Report - jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/index.html

Report Overview

Visited public
2025-03-28 03:01:00
Tags
URL
jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/index.html
Finishing URL
jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/index.html
IP / ASN
212.71.124.189
#24951 EveryWare AG
Title
ICP Wash Trading Bot

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io	unknown	2022-09-06	2025-03-28	2025-03-28	2.0 kB	296 kB	212.71.124.189
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-03-26	961 B	316 kB	104.18.186.31

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-03-28	medium	icp0.io	Sinkholed
2025-03-28	medium	icp0.io	Sinkholed
2025-03-28	medium	icp0.io	Sinkholed
2025-03-28	medium	icp0.io	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	From	Size	First Seen	Last Seen
	cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js	ScriptElement	80 kB	2023-06-08	2025-05-24
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js IP 104.18.186.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-08 14:47 Last Seen2025-05-24 16:41 Times Seen1531 Hash 849e6db145f2905ce210f628bddd9de5 d722fa9982da8aa48df88251bb1897f13c1db3b9 aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04 Loading...

	jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/assets/index-16ce9a91.js	ScriptElement	270 kB	2025-03-28	2025-03-28
Pretty URL jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/assets/index-16ce9a91.js IP 212.71.124.189 ASN #24951 EveryWare AG Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-28 03:01 Last Seen2025-03-28 03:01 Times Seen1 Hash 4c7c401cb3d56e19ed2ab8b25f2a95a9 017a46591d8b29c2282905115ff5e30b581b4975 16ed591e797a9da89984a00c3b74184547648608417dafe7d350a3c3f1168d91 Loading...

HTTP Transactions (6)

URL IP Response Size

jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/index.html

212.71.124.189

200 OK

5.4 kB

URL User Request GET
jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/index.html
IP
212.71.124.189:443
ASN
#24951 EveryWare AG

Certificate
IssuerLet's Encrypt
Subjectboundary.dfinity.network
Fingerprint52:2A:50:36:01:57:AE:4D:35:40:99:22:F2:FE:F8:E0:3F:6D:77:98
ValidityWed, 12 Mar 2025 14:12:57 GMT - Tue, 10 Jun 2025 14:12:56 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5690), with no line terminators
Size
5.4 kB (5389 bytes)
Hash
6f0dcaadbc4561bafcad886cdc72bd9a
cf5a5130c9d9c36f3155f2c63a949fe7fad292aa
20b5a96be10aa67d2235f5e9b3484042e87bd1de3f9dfc36c80ad24284d7f850

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index.html HTTP/1.1
Host: jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
ic-certificateexpression: default_certification(ValidationArgs{certification: Certification{no_request_certification: Empty{}, response_certification: ResponseCertification{certified_response_headers: ResponseHeaderList{headers: ["content-type"]}}}})
ic-certificate: version=2, certificate=:2dn3o2R0cmVlgwGDAYMBggRYIH95Xq8hH7PaMh0ikUKbrUOoaaHM/XYf9aNfGjYjIqH0gwJIY2FuaXN0ZXKDAYIEWCAUI0wmjF2L9B0M8tZv/0OtAmNO0kUx6wnoFBx2Uaf62YMBggRYIBjEkRGaZoFBVtBX/SMVE0nGEeGwFYirJeLN4kiOI+7QgwGCBFggiG9BnNsblAfNb8fXNPNOma/p/9A0EfJVLPkXobNWUZaDAYIEWCBegl8KnLivcn1aiCaPyRGydnUuh8/XKn6n2XlxGyx1G4MBgwGCBFggdcg8H3lAAlrFIcprTvHb1Zd9b7iDiq4TE5KPjtcGxeGDAYMBggRYIDSeyuU5UwHt5MDhoFDMD6xiL1tQ5NcPc8/PPRJoaCUSgwGCBFggJjemHTYL6tIPaJ1nWj9gyY/j28Kn6By/p2OCsib720+DAYIEWCDBsGwjohyYwtaZy4UH3tiXvz+De3D6SNvs/bbXEz5DNoMBgwGCBFggqfvwPOG6/dzRZkBizvTCnX5gXmD7RejQeKj35V3XYYCDAkoAAAAAAHA3cQEBgwGDAYMCTmNlcnRpZmllZF9kYXRhggNYIGuPfPQNfCnN0OS3k1g8rtSXBTRtTDMPfos1r3nJPY3iggRYIJYk6o/dZjEhXzzATLRJ/MORZTG9TlFmqx1ihfp6GhTCggRYIKqk3Vp1z/y+eYCnpWbehwuKz3GKOuJjgV5WGXh6LA8zggRYIHlGInCZmvHn9v/v8Ie6JkFl/BwbqPGwHS9y2L6jflC2ggRYIJKLPm0YCZ1EFJRmR2Ljf4+/wYbYoOqTaj7LwSO/DQ8iggRYIF8QP/z5gx0R4+5iCuJ5F6LrsLoloASA94o86NlZLTUXggRYIBsw37gKHZvqklfpL+RKSQZo0IhamwaXdprG/EzOL3vtgwGCBFgggmpo+tiuwzX20NqEWJcid2LQvZbW6lZbTzS7hQIraZWDAkR0aW1lggNJgMH/366ItpgYaXNpZ25hdHVyZVgwt7TqbMFSR4L7VbvF3pX7AUFJYcnCaUM7iUkX0zLOSWkWEB4Vw17TV4nWLszKNegbamRlbGVnYXRpb26iaXN1Ym5ldF9pZFgdRReLZqQHpNWcCk1nM72izj83wRG0JX7EGQj0+AJrY2VydGlmaWNhdGVZAn3Z2feiZHRyZWWDAYIEWCDGrcfQfELpo7HTpcKRvL7Yk1boWOy505gVcWEfqeBZO4MBgwGCBFggeXRxVJ3FQyntSuoQZET4cFpOeAex5LJVPzaaz2d8p+WDAkZzdWJuZXSDAYMBgwGCBFggCYUxW76QW3+TNtcGR5OQWwBWifPJwqIa2aMfvmzdVZmDAYIEWCBGanAobPms6YAcpT4ir27gWaCU/WBJhgbUhLaFQFgwfYMBggRYIDyixVSQnTn5u4MQYMI116Ov7U6HB4vY+cNioCzWW/R8gwGDAlgdRReLZqQHpNWcCk1nM72izj83wRG0JX7EGQj0+AKDAYMCT2NhbmlzdGVyX3Jhbmdlc4IDWBvZ2feBgkoAAAAAAHAAAAEBSgAAAAAAf///AQGDAkpwdWJsaWNfa2V5ggNYhTCBgjAdBg0rBgEEAYLcfAUDAQIBBgwrBgEEAYLcfAUDAgEDYQCVX1L3PC3sWaY3spTlC5NNtdbeKec7vPhOfYakrEG617U5+YF63okWlh2d1r+SVwENWFcVbo/mqvz2/QaHlecL0zmbNBEwDJzMjroNBowQ5M+29OJ9GVserXhdYY6zk7mCBFggTLlmfCAjkvHDQa1HY5CA4acGMqdh0rKVUbLEJk33q3GCBFggaWHvE3wq7gsEZwgu9tPBLAPpMBO2AqTLYhQnDkhIY/GCBFggNZSkEXjDWGcJwx8E5yRZyoeDWRTFScVsvYW+A0imYz2DAkR0aW1lggNJ7ubo/7/5kpgYaXNpZ25hdHVyZVgwg559Dz3rNimjSMFk2an2tvQcmqmeGgDm5mOcwLBNr3NVuNT7GfFo0TLVUcGUFVz4:, tree=:2dn3gwGCBFggOe1nlRFH1Vwdt7E6Vsmeiyt7M7+eVUqhqZmS6jE1kR2DAklodHRwX2V4cHKDAYIEWCD/lWnCz5fCcyRpC65l8tleKyyGxTRo/tqhOAtJ6D7DCIMBggRYIHsIIBUip73WC1L0Ard/cG+erJzwZpyTHbfKukeFTlMfgwGCBFgg1iP1iIRR0KEFhdnerGgImLmrXdxxF1jipVvZNVjqTICDAkppbmRleC5odG1sgwJDPCQ+gwJYIDztw+PbslOe7LyWxTzm3kwlh9nYMdtHh77t35Bqf0HOgwJAgwGDAlggElLyyQtZREy3nhRQ85f79/+sQOMec86D1qoKPYmmlleCA0CDAlggTxHpV9xXAT/EgjGUqXgG9jucOqQzZSMkqvucAxeSsbaCA0A=:, expr_path=:2dn3g2lodHRwX2V4cHJqaW5kZXguaHRtbGM8JD4=:
vary: origin, access-control-request-method, access-control-request-headers
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
content-length: 5389
x-ic-canister-id: jsfuw-eiaaa-aaaad-qg5yq-cai
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 0195dab1-c698-7cf1-91a1-0b77d33923e0
date: Fri, 28 Mar 2025 03:00:38 GMT
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css

104.18.186.31

200 OK

233 kB

URL GET
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css
IP
104.18.186.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/index.html
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type

Size
233 kB (232914 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npm/bootstrap@5.3.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 28 Mar 2025 03:00:39 GMT
content-type: text/css; charset=utf-8
content-length: 27424
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.3.0
x-jsd-version-type: version
etag: W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
content-encoding: br
x-served-by: cache-fra-eddf8230088-FRA, cache-lga21958-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 1284586
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GN%2FRZTYZFAzbhqo8Gnn1dDOx7lNUXkvzwtVleDUkbK73qddAzeencyzRsw5fnrG79I7IvDUWiIDsvBt01VbrhL6Sh8ohof%2BQpjJ7RwBrrJvKDhhBQnQPgZhJVWyHeFXFXMI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9273e0dfdd2856ba-OSL
X-Firefox-Spdy: h2

jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/assets/index-16ce9a91.js

212.71.124.189

200 OK

270 kB

URL GET
jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/assets/index-16ce9a91.js
IP
212.71.124.189:443
ASN
#24951 EveryWare AG

Requested by
https://jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/index.html
Certificate
IssuerLet's Encrypt
Subjectboundary.dfinity.network
Fingerprint52:2A:50:36:01:57:AE:4D:35:40:99:22:F2:FE:F8:E0:3F:6D:77:98
ValidityWed, 12 Mar 2025 14:12:57 GMT - Tue, 10 Jun 2025 14:12:56 GMT

File type

Size
270 kB (269913 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/index-16ce9a91.js HTTP/1.1
Host: jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
ic-certificateexpression: default_certification(ValidationArgs{certification: Certification{no_request_certification: Empty{}, response_certification: ResponseCertification{certified_response_headers: ResponseHeaderList{headers: ["content-type"]}}}})
ic-certificate: version=2, certificate=:2dn3o2R0cmVlgwGDAYMBggRYIH95Xq8hH7PaMh0ikUKbrUOoaaHM/XYf9aNfGjYjIqH0gwJIY2FuaXN0ZXKDAYIEWCAUI0wmjF2L9B0M8tZv/0OtAmNO0kUx6wnoFBx2Uaf62YMBggRYIBjEkRGaZoFBVtBX/SMVE0nGEeGwFYirJeLN4kiOI+7QgwGCBFggiG9BnNsblAfNb8fXNPNOma/p/9A0EfJVLPkXobNWUZaDAYIEWCBegl8KnLivcn1aiCaPyRGydnUuh8/XKn6n2XlxGyx1G4MBgwGCBFggdcg8H3lAAlrFIcprTvHb1Zd9b7iDiq4TE5KPjtcGxeGDAYMBggRYIDSeyuU5UwHt5MDhoFDMD6xiL1tQ5NcPc8/PPRJoaCUSgwGCBFggJjemHTYL6tIPaJ1nWj9gyY/j28Kn6By/p2OCsib720+DAYIEWCDBsGwjohyYwtaZy4UH3tiXvz+De3D6SNvs/bbXEz5DNoMBgwGCBFggqfvwPOG6/dzRZkBizvTCnX5gXmD7RejQeKj35V3XYYCDAkoAAAAAAHA3cQEBgwGDAYMCTmNlcnRpZmllZF9kYXRhggNYIGuPfPQNfCnN0OS3k1g8rtSXBTRtTDMPfos1r3nJPY3iggRYIJYk6o/dZjEhXzzATLRJ/MORZTG9TlFmqx1ihfp6GhTCggRYIKqk3Vp1z/y+eYCnpWbehwuKz3GKOuJjgV5WGXh6LA8zggRYIHlGInCZmvHn9v/v8Ie6JkFl/BwbqPGwHS9y2L6jflC2ggRYIJKLPm0YCZ1EFJRmR2Ljf4+/wYbYoOqTaj7LwSO/DQ8iggRYIF8QP/z5gx0R4+5iCuJ5F6LrsLoloASA94o86NlZLTUXggRYIKvNwl+EHoUdbJ+kCkBKB+oymfku3Nq5um8C/LtppRD2gwGCBFggWSPSmIrtjkCsAD4+WOGKbBeYpD1rUobAkIHWpm07fNSDAkR0aW1lggNJn66dp7CItpgYaXNpZ25hdHVyZVgwmZrEPklWCLMQBzpaopyMaO+r6FJzWRPdOEq7GS8y7RUyc5roefG2H8lwvimQfYjAamRlbGVnYXRpb26iaXN1Ym5ldF9pZFgdRReLZqQHpNWcCk1nM72izj83wRG0JX7EGQj0+AJrY2VydGlmaWNhdGVZAn3Z2feiZHRyZWWDAYIEWCBXCXswCQjYlNYhPVFDDM7pmmyUfTaUvIabqlWLLS8wxYMBgwGCBFggN1M/Xe33zeEquoZ8yyWPqvBbgn5hSysS6IhTE5sUfH+DAkZzdWJuZXSDAYMBgwGCBFggCYUxW76QW3+TNtcGR5OQWwBWifPJwqIa2aMfvmzdVZmDAYIEWCBGanAobPms6YAcpT4ir27gWaCU/WBJhgbUhLaFQFgwfYMBggRYIDyixVSQnTn5u4MQYMI116Ov7U6HB4vY+cNioCzWW/R8gwGDAlgdRReLZqQHpNWcCk1nM72izj83wRG0JX7EGQj0+AKDAYMCT2NhbmlzdGVyX3Jhbmdlc4IDWBvZ2feBgkoAAAAAAHAAAAEBSgAAAAAAf///AQGDAkpwdWJsaWNfa2V5ggNYhTCBgjAdBg0rBgEEAYLcfAUDAQIBBgwrBgEEAYLcfAUDAgEDYQCVX1L3PC3sWaY3spTlC5NNtdbeKec7vPhOfYakrEG617U5+YF63okWlh2d1r+SVwENWFcVbo/mqvz2/QaHlecL0zmbNBEwDJzMjroNBowQ5M+29OJ9GVserXhdYY6zk7mCBFggTLlmfCAjkvHDQa1HY5CA4acGMqdh0rKVUbLEJk33q3GCBFggaWHvE3wq7gsEZwgu9tPBLAPpMBO2AqTLYhQnDkhIY/GCBFggaQrEPPLAw3fzkIJFjRF0+eVib/6twqTWpKfrfjCmA4KDAkR0aW1lggNJ4amzjMX5kpgYaXNpZ25hdHVyZVgwpQgVRNJxH1kMccIdAnM+sRZpZXhY1x77U9wH6fCyq6Kp3EteP0r3iKkS4iXQh3aj:, tree=:2dn3gwGCBFggOe1nlRFH1Vwdt7E6Vsmeiyt7M7+eVUqhqZmS6jE1kR2DAklodHRwX2V4cHKDAYMBggRYIBXwbytjMMjKz41eXXmKvyQ4FbnXYPTQKPatJJ5X8QcsgwGCBFggivm0f6uQLi1k44VJ+6q6G2OvzTRAm9Sxm+LL7nWYUe2DAkZhc3NldHODAYMCUWluZGV4LTE2Y2U5YTkxLmpzgwJDPCQ+gwJYIDztw+PbslOe7LyWxTzm3kwlh9nYMdtHh77t35Bqf0HOgwJAgwGDAlggPqguKQCp3h9SzJ3bwrP4cxcTlJEDbmbOu8ATN6kOdxOCA0CDAlggvEOSz7uiGC0m1aFEtnAhBRfDBOjqBvn5l4Ql/Taf/9yCA0CCBFggW6l89Ot58gwEkRSqmGwADbRSJrOlt2I+cjm6qbLQawqCBFggtOqfXTL5KLZP+UC48XSXKpCvaGgwMm+z9S55ZkPamCE=:, expr_path=:2dn3hGlodHRwX2V4cHJmYXNzZXRzcWluZGV4LTE2Y2U5YTkxLmpzYzwkPg==:
vary: origin, access-control-request-method, access-control-request-headers
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
content-length: 269913
x-ic-canister-id: jsfuw-eiaaa-aaaad-qg5yq-cai
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 0195dab1-c7e4-7103-abc4-2d9bd1888bf6
date: Fri, 28 Mar 2025 03:00:39 GMT
X-Firefox-Spdy: h2

jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/assets/index-eff36323.css

212.71.124.189

200 OK

2.4 kB

URL GET
jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/assets/index-eff36323.css
IP
212.71.124.189:443
ASN
#24951 EveryWare AG

Requested by
https://jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/index.html
Certificate
IssuerLet's Encrypt
Subjectboundary.dfinity.network
Fingerprint52:2A:50:36:01:57:AE:4D:35:40:99:22:F2:FE:F8:E0:3F:6D:77:98
ValidityWed, 12 Mar 2025 14:12:57 GMT - Tue, 10 Jun 2025 14:12:56 GMT

File type
ASCII text, with very long lines (2386), with no line terminators
Size
2.4 kB (2385 bytes)
Hash
f206d08eae8ce43f917e55ef84cc313a
33c84b3b684fc2d60946d0768210b855b0f4633f
bef5e668f628e6a5b3dbba8df9e3c4cf8e418d8c1b189dfec7c2ae2c872f3029

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/index-eff36323.css HTTP/1.1
Host: jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
ic-certificateexpression: default_certification(ValidationArgs{certification: Certification{no_request_certification: Empty{}, response_certification: ResponseCertification{certified_response_headers: ResponseHeaderList{headers: ["content-type"]}}}})
ic-certificate: version=2, certificate=:2dn3o2R0cmVlgwGDAYMBggRYIH95Xq8hH7PaMh0ikUKbrUOoaaHM/XYf9aNfGjYjIqH0gwJIY2FuaXN0ZXKDAYIEWCAUI0wmjF2L9B0M8tZv/0OtAmNO0kUx6wnoFBx2Uaf62YMBggRYIBjEkRGaZoFBVtBX/SMVE0nGEeGwFYirJeLN4kiOI+7QgwGCBFggiG9BnNsblAfNb8fXNPNOma/p/9A0EfJVLPkXobNWUZaDAYIEWCBegl8KnLivcn1aiCaPyRGydnUuh8/XKn6n2XlxGyx1G4MBgwGCBFggdcg8H3lAAlrFIcprTvHb1Zd9b7iDiq4TE5KPjtcGxeGDAYMBggRYIDSeyuU5UwHt5MDhoFDMD6xiL1tQ5NcPc8/PPRJoaCUSgwGCBFggJjemHTYL6tIPaJ1nWj9gyY/j28Kn6By/p2OCsib720+DAYIEWCDBsGwjohyYwtaZy4UH3tiXvz+De3D6SNvs/bbXEz5DNoMBgwGCBFggqfvwPOG6/dzRZkBizvTCnX5gXmD7RejQeKj35V3XYYCDAkoAAAAAAHA3cQEBgwGDAYMCTmNlcnRpZmllZF9kYXRhggNYIGuPfPQNfCnN0OS3k1g8rtSXBTRtTDMPfos1r3nJPY3iggRYIJYk6o/dZjEhXzzATLRJ/MORZTG9TlFmqx1ihfp6GhTCggRYIKqk3Vp1z/y+eYCnpWbehwuKz3GKOuJjgV5WGXh6LA8zggRYIHlGInCZmvHn9v/v8Ie6JkFl/BwbqPGwHS9y2L6jflC2ggRYIJKLPm0YCZ1EFJRmR2Ljf4+/wYbYoOqTaj7LwSO/DQ8iggRYIF8QP/z5gx0R4+5iCuJ5F6LrsLoloASA94o86NlZLTUXggRYIKvNwl+EHoUdbJ+kCkBKB+oymfku3Nq5um8C/LtppRD2gwGCBFggWSPSmIrtjkCsAD4+WOGKbBeYpD1rUobAkIHWpm07fNSDAkR0aW1lggNJn66dp7CItpgYaXNpZ25hdHVyZVgwmZrEPklWCLMQBzpaopyMaO+r6FJzWRPdOEq7GS8y7RUyc5roefG2H8lwvimQfYjAamRlbGVnYXRpb26iaXN1Ym5ldF9pZFgdRReLZqQHpNWcCk1nM72izj83wRG0JX7EGQj0+AJrY2VydGlmaWNhdGVZAn3Z2feiZHRyZWWDAYIEWCBg9i0OGEznpcZzpe5I25y1LWh5f7HC638KM980GdilrIMBgwGCBFgg8NB3pk1SwLTjuzRnvBtFxqAXXXrSY10OS0aTGzmKluODAkZzdWJuZXSDAYMBgwGCBFggCYUxW76QW3+TNtcGR5OQWwBWifPJwqIa2aMfvmzdVZmDAYIEWCBGanAobPms6YAcpT4ir27gWaCU/WBJhgbUhLaFQFgwfYMBggRYIDyixVSQnTn5u4MQYMI116Ov7U6HB4vY+cNioCzWW/R8gwGDAlgdRReLZqQHpNWcCk1nM72izj83wRG0JX7EGQj0+AKDAYMCT2NhbmlzdGVyX3Jhbmdlc4IDWBvZ2feBgkoAAAAAAHAAAAEBSgAAAAAAf///AQGDAkpwdWJsaWNfa2V5ggNYhTCBgjAdBg0rBgEEAYLcfAUDAQIBBgwrBgEEAYLcfAUDAgEDYQCVX1L3PC3sWaY3spTlC5NNtdbeKec7vPhOfYakrEG617U5+YF63okWlh2d1r+SVwENWFcVbo/mqvz2/QaHlecL0zmbNBEwDJzMjroNBowQ5M+29OJ9GVserXhdYY6zk7mCBFggTLlmfCAjkvHDQa1HY5CA4acGMqdh0rKVUbLEJk33q3GCBFggaWHvE3wq7gsEZwgu9tPBLAPpMBO2AqTLYhQnDkhIY/GCBFggRiL4crsKkFQnKV3Dnakpj8HZCqaqI2sUZqwy/yXHcwGDAkR0aW1lggNJ2dKOztP5kpgYaXNpZ25hdHVyZVgwrEGaEpOSQaeVEnOxFTs9+xyicZfh0VwyYTpBupnAC3YPOUjuPw9vexyYZd+5NXxd:, tree=:2dn3gwGCBFggOe1nlRFH1Vwdt7E6Vsmeiyt7M7+eVUqhqZmS6jE1kR2DAklodHRwX2V4cHKDAYMBggRYIBXwbytjMMjKz41eXXmKvyQ4FbnXYPTQKPatJJ5X8QcsgwGCBFggivm0f6uQLi1k44VJ+6q6G2OvzTRAm9Sxm+LL7nWYUe2DAkZhc3NldHODAYIEWCAe9xoY1qHWBvY5cChho+0iXcyD9KETKmruAxDF5p1AK4MBggRYIIZPpXsJ8mnZ80ReSMuWhs8V+ek5aCFxKfj+u1lwLtFQgwJSaW5kZXgtZWZmMzYzMjMuY3NzgwJDPCQ+gwJYIDztw+PbslOe7LyWxTzm3kwlh9nYMdtHh77t35Bqf0HOgwJAgwGDAlggWnk0dhcPbgyaOUjVf08T5YxMGSaojYKm68OOprXSd2OCA0CDAlggjU5TANMXMUod+r41VZfemYY4C2V9bJIaYxAVuaz0uNOCA0CCBFggtOqfXTL5KLZP+UC48XSXKpCvaGgwMm+z9S55ZkPamCE=:, expr_path=:2dn3hGlodHRwX2V4cHJmYXNzZXRzcmluZGV4LWVmZjM2MzIzLmNzc2M8JD4=:
vary: origin, access-control-request-method, access-control-request-headers
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
content-length: 2385
x-ic-canister-id: jsfuw-eiaaa-aaaad-qg5yq-cai
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 0195dab1-c7e4-7103-abc4-2daaa6604ef8
date: Fri, 28 Mar 2025 03:00:39 GMT
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js

104.18.186.31

200 OK

80 kB

URL GET
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js
IP
104.18.186.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/index.html
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
80 kB (80421 bytes)
Hash
849e6db145f2905ce210f628bddd9de5
d722fa9982da8aa48df88251bb1897f13c1db3b9
aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04

HTTP Headers

GET /npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 28 Mar 2025 03:00:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 24668
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.3.0
x-jsd-version-type: version
etag: W/"13a25-1yL6mYLaiqSN+IJRuxiX8Twds7k"
content-encoding: br
x-served-by: cache-fra-etou8220038-FRA, cache-lga21921-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 1323589
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h7qag7oyHdj4bfjWIXpeV3MnHIUCU%2FfAhAxU4llVr3dh8PWg1S73PJBJ748F8cM%2BTUdQ1CEbltfLQszYnl0ChcajvbWN567ClgSDle7w5WNu9oPa%2BrP9kpdX%2FTyzqzf4E%2FU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9273e0dfdd2b56ba-OSL
X-Firefox-Spdy: h2

jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/favicon.ico

212.71.124.189

200 OK

5.4 kB

URL GET
jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/favicon.ico
IP
212.71.124.189:443
ASN
#24951 EveryWare AG

Requested by
https://jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/index.html
Certificate
IssuerLet's Encrypt
Subjectboundary.dfinity.network
Fingerprint52:2A:50:36:01:57:AE:4D:35:40:99:22:F2:FE:F8:E0:3F:6D:77:98
ValidityWed, 12 Mar 2025 14:12:57 GMT - Tue, 10 Jun 2025 14:12:56 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5690), with no line terminators
Size
5.4 kB (5389 bytes)
Hash
6f0dcaadbc4561bafcad886cdc72bd9a
cf5a5130c9d9c36f3155f2c63a949fe7fad292aa
20b5a96be10aa67d2235f5e9b3484042e87bd1de3f9dfc36c80ad24284d7f850

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jsfuw-eiaaa-aaaad-qg5yq-cai.icp0.io/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
ic-certificateexpression: default_certification(ValidationArgs{certification: Certification{no_request_certification: Empty{}, response_certification: ResponseCertification{certified_response_headers: ResponseHeaderList{headers: ["content-type"]}}}})
ic-certificate: version=2, certificate=:2dn3o2R0cmVlgwGDAYMBggRYIH95Xq8hH7PaMh0ikUKbrUOoaaHM/XYf9aNfGjYjIqH0gwJIY2FuaXN0ZXKDAYIEWCAUI0wmjF2L9B0M8tZv/0OtAmNO0kUx6wnoFBx2Uaf62YMBggRYIBjEkRGaZoFBVtBX/SMVE0nGEeGwFYirJeLN4kiOI+7QgwGCBFggiG9BnNsblAfNb8fXNPNOma/p/9A0EfJVLPkXobNWUZaDAYIEWCBegl8KnLivcn1aiCaPyRGydnUuh8/XKn6n2XlxGyx1G4MBgwGCBFggdcg8H3lAAlrFIcprTvHb1Zd9b7iDiq4TE5KPjtcGxeGDAYMBggRYIDSeyuU5UwHt5MDhoFDMD6xiL1tQ5NcPc8/PPRJoaCUSgwGCBFggJjemHTYL6tIPaJ1nWj9gyY/j28Kn6By/p2OCsib720+DAYIEWCDBsGwjohyYwtaZy4UH3tiXvz+De3D6SNvs/bbXEz5DNoMBgwGCBFggqfvwPOG6/dzRZkBizvTCnX5gXmD7RejQeKj35V3XYYCDAkoAAAAAAHA3cQEBgwGDAYMCTmNlcnRpZmllZF9kYXRhggNYIGuPfPQNfCnN0OS3k1g8rtSXBTRtTDMPfos1r3nJPY3iggRYIJYk6o/dZjEhXzzATLRJ/MORZTG9TlFmqx1ihfp6GhTCggRYIKqk3Vp1z/y+eYCnpWbehwuKz3GKOuJjgV5WGXh6LA8zggRYIHlGInCZmvHn9v/v8Ie6JkFl/BwbqPGwHS9y2L6jflC2ggRYIJKLPm0YCZ1EFJRmR2Ljf4+/wYbYoOqTaj7LwSO/DQ8iggRYIF8QP/z5gx0R4+5iCuJ5F6LrsLoloASA94o86NlZLTUXggRYIGUJuGTssp3kI+lgX4IYxfWjsWPleQr1dCfmLL8CY8dVgwGCBFgg/octlGzXCK6GBBTFGY14LkEqUpDsOnZIw0Gnj/E5/yiDAkR0aW1lggNJt6PwxrOItpgYaXNpZ25hdHVyZVgwlpb7Max5hLUUfzdy528Dc/Kc1ogyWNRrZKg5fQChSodyC3iomoSsavOfnOhp4vMkamRlbGVnYXRpb26iaXN1Ym5ldF9pZFgdRReLZqQHpNWcCk1nM72izj83wRG0JX7EGQj0+AJrY2VydGlmaWNhdGVZAn3Z2feiZHRyZWWDAYIEWCBSmdxZxKIOh4XTddXvCPLnhdrTveU1abVYxLh9yo820YMBgwGCBFgg8NB3pk1SwLTjuzRnvBtFxqAXXXrSY10OS0aTGzmKluODAkZzdWJuZXSDAYMBgwGCBFggCYUxW76QW3+TNtcGR5OQWwBWifPJwqIa2aMfvmzdVZmDAYIEWCBGanAobPms6YAcpT4ir27gWaCU/WBJhgbUhLaFQFgwfYMBggRYIDyixVSQnTn5u4MQYMI116Ov7U6HB4vY+cNioCzWW/R8gwGDAlgdRReLZqQHpNWcCk1nM72izj83wRG0JX7EGQj0+AKDAYMCT2NhbmlzdGVyX3Jhbmdlc4IDWBvZ2feBgkoAAAAAAHAAAAEBSgAAAAAAf///AQGDAkpwdWJsaWNfa2V5ggNYhTCBgjAdBg0rBgEEAYLcfAUDAQIBBgwrBgEEAYLcfAUDAgEDYQCVX1L3PC3sWaY3spTlC5NNtdbeKec7vPhOfYakrEG617U5+YF63okWlh2d1r+SVwENWFcVbo/mqvz2/QaHlecL0zmbNBEwDJzMjroNBowQ5M+29OJ9GVserXhdYY6zk7mCBFggTLlmfCAjkvHDQa1HY5CA4acGMqdh0rKVUbLEJk33q3GCBFggaWHvE3wq7gsEZwgu9tPBLAPpMBO2AqTLYhQnDkhIY/GCBFggjgmfqFr7M0X/+lA5zobFb0ErIpHKL/1DGkVh6DsrmSiDAkR0aW1lggNJg8aslNX5kpgYaXNpZ25hdHVyZVgwkWkfWp9COzdtCP+9/rP+IaoPOuWvF8ybANJsnEBtyHwfjkbaPn4K20G9wE+Ggjqr:, tree=:2dn3gwGCBFggOe1nlRFH1Vwdt7E6Vsmeiyt7M7+eVUqhqZmS6jE1kR2DAklodHRwX2V4cHKDAYMBgwJAgwJDPCQ+ggRYIEOx4CkhoE2/i3ucAPSuKi55Mva/JhJrntfY/5wAlMpKgwGDAkM8Kj6DAlggPO3D49uyU57svJbFPObeTCWH2dgx20eHvu3fkGp/Qc6DAkCDAlggTxHpV9xXAT/EgjGUqXgG9jucOqQzZSMkqvucAxeSsbaCA0CCBFggnEPUJgpq+HymN+YyDGqybibgRorZAzKZrG1cqp5Ou1mDAYMCTGJhY2tlbmQud2FzbYIEWCDB8uKZ3V/5Qg2n2Z1aVsvWleMVeVtvOtr5+lC7u59m/YMBgwJFaW5kZXiCBFggHQJdgYZKKbxG230yl5zkbYZC7YlLBxPsm2zuHuaR1/GCBFggA7/Jod6DQcRq1/Y5CYWQ294WJtOoOBCJb4j8QUMKFbM=:, expr_path=:2dn3gmlodHRwX2V4cHJjPCo+:
vary: origin, access-control-request-method, access-control-request-headers
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
content-length: 5389
x-ic-canister-id: jsfuw-eiaaa-aaaad-qg5yq-cai
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 0195dab1-cb0c-7a63-9f8b-5252a37012a9
date: Fri, 28 Mar 2025 03:00:39 GMT
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (6)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type