-13 02:21 Last Seen2024-08-21 09:15 Times Seen37 Hash fd68c5c6a51ed6b6d19658d275ab5f57 71e476272d98a7e2412d60afea80ce1508cf7474 dba1514c952cda455aafe801f33d029433fbd7c7396881632c9a8db948730b60 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js	ScriptElement	97 kB	2023-03-07	2025-05-09
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 12:44 Times Seen28963 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

		Size	First Seen	Last Seen
	#1 Write - feca229a667585da56fbe8af38366e08	150 kB	2023-07-13 02:21	2024-08-21 09:15
Pretty Observations First Seen2023-07-13 02:21 Last Seen2024-08-21 09:15 Times Seen31 Hash feca229a667585da56fbe8af38366e08 dd572e7d2b8aa23fcac9ecc3886d7f47ce320f6e 09e959a1ee4e1d04a13d2ff5d3894af418f05214255db38d531ae9429ac8a416 Loading...

HTTP Transactions (17)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

104.17.25.14

200 OK

10 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (59158)
Size
10 kB (10482 bytes)
Hash
74bab4578692993514e7f882cc15c218
b6293bcfd851f963edbe859498570c4c0c7eaae4
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

HTTP Headers

GET /ajax/libs/font-awesome/5.15.3/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 12:47:04 GMT
content-type: text/css; charset=utf-8
content-length: 10482
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64c93458-28f2"
last-modified: Tue, 01 Aug 2023 16:35:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 802395
expires: Sun, 24 Nov 2024 12:47:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekajJtT3ntajhIwFMN0thv5GxlcTFA6C0MvLP3%2BAAZln6t8uil5bLTUuDwsERGWxaVE%2Bhc1nzVIjmirR9%2F3z6bgVOXhyFQzgM38d7a0uMIFUkeAtWeu5RgDv2m%2BdhNGAEo%2FAVSUb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 830c6542de9656b5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

216.58.207.234

200 OK

34 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:14:46 GMT
expires: Fri, 29 Nov 2024 05:14:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 459138
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

216.58.207.234

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 10:15:01 GMT
expires: Wed, 04 Dec 2024 10:15:01 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 9123
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

code.jquery.com/jquery-1.12.0.min.js

151.101.2.137

200 OK

34 kB

URL GET HTTP/2
code.jquery.com/jquery-1.12.0.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32060)
Size
34 kB (33820 bytes)
Hash
cbb11b58473b2d672f4ed53abbb67336
66f47b885d587aa9a6c453ae3f2c9a382e5c7ec7
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

HTTP Headers

GET /jquery-1.12.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-17c52"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 05 Dec 2023 12:47:04 GMT
age: 2510534
x-served-by: cache-lga21956-LGA, cache-bma1621-BMA
x-cache: HIT, HIT
x-cache-hits: 23, 113
x-timer: S1701780424.185966,VS0,VE0
vary: Accept-Encoding
content-length: 33820
X-Firefox-Spdy: h2

www.dhl.com/content/dam/dhl/global/core/images/teaser-image-main/dhl-logo.jpg

96.6.17.154

200 OK

55 kB

URL GET HTTP/2
www.dhl.com/content/dam/dhl/global/core/images/teaser-image-main/dhl-logo.jpg
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop Elements 19.0 (Windows), datetime=2022:03:24 11:02:11], baseline, precision 8, 568x426, components 3\012- data
Size
55 kB (54809 bytes)
Hash
ee3f12c96f8722ea577e0cfd9269e0da
0587ed2a3850e0fc6e68332fc48e6fd9d381d8aa
d82ed9880a42fa5b0dbe8a6804f727f8a1a8598f52b7030b8d2c755bee11ffd6

HTTP Headers

GET /content/dam/dhl/global/core/images/teaser-image-main/dhl-logo.jpg HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 09 Nov 2023 16:55:43 GMT
etag: "d619-609bb130f3f3e"
accept-ranges: bytes
content-length: 54809
content-type: image/jpeg
expires: Tue, 12 Dec 2023 12:47:04 GMT
date: Tue, 05 Dec 2023 12:47:04 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff

54.230.111.99

200 OK

31 kB

URL GET HTTP/2
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff
IP
54.230.111.99:443
ASN
#16509 AMAZON-02

Requested by
https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Certificate
IssuerAmazon
Subjectwetransfer.net
Fingerprint0B:0D:65:82:74:97:1B:AD:60:D8:48:2B:7D:A7:00:EA:34:08:86:48
ValiditySun, 30 Jul 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 31120, version 1.6554\012- data
Size
31 kB (31120 bytes)
Hash
57cbbfdafc43e0deecc75a309dd042c6
b9cc2ff331b8520706de175f5b3fdba6731a9bfc
a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6

HTTP Headers

GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://prod-cdn.wetransfer.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/woff
content-length: 31120
date: Tue, 05 Dec 2023 09:50:32 GMT
last-modified: Tue, 05 Dec 2023 09:20:33 GMT
etag: "57cbbfdafc43e0deecc75a309dd042c6"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: I68jdNUsXAkj9yRrLwz2Z5nfIp6-bqZshPC8uEQhVlndnZUJj35RtQ==
age: 10593
X-Firefox-Spdy: h2

prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff

54.230.111.99

200 OK

32 kB

URL GET HTTP/2
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff
IP
54.230.111.99:443
ASN
#16509 AMAZON-02

Requested by
https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Certificate
IssuerAmazon
Subjectwetransfer.net
Fingerprint0B:0D:65:82:74:97:1B:AD:60:D8:48:2B:7D:A7:00:EA:34:08:86:48
ValiditySun, 30 Jul 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 32124, version 1.6554\012- data
Size
32 kB (32124 bytes)
Hash
868aedeefe7669e8a4f7196f7df5d058
45bd20ef2c6b717a2526efd98a01207979b2a623
d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555

HTTP Headers

GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://prod-cdn.wetransfer.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/woff
content-length: 32124
date: Tue, 05 Dec 2023 09:50:32 GMT
last-modified: Tue, 05 Dec 2023 09:20:33 GMT
etag: "868aedeefe7669e8a4f7196f7df5d058"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tzQaIpHroKEbunlJcO6-v-JkkAMdQhaw16n0VzYWTB27cPfBKt3xkQ==
age: 10593
X-Firefox-Spdy: h2

www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/appletouch/apple-touch-icon-180x180.png

96.6.17.154

200 OK

1.2 kB

URL GET HTTP/2
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/appletouch/apple-touch-icon-180x180.png
IP
96.6.17.154:443
ASN
#16625 AKAMAI-AS

Requested by
https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Size
1.2 kB (1173 bytes)
Hash
6e5f4e072a2793f9d9cd2a6974d5ccc9
df0d0b28ae71a37dd321d33435c3143a446e2741
148a09a41b13df86b44d2a1f70e2482e5d31fd91ce540a0dbe016011a5fd29b9

HTTP Headers

GET /etc/clientlibs/dhl/clientlib-all/assets/appletouch/apple-touch-icon-180x180.png HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 09 Nov 2023 16:12:33 GMT
etag: "495-609ba78a6a442"
accept-ranges: bytes
content-length: 1173
content-type: image/png
expires: Tue, 12 Dec 2023 12:47:04 GMT
date: Tue, 05 Dec 2023 12:47:04 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/favicon.ico

96.6.17.154

325 B

URL GET
www.dhl.com/etc/clientlibs/dhl/clientlib-all/assets/favicon.ico
IP
96.6.17.154:0
ASN
#16625 AKAMAI-AS

Requested by
https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Certificate
IssuerDeutsche Post AG
Subjectwww.dhl.com
Fingerprint74:54:3F:D6:C6:2A:C2:09:FA:00:BA:FE:F9:DF:A2:BA:32:43:7E:27
ValidityMon, 31 Jul 2023 14:59:53 GMT - Tue, 30 Jul 2024 14:58:53 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
325 B (325 bytes)
Hash
d8106bf3a1d00ab43b01e6e3c92500eb
202b5e8654ab1b28351378293bca3b9d844cc29b
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e

HTTP Headers

GET /etc/clientlibs/dhl/clientlib-all/assets/favicon.ico HTTP/1.1
Host: www.dhl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-frame-options: DENY
content-security-policy: frame-ancestors 'self' https://dhlinsights.dhlsupplychain.dhl.com https://dpdhlcsiace.my.site.com; default-src 'self' data: https: blob: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443 wss://streaming.mypurecloud.de wss://collection.decibelinsight.net; script-src 'unsafe-inline' 'unsafe-eval' 'self' https: blob:; style-src 'unsafe-inline' 'self' https: blob:; media-src 'unsafe-inline' 'self' https: blob:
referrer-policy: same-origin
permissions-policy: microphone=(),camera=()
last-modified: Thu, 09 Nov 2023 18:45:31 GMT
etag: "47e-609bc9bb4ef14-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 325
content-type: image/vnd.microsoft.icon
expires: Tue, 12 Dec 2023 12:47:04 GMT
date: Tue, 05 Dec 2023 12:47:04 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cache-control: public, max-age=604800, stale-while-revalidate=86400
x-akamai-cache: Hit from child
X-Firefox-Spdy: h2

api.ipregistry.co/?key=jevqkvx5uige6tmr

104.18.26.170

402 Payment Required

152 B

URL GET HTTP/2
api.ipregistry.co/?key=jevqkvx5uige6tmr
IP
104.18.26.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Certificate
IssuerCloudflare, Inc.
Subjectipregistry.co
FingerprintFF:E4:98:5E:8F:25:BD:47:D8:14:73:8D:3F:B3:98:3A:6B:01:10:75
ValidityTue, 03 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
152 B (152 bytes)
Hash
8df5e01d65de91b9b12f1f5fc1ff187d
38c18c7ff25d0c6b3b56383788dd0cbe60722b8f
7f336247b583c804f3dff2376da2089898cb34b4af745b528e24434e24115318

HTTP Headers

GET /?key=jevqkvx5uige6tmr HTTP/1.1
Host: api.ipregistry.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Origin: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 402 Payment Required
date: Tue, 05 Dec 2023 12:47:04 GMT
content-type: application/json
content-length: 152
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 830c6545ab5f56b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

firebasestorage.googleapis.com/v0/b/files-89657.appspot.com/o/qfiles%2Fcss%2Flhd.html?alt=media&token=1a550d36-c88b-4167-9286-c48709c4ec18

216.58.207.234

404 Not Found

65 B

URL GET HTTP/3
firebasestorage.googleapis.com/v0/b/files-89657.appspot.com/o/qfiles%2Fcss%2Flhd.html?alt=media&token=1a550d36-c88b-4167-9286-c48709c4ec18
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
c5548003929e990cbc2ee6a44635ab7f
f05f41780dac650ef90d34a2384f8fd899493c93
8cf2ba5dc3d96a461206a75b60620ab2d9d361d36c3c9e366e1beee98c517116

HTTP Headers

GET /v0/b/files-89657.appspot.com/o/qfiles%2Fcss%2Flhd.html?alt=media&token=1a550d36-c88b-4167-9286-c48709c4ec18 HTTP/1.1
Host: firebasestorage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
x-guploader-uploadid: ABPtcPqFt36ewmtDqV8V8IP17BGaJfMSDhmMmPMSsAmOCs29VIC6HgKUzRmwEQSrSrWAH6SCxmDHuIABci6MP2NC_1U-FcndoAdL
x-content-type-options: nosniff
content-type: application/json; charset=UTF-8
access-control-expose-headers: Content-Range, X-Firebase-Storage-XSRF
access-control-allow-origin: *
date: Tue, 05 Dec 2023 12:47:04 GMT
expires: Tue, 05 Dec 2023 12:47:04 GMT
cache-control: private, max-age=0
content-length: 65
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/

104.17.96.13

200 OK

456 kB

URL User Request GET HTTP/2
bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectcf-ipfs.com
Fingerprint7E:49:AE:B5:66:51:63:F4:42:B8:30:B0:7D:F1:03:F4:C9:C5:57:D2
ValidityFri, 17 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (65496), with CRLF line terminators
Size
456 kB (456036 bytes)
Hash
c353f2e8005f65b4543f7549bae9d3de
85361608bbca807c7c25bda0e2e9db6b565770ef
80f55b1758b62076fd45ee553aa98601e7bcfacd5d8821fb681c2c50f0135e19

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DHL Airways, Inc.

HTTP Headers

GET / HTTP/1.1
Host: bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 12:47:03 GMT
content-type: text/html
cf-ray: 830c653e282a569b-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 10593
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: hit
x-ipfs-path: /ipfs/bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy/
x-ipfs-roots: bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy
set-cookie: __cf_bm=VNab5HM1UIntIXZ52VwXblCTw_W..Ih9lEP2BRCrDt8-1701780423-0-AUddsKDL8OUMVv6FNE5SHyLEj4O3iyZtGFQBuiVuCdtUUJf2iBQOvMO3Zjjg54WrNVEGLD76zl9hjoatdIyzqJc=; path=/; expires=Tue, 05-Dec-23 13:17:03 GMT; domain=.bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

prod-cdn.wetransfer.net/packs/css/wallpaper-a71fc0d7.chunk.css

54.230.111.99

200 OK

2.3 kB

URL GET HTTP/2
prod-cdn.wetransfer.net/packs/css/wallpaper-a71fc0d7.chunk.css
IP
54.230.111.99:443
ASN
#16509 AMAZON-02

Requested by
https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Certificate
IssuerAmazon
Subjectwetransfer.net
Fingerprint0B:0D:65:82:74:97:1B:AD:60:D8:48:2B:7D:A7:00:EA:34:08:86:48
ValiditySun, 30 Jul 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2335), with no line terminators
Size
2.3 kB (2333 bytes)
Hash
2bb7a6a719b0972a892b3511a51b1286
e91c12d02daaf089e885dbe383f8661907e91d7b
ea77ed1d93e324ec1114304d8c76376efa284a74bfce6eb4d7789962c89a613f

HTTP Headers

GET /packs/css/wallpaper-a71fc0d7.chunk.css HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
date: Wed, 22 Nov 2023 01:15:36 GMT
last-modified: Tue, 18 Jan 2022 09:54:19 GMT
etag: W/"22c80ac282130cab50ecd48d6aff7799"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TQrtLzSV3wFEWVqdh0bVMSpXDcOFj9n0NOKxzABehd0IhqsjY92u1w==
age: 1164689
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

104.18.11.207

200 OK

121 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (65371)
Size
121 kB (121200 bytes)
Hash
ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

HTTP Headers

GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 12:47:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ec3bb52a00e176a7181d454dffaea219"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 10/31/2023 18:59:36
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: e424cb14d26ae2bd595ba60ddcb0e0c7
cdn-cache: HIT
cf-cache-status: HIT
age: 10594
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 830c6542ef975691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

prod-cdn.wetransfer.net/packs/css/application-25ff49de.chunk.css

54.230.111.99

200 OK

415 kB

URL GET HTTP/2
prod-cdn.wetransfer.net/packs/css/application-25ff49de.chunk.css
IP
54.230.111.99:443
ASN
#16509 AMAZON-02

Requested by
https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Certificate
IssuerAmazon
Subjectwetransfer.net
Fingerprint0B:0D:65:82:74:97:1B:AD:60:D8:48:2B:7D:A7:00:EA:34:08:86:48
ValiditySun, 30 Jul 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
415 kB (415266 bytes)
Hash
3cf8c718bf39ad6d732c9574769d8fa6
6a9dfe13406ac35eb909b411d0dd0c5b39efc4dd
307160c1a9ea716154e406cdf73ba99623840ae546006898023c6988f38da18f

HTTP Headers

GET /packs/css/application-25ff49de.chunk.css HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
date: Tue, 28 Nov 2023 17:25:48 GMT
last-modified: Wed, 12 Jan 2022 13:40:42 GMT
etag: W/"3cf8c718bf39ad6d732c9574769d8fa6"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3JplI8rzVxVRWzML07wPK3SvnE0QbyzhZrV-h4ry4tM7xdJD62Vr3A==
age: 588077
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

104.18.11.207

200 OK

37 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (32033)
Size
37 kB (37045 bytes)
Hash
5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

HTTP Headers

GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 12:47:04 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"5869c96cc8f19086aee625d670d741f9"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 10/31/2023 19:27:53
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1053
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 13c4c01f8112aa4e56468f0c15362ba0
cdn-cache: HIT
cf-cache-status: HIT
age: 10593
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 830c6544d9785691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

104.18.11.207

200 OK

37 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (32033)
Size
37 kB (37045 bytes)
Hash
5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

HTTP Headers

GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicvygyuizdiv3d3wkzzjyacezugjlqrxzoedo2yyq2iexpstgnizy.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 12:47:04 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 1143442
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 830c6542ce11b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (17)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by