Report - cf-ipfs.com/ipfs/QmNLmv3J5DCwCXgFwKWFqHXM8ruC4g15GePnBDawyT4Bc4

Report Overview

Submitted URL
cf-ipfs.com/ipfs/QmNLmv3J5DCwCXgFwKWFqHXM8ruC4g15GePnBDawyT4Bc4
IP
104.17.96.13
ASN
#13335 CLOUDFLARENET
Submitted
2024-03-29 15:52:10
Access
public
Website Title
bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Final URL
bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Tags
wetransfer phishing financial
urlquery detections
Phishing - WeTransfer
Phishing - Generic phishing

Detections

urlquery
19
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-03-28	591 B	7.2 kB	104.17.25.14
bafybeibqo6sij2nxln2lh3l4bhpufkriqsc6vtcni44smmcw2hskahjtxq.ipfs.dweb.link	unknown	2017-02-24	2023-07-02	2024-03-17	543 B	45 kB	209.94.90.1
bafybeic6x2fp4tittdgm62ih5upavzl5cd7mfqheybck3e262z3mwy4xpy.ipfs.dweb.link	unknown	2017-02-24	2023-07-02	2024-03-17	531 B	20 kB	209.94.90.1
bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu.ipfs.dweb.link	unknown	2017-02-24	2023-06-29	2024-03-25	535 B	87 kB	209.94.90.1
cf-ipfs.com	655312	2018-12-05	2018-12-20	2024-03-28	517 B	1.1 kB	104.17.64.14
dweb.link	unknown	2017-02-24	2017-06-27	2024-03-24	4.2 kB	14 kB	209.94.90.1
bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona.ipfs.dweb.link	unknown	2017-02-24	2023-07-02	2024-03-25	561 B	23 kB	209.94.90.1
bafybeihtdqp4mpo54jpiwxw4kaxtsv2eg7vfbtauaky25f4lelnwd542pm.ipfs.dweb.link	unknown	2017-02-24	2023-07-01	2024-03-25	1.2 kB	14 kB	209.94.90.1
bafybeicarifyatgz3sd2cfgucp3bo5bddjyou7vevbvy3bd5epwtmbyu3y.ipfs.dweb.link	unknown	2017-02-24	2023-07-02	2024-03-17	563 B	8.0 kB	209.94.90.1
bafybeibti4iinvd5b2p775563ygtudzqktihggrtnksbmphezza3hn4eoi.ipfs.dweb.link	unknown	2017-02-24	2023-07-02	2024-03-17	547 B	20 kB	209.94.90.1
i.postimg.cc	23840	2016-06-11	2018-04-11	2024-03-28	1.5 kB	159 kB	162.19.61.80
bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com	unknown	2018-12-05	2023-07-05	2024-03-17	1.9 kB	51 kB	104.17.64.14
code.jquery.com	634	2005-12-10	2012-05-21	2024-03-28	475 B	24 kB	151.101.66.137
bafybeicpmxcovgwlyxv4eqnea4eikta2zqxrymbkggdyjaredhcaatcc5a.ipfs.dweb.link	unknown	2017-02-24	2023-07-02	2024-03-17	564 B	6.6 kB	209.94.90.1
bafybeihzk3r5vvkorkyw6yhdrq6ybyddsqbstgcv563nc4kooxaup7lqee.ipfs.dweb.link	unknown	2017-02-24	2023-07-02	2024-03-17	559 B	12 kB	209.94.90.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-29	medium	cf-ipfs.com/ipfs/QmNLmv3J5DCwCXgFwKWFqHXM8ruC4g15GePnBDawyT4Bc4	WeTransfer
2024-03-16	medium	bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/	WeTransfer
2024-03-16	medium	bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/	WeTransfer
2024-03-16	medium	bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/	WeTransfer

PhishTank

Scan Date	Severity	Indicator	Alert
2023-07-05	medium	cf-ipfs.com/ipfs/QmNLmv3J5DCwCXgFwKWFqHXM8ruC4g15GePnBDawyT4Bc4	Other
2023-07-05	medium	bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/index_files/webfont.js	Other
2023-07-05	medium	bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/index_files/webfont.js	Other
2023-07-05	medium	bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	dweb.link/ipfs/QmUiVYsNJuaBoCQ1hYeQE8uXVu6LwDSEBUuA3PxKe7zUFX?filename=popper.js	19 kB	2023-03-07	2024-04-29
Pretty URL dweb.link/ipfs/QmUiVYsNJuaBoCQ1hYeQE8uXVu6LwDSEBUuA3PxKe7zUFX?filename=popper.js IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-29 08:49:59 Times Seen112280 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	code.jquery.com/jquery-3.2.1.slim.min.js	70 kB	2023-03-07	2024-04-29
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-04-29 08:55:12 Times Seen106872 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	unknown	763 B	2023-07-04	2024-04-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-04 13:03:34 Last Seen2024-04-22 18:59:57 Times Seen39 Hash fa745e2fd6b68171eaa256f4493ea7d3 7d440ae25068979b8137231ea1ed21838f9b6f90 250cfe0450adba022c27e9914a37e443f569f8718a8a46826c7b6b3bb5e2c980 Loading...

	dweb.link/ipfs/QmRbr6GPmMaXViCSY6fErfB14WWdCMBESyRzTPdk6VvjDu?filename=jquery.js	87 kB	2023-03-07	2024-04-29
Pretty URL dweb.link/ipfs/QmRbr6GPmMaXViCSY6fErfB14WWdCMBESyRzTPdk6VvjDu?filename=jquery.js IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-29 08:45:38 Times Seen106845 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	dweb.link/ipfs/QmRnpMNJrtmXUfNwYvar6xWLQJxUs65hDtHZUHQfowNRCm?filename=sweetalert.js	41 kB	2023-03-07	2024-04-29
Pretty URL dweb.link/ipfs/QmRnpMNJrtmXUfNwYvar6xWLQJxUs65hDtHZUHQfowNRCm?filename=sweetalert.js IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:31 Last Seen2024-04-29 08:22:19 Times Seen7416 Hash f3b8ce97ff6ce324da6232da353adf40 2a3daabc70232c6350ab48d32605dc4a6ac1f1fa 2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b Loading...

	bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/	131 B	2023-06-15	2024-04-23
Pretty URL bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/ IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-15 06:44:28 Last Seen2024-04-23 18:47:16 Times Seen152 Hash 0acbc88ef714509336f1a12c34927b89 27f92a58e72f7b8b7dcc98283a3d84277f753193 3112d0f83f1cb864b160f55536b3c38d2648f142db0f5eeb629e9540d30f4d81 Loading...

	bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu.ipfs.dweb.link/?filename=jquery.min.js	86 kB	2023-03-07	2024-04-27
Pretty URL bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu.ipfs.dweb.link/?filename=jquery.min.js IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-27 04:20:01 Times Seen891 Hash bceabde9d4ba653fd1f4bb171bff0c01 c8cdd4f8e91a77cddbc6d9ce8d5f302c52d74b6f 7496a1a9d658f14a47f7ee8dfa70840e47efa61b55b02cda8b316b0fc8dcc2c5 Loading...

	bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/	10 kB	2023-07-04	2024-04-22
Pretty URL bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/ IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-04 13:03:34 Last Seen2024-04-22 18:39:36 Times Seen27 Hash 2e6769dd6ea824e3446303170f2a3724 29261f8a808b71c94e42b02917231f7c7df05c30 bdb70a249b91d3ea8878d1448123aedb3e90256f5756e4aba117bd58538b1a37 Loading...

	unknown	4.2 kB	2023-07-04	2024-04-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-04 13:03:34 Last Seen2024-04-22 18:39:36 Times Seen27 Hash 80d63bcc7067a02aa2f7452fd27b58c5 45b894db4db3a45af4e593dc4d819df907606bb7 1a2cf06f3eb726d422463a999e2d05911433a59543368dc01453161dd30aa142 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 4d12a11d93617efa27441f47869d156d	401 B	2023-03-07	2024-04-28
Pretty Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-28 18:59:38 Times Seen629 Hash 4d12a11d93617efa27441f47869d156d 70dd822485874fe16f334468bfffe5dad153abbd 91c16639d04eaf68a0a87c022519be74068014b8ace744930ec7727afa2fa41d Loading...

		Size	First Seen	Last Seen
	#1 Write - ea8e756123edef8246eb8420f1c1ce27	4.7 kB	2023-07-04	2024-04-22
Pretty Observations First Seen2023-07-04 13:03:34 Last Seen2024-04-22 18:39:36 Times Seen27 Hash ea8e756123edef8246eb8420f1c1ce27 4ee97e458f3e81335f5dc66e73bcffb5e3f7f32d fc442d2d5d0902abd34a6f0406506fa2006c9c2e54709c71fde44d84b98c93d2 Loading...

HTTP Transactions (27)

URL IP Response Size

cf-ipfs.com/ipfs/QmNLmv3J5DCwCXgFwKWFqHXM8ruC4g15GePnBDawyT4Bc4

104.17.64.14

301 Moved Permanently

120 B

URL User Request GET HTTP/2
cf-ipfs.com/ipfs/QmNLmv3J5DCwCXgFwKWFqHXM8ruC4g15GePnBDawyT4Bc4
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectcf-ipfs.com
Fingerprint33:42:32:E5:22:DD:EC:B2:FA:AD:88:57:0E:97:21:CF:2E:C4:17:BA
ValiditySat, 06 May 2023 00:00:00 GMT - Sun, 05 May 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
120 B (120 bytes)
Hash
8ba5ab1dd3aa01a10da6797bc188d70a
0ae73b391c4ed97a2ac870e40646a0b5542f7169
05bcf293971ffae98fd4496a37c3f2e9aed8a4ed6c65facc8fdfa5c37f7794b0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WeTransfer
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/QmNLmv3J5DCwCXgFwKWFqHXM8ruC4g15GePnBDawyT4Bc4 HTTP/1.1
Host: cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 29 Mar 2024 15:51:44 GMT
content-type: text/html; charset=utf-8
content-length: 120
location: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
cf-ray: 86c105e70929b4ed-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: no-store
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
set-cookie: __cf_bm=.CHu_NY6.GqWEVz6TbwAGsyiHZkgyz_BVQUecTkgyWE-1711727504-1.0.1.1-bfEzSjsVaCIny3QvEKcXvl7yW8ooU6gKLhUoVF5iV2608O5Fnn3FYfiYJxmLR2hojf6RwM_YEX4_.CLVNDUQAQ; path=/; expires=Fri, 29-Mar-24 16:21:44 GMT; domain=.cf-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

104.17.25.14

200 OK

6.2 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (19015)
Size
6.2 kB (6157 bytes)
Hash
70d3fda195602fe8b75e0097eed74dde
c3b977aa4b8dfb69d651e07015031d385ded964b
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

HTTP Headers

GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 15:51:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1172389
expires: Wed, 19 Mar 2025 15:51:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WZVxgTFXYEzsUkthoFvwokaEAmgUgp75b7oy%2Fd9ggbq0FhA0J%2Bp1w4LCitDOdRQDGIHOMEKX0P33RZx%2FwuuAYniamzKWF%2BsMprBq3DjKeq%2BG2gZxO8ulSfqSGK7fmWr3JBKW04uC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 86c105ef0b815691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dweb.link/ipfs/QmSgatZddgpVbC7qiSzcy7TRTe24FKvADHfP4psTqZthyP?filename=logo.jpg

209.94.90.1

301 Moved Permanently

136 B

URL GET HTTP/2
dweb.link/ipfs/QmSgatZddgpVbC7qiSzcy7TRTe24FKvADHfP4psTqZthyP?filename=logo.jpg
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text
Size
136 B (136 bytes)
Hash
f7ed76f13dde1eadd25e1dde15d0380a
41522f8bcbfa2395a055dd1584c74ce0c9c8c54f
72b6c396f56cdd464c726591c1c6a45f3c26b1b8793579481c6f5e885d4ea54f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /ipfs/QmSgatZddgpVbC7qiSzcy7TRTe24FKvADHfP4psTqZthyP?filename=logo.jpg HTTP/1.1
Host: dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
server: openresty
date: Fri, 29 Mar 2024 15:51:45 GMT
content-type: text/html; charset=utf-8
content-length: 136
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
location: https://bafybeicarifyatgz3sd2cfgucp3bo5bddjyou7vevbvy3bd5epwtmbyu3y.ipfs.dweb.link/?filename=logo.jpg
x-ipfs-pop: ipfs-bank3-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: f18cb96a8598ac8a9f7d298a3e92da0f
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
X-Firefox-Spdy: h2

dweb.link/ipfs/QmTgavUm1wZU5UMoUwb1to6zVgCo7nR7p7ic6H44RRPrX9?filename=font-awesome.css

209.94.90.1

301 Moved Permanently

144 B

URL GET HTTP/2
dweb.link/ipfs/QmTgavUm1wZU5UMoUwb1to6zVgCo7nR7p7ic6H44RRPrX9?filename=font-awesome.css
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text
Size
144 B (144 bytes)
Hash
0095e01889589a96ec6c2fa64e4e0a7c
ff86ffb4165587acb560367a3acd85507c7e09f7
4beba4ea5c0c7453f153b1ae595887b2ae96aba797094c26f9c8e0f1c24c0500

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /ipfs/QmTgavUm1wZU5UMoUwb1to6zVgCo7nR7p7ic6H44RRPrX9?filename=font-awesome.css HTTP/1.1
Host: dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: openresty
date: Fri, 29 Mar 2024 15:51:45 GMT
content-type: text/html; charset=utf-8
content-length: 144
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
location: https://bafybeicpmxcovgwlyxv4eqnea4eikta2zqxrymbkggdyjaredhcaatcc5a.ipfs.dweb.link/?filename=font-awesome.css
x-ipfs-pop: ipfs-bank3-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: 79b57996549bb3f7436115810c1b5841
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
X-Firefox-Spdy: h2

dweb.link/ipfs/QmeheeqeAGN8QeMMXY2Pusp4gwJH99dKPqUCfsX6vwoRKQ?filename=bootstrap.js

209.94.90.1

410 Gone

6.7 kB

URL GET HTTP/2
dweb.link/ipfs/QmeheeqeAGN8QeMMXY2Pusp4gwJH99dKPqUCfsX6vwoRKQ?filename=bootstrap.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text, with very long lines (1632)
Size
6.7 kB (6672 bytes)
Hash
f2ce39c9881b4a12aff800f6713c69d1
0f047ecc756d17f61d81da4b3bede1d80575bfe1
86f21e29947180f7b68e81b82992f786fc08b694ac4c714352f072768788f150

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /ipfs/QmeheeqeAGN8QeMMXY2Pusp4gwJH99dKPqUCfsX6vwoRKQ?filename=bootstrap.js HTTP/1.1
Host: dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 410 Gone
server: openresty
date: Fri, 29 Mar 2024 15:51:45 GMT
content-type: text/html
content-length: 6672
etag: "650c2b70-1a10"
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: 4929f1c32eef9f38abc812e9ae0bec19
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

dweb.link/ipfs/QmRbr6GPmMaXViCSY6fErfB14WWdCMBESyRzTPdk6VvjDu?filename=jquery.js

209.94.90.1

301 Moved Permanently

137 B

URL GET HTTP/2
dweb.link/ipfs/QmRbr6GPmMaXViCSY6fErfB14WWdCMBESyRzTPdk6VvjDu?filename=jquery.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text
Size
137 B (137 bytes)
Hash
28e735fd4f6ee8d8dc888bcb96d48c3a
60578f4a502f70b8092c34d5483df943c0ac36ea
465b0a55df7521b39e2520c06dc37aac2d6d74ca136453dd5dcde14c2d7dcdc7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /ipfs/QmRbr6GPmMaXViCSY6fErfB14WWdCMBESyRzTPdk6VvjDu?filename=jquery.js HTTP/1.1
Host: dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: openresty
date: Fri, 29 Mar 2024 15:51:45 GMT
content-type: text/html; charset=utf-8
content-length: 137
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
location: https://bafybeibqo6sij2nxln2lh3l4bhpufkriqsc6vtcni44smmcw2hskahjtxq.ipfs.dweb.link/?filename=jquery.js
x-ipfs-pop: ipfs-bank2-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: 62c88e445816766fa13b3392b894e63e
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: EXPIRED
X-Firefox-Spdy: h2

bafybeihtdqp4mpo54jpiwxw4kaxtsv2eg7vfbtauaky25f4lelnwd542pm.ipfs.dweb.link/?filename=bootstrap.min.js

209.94.90.1

410 Gone

6.7 kB

URL GET HTTP/2
bafybeihtdqp4mpo54jpiwxw4kaxtsv2eg7vfbtauaky25f4lelnwd542pm.ipfs.dweb.link/?filename=bootstrap.min.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text, with very long lines (1632)
Size
6.7 kB (6672 bytes)
Hash
f2ce39c9881b4a12aff800f6713c69d1
0f047ecc756d17f61d81da4b3bede1d80575bfe1
86f21e29947180f7b68e81b82992f786fc08b694ac4c714352f072768788f150

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /?filename=bootstrap.min.js HTTP/1.1
Host: bafybeihtdqp4mpo54jpiwxw4kaxtsv2eg7vfbtauaky25f4lelnwd542pm.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 410 Gone
server: openresty
date: Fri, 29 Mar 2024 15:51:45 GMT
content-type: text/html
content-length: 6672
etag: "650c2b70-1a10"
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: 3b9c6df2f0683fcf5f17f68d30b2e899
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

dweb.link/ipfs/QmRnpMNJrtmXUfNwYvar6xWLQJxUs65hDtHZUHQfowNRCm?filename=sweetalert.js

209.94.90.1

301 Moved Permanently

141 B

URL GET HTTP/2
dweb.link/ipfs/QmRnpMNJrtmXUfNwYvar6xWLQJxUs65hDtHZUHQfowNRCm?filename=sweetalert.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text
Size
141 B (141 bytes)
Hash
e328380da6be36d4ee1bb6eecba270f4
40e6e3dc2f6890b3974e930176050b3f412cc4ae
4bcac744b173f98145329cb8f1d7958ff01941e06cf97b1cd9443d94f47f13c1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /ipfs/QmRnpMNJrtmXUfNwYvar6xWLQJxUs65hDtHZUHQfowNRCm?filename=sweetalert.js HTTP/1.1
Host: dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
server: openresty
date: Fri, 29 Mar 2024 15:51:45 GMT
content-type: text/html; charset=utf-8
content-length: 141
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
location: https://bafybeibti4iinvd5b2p775563ygtudzqktihggrtnksbmphezza3hn4eoi.ipfs.dweb.link/?filename=sweetalert.js
x-ipfs-pop: ipfs-bank2-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: d47b2f0dc2cb50f1b4eb4a99312ba650
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: EXPIRED
X-Firefox-Spdy: h2

dweb.link/ipfs/QmRJEENewudtFXP4Q6GzkWvKcm1WTMDrSca7QbGwSdrtMm?filename=bootstrap.css

209.94.90.1

301 Moved Permanently

141 B

URL GET HTTP/2
dweb.link/ipfs/QmRJEENewudtFXP4Q6GzkWvKcm1WTMDrSca7QbGwSdrtMm?filename=bootstrap.css
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text
Size
141 B (141 bytes)
Hash
5075898dfe559205113c24d2bf45dc18
a59688817b13fbd3a12e65b122051e8d5bccbc57
d99849d50d31c2deb73c88087440e84c8e2e95c0fcd82d615669f6603e2666c4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /ipfs/QmRJEENewudtFXP4Q6GzkWvKcm1WTMDrSca7QbGwSdrtMm?filename=bootstrap.css HTTP/1.1
Host: dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: openresty
date: Fri, 29 Mar 2024 15:51:45 GMT
content-type: text/html; charset=utf-8
content-length: 141
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
location: https://bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona.ipfs.dweb.link/?filename=bootstrap.css
x-ipfs-pop: ipfs-bank3-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: a75e6842b97234d3c085781482bdd193
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.2.1.slim.min.js

151.101.66.137

200 OK

24 kB

URL GET HTTP/2
code.jquery.com/jquery-3.2.1.slim.min.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32012)
Size
24 kB (23856 bytes)
Hash
5f48fc77cac90c4778fa24ec9c57f37d
9e89d1515bc4c371b86f4cb1002fd8e377c1829f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

HTTP Headers

GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-10fdd"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 29 Mar 2024 15:51:45 GMT
age: 16823703
x-served-by: cache-lga21963-LGA, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 13, 31115
x-timer: S1711727506.881214,VS0,VE0
vary: Accept-Encoding
content-length: 23856
X-Firefox-Spdy: h2

dweb.link/ipfs/Qmf7y59RuutyHLhsgQXGDBWGohxMZPfeU4M6ZiVDSC7bma?filename=animate.css

209.94.90.1

301 Moved Permanently

139 B

URL GET HTTP/2
dweb.link/ipfs/Qmf7y59RuutyHLhsgQXGDBWGohxMZPfeU4M6ZiVDSC7bma?filename=animate.css
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text
Size
139 B (139 bytes)
Hash
439db0545a713f00e13cf46233762444
d97e378824f29b648e291074e7a90e8d147345c0
775f99362336dab691a84e0726ce0e8e5a5be1b91c36fc650a9cdade9df32689

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /ipfs/Qmf7y59RuutyHLhsgQXGDBWGohxMZPfeU4M6ZiVDSC7bma?filename=animate.css HTTP/1.1
Host: dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: openresty
date: Fri, 29 Mar 2024 15:51:45 GMT
content-type: text/html; charset=utf-8
content-length: 139
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
location: https://bafybeihzk3r5vvkorkyw6yhdrq6ybyddsqbstgcv563nc4kooxaup7lqee.ipfs.dweb.link/?filename=animate.css
x-ipfs-pop: ipfs-bank3-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: c7d26c2699dcdbc8cb97d5114e13fdcc
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
X-Firefox-Spdy: h2

dweb.link/ipfs/QmUiVYsNJuaBoCQ1hYeQE8uXVu6LwDSEBUuA3PxKe7zUFX?filename=popper.js

209.94.90.1

301 Moved Permanently

137 B

URL GET HTTP/2
dweb.link/ipfs/QmUiVYsNJuaBoCQ1hYeQE8uXVu6LwDSEBUuA3PxKe7zUFX?filename=popper.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text
Size
137 B (137 bytes)
Hash
aeb6a5bc098c1cdcc596a46f73dc6d58
d009f7e8cbe879389277dba098d302032dc1062e
d27c51aa56e1890f2d29ebaab1f7d83bc05913925b92518d9bc452ec979454dc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /ipfs/QmUiVYsNJuaBoCQ1hYeQE8uXVu6LwDSEBUuA3PxKe7zUFX?filename=popper.js HTTP/1.1
Host: dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: openresty
date: Fri, 29 Mar 2024 15:51:45 GMT
content-type: text/html; charset=utf-8
content-length: 137
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
location: https://bafybeic6x2fp4tittdgm62ih5upavzl5cd7mfqheybck3e262z3mwy4xpy.ipfs.dweb.link/?filename=popper.js
x-ipfs-pop: ipfs-bank2-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: bdf7ae519020676a359765e18874a385
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: EXPIRED
X-Firefox-Spdy: h2

bafybeicarifyatgz3sd2cfgucp3bo5bddjyou7vevbvy3bd5epwtmbyu3y.ipfs.dweb.link/?filename=logo.jpg

209.94.90.1

200 OK

6.9 kB

URL GET HTTP/2
bafybeicarifyatgz3sd2cfgucp3bo5bddjyou7vevbvy3bd5epwtmbyu3y.ipfs.dweb.link/?filename=logo.jpg
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3, height=0, orientation=upper-left, width=0], baseline, precision 8, 289x57, components 3
Size
6.9 kB (6929 bytes)
Hash
d04a0e077be370d23d16c1358749563b
d41f2bc6ee296019eba5798682f0b60cff2084a6
f8caf3207186e803510b7c02c6de2818abda8d0720f2764cb4e720a35a4d991e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /?filename=logo.jpg HTTP/1.1
Host: bafybeicarifyatgz3sd2cfgucp3bo5bddjyou7vevbvy3bd5epwtmbyu3y.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 29 Mar 2024 15:51:46 GMT
content-type: image/jpeg
content-length: 6929
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="logo.jpg"; filename*=UTF-8''logo.jpg
etag: "bafybeicarifyatgz3sd2cfgucp3bo5bddjyou7vevbvy3bd5epwtmbyu3y"
x-ipfs-path: /ipfs/bafybeicarifyatgz3sd2cfgucp3bo5bddjyou7vevbvy3bd5epwtmbyu3y/
x-ipfs-roots: bafybeicarifyatgz3sd2cfgucp3bo5bddjyou7vevbvy3bd5epwtmbyu3y
x-ipfs-pop: ipfs-bank4-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: 6aacc64070c77ea8fad61383531eb007
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona.ipfs.dweb.link/?filename=bootstrap.css

209.94.90.1

200 OK

22 kB

URL GET HTTP/2
bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona.ipfs.dweb.link/?filename=bootstrap.css
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
gzip compressed data, from Unix
Size
22 kB (21647 bytes)
Hash
ecf054c35855c5d74b4ad9de6124d39e
51a87e44c38f5ee945f40421ae19d4dcb74b9cfb
bac94f07b6c1b4953a845835725ab785edec0ea15064ed3a5264c5cd46d7be6b

HTTP Headers

GET /?filename=bootstrap.css HTTP/1.1
Host: bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 29 Mar 2024 15:51:46 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="bootstrap.css"; filename*=UTF-8''bootstrap.css
etag: W/"bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona"
x-ipfs-path: /ipfs/bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona/
x-ipfs-roots: bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona
x-ipfs-pop: ipfs-bank6-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: 757858640ec0effdccd9d8b9b3d0a4b4
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeicpmxcovgwlyxv4eqnea4eikta2zqxrymbkggdyjaredhcaatcc5a.ipfs.dweb.link/?filename=font-awesome.css

209.94.90.1

200 OK

5.6 kB

URL GET HTTP/2
bafybeicpmxcovgwlyxv4eqnea4eikta2zqxrymbkggdyjaredhcaatcc5a.ipfs.dweb.link/?filename=font-awesome.css
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
gzip compressed data, from Unix
Size
5.6 kB (5585 bytes)
Hash
21a553fbc5b1ebe51419781b73a096c0
1b12dd88bc22a781c9ace872923e253a74a96005
4e76a238ef7f3ef8ca4dad2303ff36a532d2085e8c788471066a01df4de84a6e

HTTP Headers

GET /?filename=font-awesome.css HTTP/1.1
Host: bafybeicpmxcovgwlyxv4eqnea4eikta2zqxrymbkggdyjaredhcaatcc5a.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 29 Mar 2024 15:51:46 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="font-awesome.css"; filename*=UTF-8''font-awesome.css
etag: W/"bafybeicpmxcovgwlyxv4eqnea4eikta2zqxrymbkggdyjaredhcaatcc5a"
x-ipfs-path: /ipfs/bafybeicpmxcovgwlyxv4eqnea4eikta2zqxrymbkggdyjaredhcaatcc5a/
x-ipfs-roots: bafybeicpmxcovgwlyxv4eqnea4eikta2zqxrymbkggdyjaredhcaatcc5a
x-ipfs-pop: ipfs-bank4-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: d5144835ad7ff627d4b0a950aca00ab3
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeihzk3r5vvkorkyw6yhdrq6ybyddsqbstgcv563nc4kooxaup7lqee.ipfs.dweb.link/?filename=animate.css

209.94.90.1

200 OK

11 kB

URL GET HTTP/2
bafybeihzk3r5vvkorkyw6yhdrq6ybyddsqbstgcv563nc4kooxaup7lqee.ipfs.dweb.link/?filename=animate.css
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
gzip compressed data, from Unix
Size
11 kB (10775 bytes)
Hash
38d388f6e33542bb86e753a8f4b60dbb
43762b0ab3889beba056414d24d1f66b1af6ede0
28e98b5d252973da069f778341120ecbe08daf8aa998e0d198020662ada7dfbd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /?filename=animate.css HTTP/1.1
Host: bafybeihzk3r5vvkorkyw6yhdrq6ybyddsqbstgcv563nc4kooxaup7lqee.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 29 Mar 2024 15:51:46 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="animate.css"; filename*=UTF-8''animate.css
etag: W/"bafybeihzk3r5vvkorkyw6yhdrq6ybyddsqbstgcv563nc4kooxaup7lqee"
x-ipfs-path: /ipfs/bafybeihzk3r5vvkorkyw6yhdrq6ybyddsqbstgcv563nc4kooxaup7lqee/
x-ipfs-roots: bafybeihzk3r5vvkorkyw6yhdrq6ybyddsqbstgcv563nc4kooxaup7lqee
x-ipfs-pop: ipfs-bank4-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: 33f7841d448c7c837ee6bc2691e80de5
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeibti4iinvd5b2p775563ygtudzqktihggrtnksbmphezza3hn4eoi.ipfs.dweb.link/?filename=sweetalert.js

209.94.90.1

200 OK

19 kB

URL GET HTTP/2
bafybeibti4iinvd5b2p775563ygtudzqktihggrtnksbmphezza3hn4eoi.ipfs.dweb.link/?filename=sweetalert.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
gzip compressed data, from Unix
Size
19 kB (18607 bytes)
Hash
2db962d2b8f28a68d29b9ae2fffa6d93
86f339e213bcdc1e9a4013cf0ebdefa560199b74
5a89fac06821c6950afc7398ead058b387949caf4bcb7659c364a364ac155d8e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /?filename=sweetalert.js HTTP/1.1
Host: bafybeibti4iinvd5b2p775563ygtudzqktihggrtnksbmphezza3hn4eoi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 29 Mar 2024 15:51:46 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="sweetalert.js"; filename*=UTF-8''sweetalert.js
etag: W/"bafybeibti4iinvd5b2p775563ygtudzqktihggrtnksbmphezza3hn4eoi"
x-ipfs-path: /ipfs/bafybeibti4iinvd5b2p775563ygtudzqktihggrtnksbmphezza3hn4eoi/
x-ipfs-roots: bafybeibti4iinvd5b2p775563ygtudzqktihggrtnksbmphezza3hn4eoi
x-ipfs-pop: ipfs-bank1-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: 13a9a80e74e9d74f3d04ed3466b50d08
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeihtdqp4mpo54jpiwxw4kaxtsv2eg7vfbtauaky25f4lelnwd542pm.ipfs.dweb.link/?filename=bootstrap.min.js

209.94.90.1

410 Gone

6.7 kB

URL GET HTTP/2
bafybeihtdqp4mpo54jpiwxw4kaxtsv2eg7vfbtauaky25f4lelnwd542pm.ipfs.dweb.link/?filename=bootstrap.min.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text, with very long lines (1632)
Size
6.7 kB (6672 bytes)
Hash
f2ce39c9881b4a12aff800f6713c69d1
0f047ecc756d17f61d81da4b3bede1d80575bfe1
86f21e29947180f7b68e81b82992f786fc08b694ac4c714352f072768788f150

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /?filename=bootstrap.min.js HTTP/1.1
Host: bafybeihtdqp4mpo54jpiwxw4kaxtsv2eg7vfbtauaky25f4lelnwd542pm.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 410 Gone
server: openresty
date: Fri, 29 Mar 2024 15:51:46 GMT
content-type: text/html
content-length: 6672
etag: "650c2b70-1a10"
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: 9fa19520b1cdc35b0821658959aa9f97
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

i.postimg.cc/1zyhynKB/bg.png

162.19.61.80

200 OK

148 kB

URL GET HTTP/2
i.postimg.cc/1zyhynKB/bg.png
IP
162.19.61.80:443
ASN
#16276 OVH SAS

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13
ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT

File type
PNG image data, 1280 x 589, 8-bit/color RGBA, non-interlaced
Size
148 kB (148425 bytes)
Hash
c928ead236377018eef3508cefde85a7
c777bb5d8cbb6f758a1cf6d2a4d40dfb449a7e48
d55a412bcdc152e05ae539ce1f769a0c71aeef6336a4de2754b013e2bc11af71

HTTP Headers

GET /1zyhynKB/bg.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 15:51:46 GMT
content-type: image/png
content-length: 148425
last-modified: Fri, 23 Jun 2023 07:41:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/3JWwH6wN/apple-touch-icon.png

162.19.61.80

200 OK

9.2 kB

URL GET HTTP/2
i.postimg.cc/3JWwH6wN/apple-touch-icon.png
IP
162.19.61.80:443
ASN
#16276 OVH SAS

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13
ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
9.2 kB (9187 bytes)
Hash
3c231b07623cd54d8404d053145b43b8
fd1c20f77dc6603bec0dc459de6a39a50273ead9
1a7f1cc031190e273ff7d38dd6d7677444eb018f42dbd77a1a78a411a9ca8f74

HTTP Headers

GET /3JWwH6wN/apple-touch-icon.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 15:51:46 GMT
content-type: image/png
content-length: 9187
last-modified: Fri, 23 Jun 2023 07:40:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/wxnBg2Rk/favicon-16x16.png

162.19.61.80

200 OK

352 B

URL GET HTTP/2
i.postimg.cc/wxnBg2Rk/favicon-16x16.png
IP
162.19.61.80:443
ASN
#16276 OVH SAS

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13
ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
352 B (352 bytes)
Hash
29a7971ab512fe1c421fa65a785d3970
ba837103dd3877c780a0916c061fd2af38eff741
03aa5551ce60e0e703f7239cb2de4c6f26b9ca7802736dbd30c36af16440d3a1

HTTP Headers

GET /wxnBg2Rk/favicon-16x16.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 15:51:46 GMT
content-type: image/png
content-length: 352
last-modified: Fri, 23 Jun 2023 07:42:10 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

bafybeibqo6sij2nxln2lh3l4bhpufkriqsc6vtcni44smmcw2hskahjtxq.ipfs.dweb.link/?filename=jquery.js

209.94.90.1

200 OK

44 kB

URL GET HTTP/2
bafybeibqo6sij2nxln2lh3l4bhpufkriqsc6vtcni44smmcw2hskahjtxq.ipfs.dweb.link/?filename=jquery.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
gzip compressed data, from Unix
Size
44 kB (43766 bytes)
Hash
42dee74aa6de68a000c673983790dba0
af4bd7dcdbece9cf84034e63e23645d26799088b
72e415e3797d3a094b1ca802b7876855e3e9b1199a67db7354328f6d07584e96

HTTP Headers

GET /?filename=jquery.js HTTP/1.1
Host: bafybeibqo6sij2nxln2lh3l4bhpufkriqsc6vtcni44smmcw2hskahjtxq.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 29 Mar 2024 15:51:46 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="jquery.js"; filename*=UTF-8''jquery.js
etag: W/"bafybeibqo6sij2nxln2lh3l4bhpufkriqsc6vtcni44smmcw2hskahjtxq"
x-ipfs-path: /ipfs/bafybeibqo6sij2nxln2lh3l4bhpufkriqsc6vtcni44smmcw2hskahjtxq/
x-ipfs-roots: bafybeibqo6sij2nxln2lh3l4bhpufkriqsc6vtcni44smmcw2hskahjtxq
x-ipfs-pop: ipfs-bank4-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: 2c54092deb8d9924591c32369e8f7aef
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeic6x2fp4tittdgm62ih5upavzl5cd7mfqheybck3e262z3mwy4xpy.ipfs.dweb.link/?filename=popper.js

209.94.90.1

200 OK

19 kB

URL GET HTTP/2
bafybeic6x2fp4tittdgm62ih5upavzl5cd7mfqheybck3e262z3mwy4xpy.ipfs.dweb.link/?filename=popper.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
JavaScript source, ASCII text, with very long lines (19015)
Size
19 kB (19188 bytes)
Hash
70d3fda195602fe8b75e0097eed74dde
c3b977aa4b8dfb69d651e07015031d385ded964b
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /?filename=popper.js HTTP/1.1
Host: bafybeic6x2fp4tittdgm62ih5upavzl5cd7mfqheybck3e262z3mwy4xpy.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Fri, 29 Mar 2024 15:51:46 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="popper.js"; filename*=UTF-8''popper.js
etag: W/"bafybeic6x2fp4tittdgm62ih5upavzl5cd7mfqheybck3e262z3mwy4xpy"
x-ipfs-path: /ipfs/bafybeic6x2fp4tittdgm62ih5upavzl5cd7mfqheybck3e262z3mwy4xpy/
x-ipfs-roots: bafybeic6x2fp4tittdgm62ih5upavzl5cd7mfqheybck3e262z3mwy4xpy
x-ipfs-pop: ipfs-bank3-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: 716b109e3414bb2d93e8024776d8cf41
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/index_files/webfont.js

104.17.64.14

404 Not Found

0 B

URL GET HTTP/2
bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/index_files/webfont.js
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint46:AD:9B:E1:02:E3:A8:FE:9B:E2:86:B5:A1:5C:07:B9:B7:3B:17:14
ValiditySat, 16 Mar 2024 23:28:47 GMT - Fri, 14 Jun 2024 23:28:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WeTransfer
PhishTank	phishing	Other

HTTP Headers

GET /index_files/webfont.js HTTP/1.1
Host: bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Cookie: __cf_bm=7b_3r9UUQFl.j67xgYR4sXGRP4JKB_69SukyNEuusYc-1711727505-1.0.1.1-DifnP1s2O_k4Pj0iJt5mua9rUGuW52uyHkl3lPoGbdBaaBTkebvdUut2.6ectVZ9BxtVhTXwpW4whIYIVMmuFg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Fri, 29 Mar 2024 15:51:46 GMT
content-type: text/plain; charset=utf-8
cf-ray: 86c105f21f6f56c1-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 1
cache-control: no-store
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
x-ipfs-path: /ipfs/bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe/index_files/webfont.js
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/index_files/webfont.js

104.17.64.14

404 Not Found

0 B

URL GET HTTP/2
bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/index_files/webfont.js
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint46:AD:9B:E1:02:E3:A8:FE:9B:E2:86:B5:A1:5C:07:B9:B7:3B:17:14
ValiditySat, 16 Mar 2024 23:28:47 GMT - Fri, 14 Jun 2024 23:28:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WeTransfer
PhishTank	phishing	Other

HTTP Headers

GET /index_files/webfont.js HTTP/1.1
Host: bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Cookie: __cf_bm=7b_3r9UUQFl.j67xgYR4sXGRP4JKB_69SukyNEuusYc-1711727505-1.0.1.1-DifnP1s2O_k4Pj0iJt5mua9rUGuW52uyHkl3lPoGbdBaaBTkebvdUut2.6ectVZ9BxtVhTXwpW4whIYIVMmuFg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Fri, 29 Mar 2024 15:51:45 GMT
content-type: text/plain; charset=utf-8
cf-ray: 86c105eedc1056c1-OSL
cf-cache-status: EXPIRED
access-control-allow-origin: *
cache-control: no-store
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
x-ipfs-path: /ipfs/bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe/index_files/webfont.js
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu.ipfs.dweb.link/?filename=jquery.min.js

209.94.90.1

200 OK

86 kB

URL GET HTTP/2
bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu.ipfs.dweb.link/?filename=jquery.min.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
JavaScript source, ASCII text, with very long lines (32065), with CRLF line terminators
Size
86 kB (85584 bytes)
Hash
bceabde9d4ba653fd1f4bb171bff0c01
c8cdd4f8e91a77cddbc6d9ce8d5f302c52d74b6f
7496a1a9d658f14a47f7ee8dfa70840e47efa61b55b02cda8b316b0fc8dcc2c5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /?filename=jquery.min.js HTTP/1.1
Host: bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Fri, 29 Mar 2024 15:51:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="jquery.min.js"; filename*=UTF-8''jquery.min.js
etag: W/"bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu"
x-ipfs-path: /ipfs/bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu/
x-ipfs-roots: bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu
x-ipfs-pop: ipfs-bank2-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank2-fr2
x-bfid: 07c00a5c532df63109247a7b8d9a5c6c
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/

104.17.64.14

200 OK

48 kB

URL User Request GET HTTP/2
bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com/
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint46:AD:9B:E1:02:E3:A8:FE:9B:E2:86:B5:A1:5C:07:B9:B7:3B:17:14
ValiditySat, 16 Mar 2024 23:28:47 GMT - Fri, 14 Jun 2024 23:28:46 GMT

File type

Size
48 kB (47989 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WeTransfer
PhishTank	phishing	Other

HTTP Headers

GET / HTTP/1.1
Host: bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 15:51:45 GMT
content-type: text/html
cf-ray: 86c105ea6f2156c1-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe/
x-ipfs-roots: bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe
set-cookie: __cf_bm=7b_3r9UUQFl.j67xgYR4sXGRP4JKB_69SukyNEuusYc-1711727505-1.0.1.1-DifnP1s2O_k4Pj0iJt5mua9rUGuW52uyHkl3lPoGbdBaaBTkebvdUut2.6ectVZ9BxtVhTXwpW4whIYIVMmuFg; path=/; expires=Fri, 29-Mar-24 16:21:45 GMT; domain=.bafybeiaabas4oscv5jny2siw3tneukj76jrfebevrvv455vrlblicqqyoe.ipfs.cf-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by