Report - bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/

Report Overview

Submitted URL
bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
IP
172.64.146.87
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-25 17:09:26
Access
public
Website Title
Webmail :: Welcome to Webmail
Final URL
bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Tags
phishing suspicious
urlquery detections
Phishing - Generic phishing
Suspicious - Anti-debugging code

Detections

urlquery
6
Network Intrusion Detection
10
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
bafybeidf5fw6gmcl7xh3ytqn53u7vmg2cfhynrbmhkwhxvcizz5rtdbyxq.ipfs.w3s.link	unknown	2022-06-27	2022-11-20	2024-03-27	547 B	10 kB	172.64.146.87
bafybeibusvqm3e73ahgyhttqud3p3vhxaqh5fbtftjgibzsjegsprsulx4.ipfs.w3s.link	unknown	2022-06-27	2022-11-20	2024-04-17	544 B	10 kB	172.64.146.87
bafybeig5evukk2lmpa2bdjinbdd6bgqonnqhx7xvqbkbrlqiy4v3vv5n5u.ipfs.w3s.link	unknown	2022-06-27	2022-11-20	2024-04-13	1.1 kB	31 kB	172.64.146.87
bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.dweb.link	unknown	2017-02-24	2023-04-03	2023-09-02	536 B	1.0 kB	209.94.90.3
bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.dweb.link	unknown	2017-02-24	2023-04-03	2024-04-14	1.1 kB	1.7 kB	209.94.90.3
bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link	unknown	2022-06-27	2022-11-22	2023-10-14	1.1 kB	23 kB	172.64.146.87
bafybeihbjgeaixczn7cx54jxs55tothzeaururwppolrtid7agdsbvhupm.ipfs.w3s.link	unknown	2022-06-27	2022-11-20	2024-04-17	1.1 kB	282 kB	172.64.146.87
bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link	unknown	2022-06-27	2022-11-20	2024-04-17	2.2 kB	62 kB	172.64.146.87
csp-report-to.web3.storage	unknown	2021-06-01	2023-01-04	2024-04-10	1.1 kB	480 B	54.186.62.60

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-25 17:09:01	low	Client IP	172.64.146.87	ET HUNTING Observed IPFS Gateway Domain (ipfs .w3s .link) in TLS SNI
2024-04-25 17:09:02	low	Client IP	104.18.41.169	ET HUNTING Observed IPFS Gateway Domain (ipfs .w3s .link) in TLS SNI
2024-04-25 17:09:02	low	Client IP	104.18.41.169	ET HUNTING Observed IPFS Gateway Domain (ipfs .w3s .link) in TLS SNI
2024-04-25 17:09:02	low	Client IP	172.64.146.87	ET HUNTING Observed IPFS Gateway Domain (ipfs .w3s .link) in TLS SNI
2024-04-25 17:09:02	low	Client IP	172.64.146.87	ET HUNTING Observed IPFS Gateway Domain (ipfs .w3s .link) in TLS SNI
2024-04-25 17:09:02	low	Client IP	172.64.146.87	ET HUNTING Observed IPFS Gateway Domain (ipfs .w3s .link) in TLS SNI
2024-04-25 17:09:02	low	Client IP	172.64.146.87	ET HUNTING Observed IPFS Gateway Domain (ipfs .w3s .link) in TLS SNI
2024-04-25 17:09:02	low	Client IP	172.64.146.87	ET HUNTING Observed IPFS Gateway Domain (ipfs .w3s .link) in TLS SNI
2024-04-25 17:09:03	low	Client IP	209.94.90.3	ET HUNTING Observed IPFS Gateway Domain (ipfs .dweb .link) in TLS SNI
2024-04-25 17:09:04	low	Client IP	209.94.90.2	ET HUNTING Observed IPFS Gateway Domain (ipfs .dweb .link) in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/	Webmail Providers
2024-04-25	medium	bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/	Webmail Providers

PhishTank

Scan Date	Severity	Indicator	Alert
2022-11-22	medium	bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/evergageSmall.min.js.download	Other
2022-11-22	medium	bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/	51 B	2023-03-07	2024-05-03
Pretty URL bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/ IP 172.64.146.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:41:24 Last Seen2024-05-03 07:38:58 Times Seen526 Hash 994d8c35b5729da87f7815cc88fd2965 edd87d74fceabf435ef1c52e4cbf4def707d86e5 153e05b86ab38f992fef28c3671a8658290adae818a9d06199d4ea81504a93ec Loading...

	bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/	663 B	2023-03-08	2024-05-03
Pretty URL bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/ IP 172.64.146.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:37:18 Last Seen2024-05-03 07:38:58 Times Seen501 Hash b7f1c925769f851de4de96d01d6a1f53 fbde05394eb6e2fbf71252bb5af8fb7d9a78a8f3 16deef6367cf47acf785a76cccdb4112e84ce13b639cdf285b23739cdaed6738 Loading...

	bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/	1.0 kB	2023-03-09	2024-05-03
Pretty URL bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/ IP 172.64.146.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 10:19:05 Last Seen2024-05-03 07:38:58 Times Seen504 Hash 30aaf650078219592a093f0aaa53c929 3bce98a55c50c23ecc9cf0dc69552fe33e494c65 d4aee2baecd9c39755f6f333b98b262137551a50256bc5a603edb31c332d1cee Loading...

	bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/	22 kB	2023-03-09	2024-04-25
Pretty URL bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/ IP 172.64.146.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 10:19:05 Last Seen2024-04-25 19:09:27 Times Seen11 Hash 96a817c39a40658c2d29ad60f438daba dc227cbcea9b7febc42253fd83daec8a08152804 d1078dee868354ee4eb5ffc19365faf6544b8513f7635137a15228e065ddb353 Loading...

HTTP Transactions (17)

URL IP Response Size

bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/evergageSmall.min.js.download

172.64.146.87

307 Temporary Redirect

0 B

URL GET HTTP/2
bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/evergageSmall.min.js.download
IP
172.64.146.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Certificate
IssuerCloudflare, Inc.
Subjectw3s.link
FingerprintF0:61:BA:8C:26:BF:F4:1E:58:01:8D:72:FD:EE:3A:4D:2B:07:5E:C4
ValiditySat, 17 Jun 2023 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Webmail Providers
PhishTank	phishing	Other

HTTP Headers

GET /evergageSmall.min.js.download HTTP/1.1
Host: bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 307 Temporary Redirect
date: Thu, 25 Apr 2024 17:09:03 GMT
content-length: 0
location: https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.dweb.link/evergageSmall.min.js.download
access-control-allow-origin: *
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=594
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ff044583b5699-OSL
X-Firefox-Spdy: h2

csp-report-to.web3.storage/

54.186.62.60

200 OK

55 B

URL POST HTTP/2
csp-report-to.web3.storage/
IP
54.186.62.60:443
ASN
#16509 AMAZON-02

Requested by
https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Certificate
IssuerAmazon
Subjectcsp-report-to.web3.storage
Fingerprint68:F3:6F:3A:B4:6C:00:CB:8A:E6:61:29:F4:EC:88:0A:23:A0:B0:4C
ValidityMon, 04 Dec 2023 00:00:00 GMT - Thu, 02 Jan 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
55 B (55 bytes)
Hash
5f8fd72b748fee7891453a75ebcf364d
61b39f4458ccb9daf5a8449bef171bd6f7a32e31
5cdafcdd04812bb85f24bd1d480ef9c2cfa6b482afea8338d01d6fe9b0b9b2f3

HTTP Headers

POST / HTTP/1.1
Host: csp-report-to.web3.storage
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 906
Origin: https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:09:03 GMT
content-type: text/plain
content-length: 55
access-control-allow-origin: *
apigw-requestid: Wysncjp_vHcESBQ=
X-Firefox-Spdy: h2

bafybeidf5fw6gmcl7xh3ytqn53u7vmg2cfhynrbmhkwhxvcizz5rtdbyxq.ipfs.w3s.link/styles.min.css

172.64.146.87

200 OK

9.2 kB

URL GET HTTP/2
bafybeidf5fw6gmcl7xh3ytqn53u7vmg2cfhynrbmhkwhxvcizz5rtdbyxq.ipfs.w3s.link/styles.min.css
IP
172.64.146.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Certificate
IssuerCloudflare, Inc.
Subjectw3s.link
FingerprintF0:61:BA:8C:26:BF:F4:1E:58:01:8D:72:FD:EE:3A:4D:2B:07:5E:C4
ValiditySat, 17 Jun 2023 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
9.2 kB (9201 bytes)
Hash
e032b2ee4c0341edb148a1ce3091cc81
5d0f013f9116f028454f10aecf1fd8db46520287
4d548c1d12aa8c724592cb0b3a0d6e647a594f14e0835ba97861ee2cbc6f1946

HTTP Headers

GET /styles.min.css HTTP/1.1
Host: bafybeidf5fw6gmcl7xh3ytqn53u7vmg2cfhynrbmhkwhxvcizz5rtdbyxq.ipfs.w3s.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:09:04 GMT
content-type: text/css
cf-ray: 879ff044687b5699-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreih345c7d7xfo4leet44fbessdxomvezsoefstmldmj6owqkh2gl24"
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=1289
x-dotstorage-anchor: 889eb602a9546b388907feece6bd30c074efa6eb4dbc293f5ad8832182c72f14
x-dotstorage-resolution-id: https://freeway.dag.haus
x-dotstorage-resolution-layer: dotstorage-race
x-freeway-version: 2.15.0
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

csp-report-to.web3.storage/

54.186.62.60

200 OK

55 B

URL POST HTTP/2
csp-report-to.web3.storage/
IP
54.186.62.60:443
ASN
#16509 AMAZON-02

Requested by
https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Certificate
IssuerAmazon
Subjectcsp-report-to.web3.storage
Fingerprint68:F3:6F:3A:B4:6C:00:CB:8A:E6:61:29:F4:EC:88:0A:23:A0:B0:4C
ValidityMon, 04 Dec 2023 00:00:00 GMT - Thu, 02 Jan 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
55 B (55 bytes)
Hash
0572244e15c939a2450550c223cad972
abb8bb1d81ffcd7029acf8f406dcb63ac201056b
62aa29b4b4adddb1d3e8b0315633438287125d3961ebdbe64c2da61074084e98

HTTP Headers

POST / HTTP/1.1
Host: csp-report-to.web3.storage
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 868
Origin: https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:09:04 GMT
content-type: text/plain
content-length: 55
access-control-allow-origin: *
apigw-requestid: Wysnngp3PHcESvg=
X-Firefox-Spdy: h2

bafybeibusvqm3e73ahgyhttqud3p3vhxaqh5fbtftjgibzsjegsprsulx4.ipfs.w3s.link/desktop.css

172.64.146.87

200 OK

9.2 kB

URL GET HTTP/2
bafybeibusvqm3e73ahgyhttqud3p3vhxaqh5fbtftjgibzsjegsprsulx4.ipfs.w3s.link/desktop.css
IP
172.64.146.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Certificate
IssuerCloudflare, Inc.
Subjectw3s.link
FingerprintF0:61:BA:8C:26:BF:F4:1E:58:01:8D:72:FD:EE:3A:4D:2B:07:5E:C4
ValiditySat, 17 Jun 2023 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
9.2 kB (9174 bytes)
Hash
9e824f3770f5a186b34368dc6ce20dc6
93166372ea95387edfdc5d1656c00e43fc11af44
7702826c36a9ce5672a4b0f5467f1b3da00df1b1ed3c09e865426524bd62f7d4

HTTP Headers

GET /desktop.css HTTP/1.1
Host: bafybeibusvqm3e73ahgyhttqud3p3vhxaqh5fbtftjgibzsjegsprsulx4.ipfs.w3s.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:09:04 GMT
content-type: text/css
cf-ray: 879ff04478895699-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreicto2m5ftkxf53lv4lvuwmaieli6kclafxsnkpjjtlrlr57sxoxyu"
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=1479
x-dotstorage-anchor: fa0e17c7b032804a4760c5607b1cf2f3042b0b447ec419b6815a58dcff979267
x-dotstorage-resolution-id: https://freeway.dag.haus
x-dotstorage-resolution-layer: dotstorage-race
x-freeway-version: 2.15.0
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeig5evukk2lmpa2bdjinbdd6bgqonnqhx7xvqbkbrlqiy4v3vv5n5u.ipfs.w3s.link/jquery-ui.css

172.64.146.87

200 OK

9.4 kB

URL GET HTTP/2
bafybeig5evukk2lmpa2bdjinbdd6bgqonnqhx7xvqbkbrlqiy4v3vv5n5u.ipfs.w3s.link/jquery-ui.css
IP
172.64.146.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Certificate
IssuerCloudflare, Inc.
Subjectw3s.link
FingerprintF0:61:BA:8C:26:BF:F4:1E:58:01:8D:72:FD:EE:3A:4D:2B:07:5E:C4
ValiditySat, 17 Jun 2023 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
9.4 kB (9433 bytes)
Hash
72ce9f0130dea60a169102e5faaa3773
cb8f9554456c69cc139e325c5a97484119f9a4bc
383f6a55fd843b68de2b6e8ed5fa1e091484f82320c195bf411825bc681ccce0

HTTP Headers

GET /jquery-ui.css HTTP/1.1
Host: bafybeig5evukk2lmpa2bdjinbdd6bgqonnqhx7xvqbkbrlqiy4v3vv5n5u.ipfs.w3s.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:09:03 GMT
content-type: text/css
cf-ray: 879ff04478875699-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreie6nixuk7s4bslbtircnpndglg7rsxcbpm5xardi5ig4bcimgth5y"
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=1057
x-dotstorage-anchor: bd3b4483866df2df1847df0242b10541dd6897ed7c73cb7094dfdb739713ee43
x-dotstorage-resolution-id: https://freeway.dag.haus
x-dotstorage-resolution-layer: dotstorage-race
x-freeway-version: 2.15.0
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/

172.64.146.87

200 OK

21 kB

URL User Request GET HTTP/2
bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
IP
172.64.146.87:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectw3s.link
FingerprintF0:61:BA:8C:26:BF:F4:1E:58:01:8D:72:FD:EE:3A:4D:2B:07:5E:C4
ValiditySat, 17 Jun 2023 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (7824)
Size
21 kB (20992 bytes)
Hash
76e9c12a071de3cb1f51131ef0555e52
c8a1a3cbe670970a5b6b2a8386a2d969879c9fcd
fbe890049018e7791789c392a6cb70422e0b41a6a300fc29e4c1e8d15e652b5d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic phishing
urlquery	suspicious	Suspicious - Anti-debugging code
OpenPhish	phishing	Webmail Providers
PhishTank	phishing	Other

HTTP Headers

GET / HTTP/1.1
Host: bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:09:02 GMT
content-type: text/html
cf-ray: 879ff039bd075699-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreiappreokfm2rvzarbstsjvlnfu2woord2urj4zh4okohsecekxbya"
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=1507
x-dotstorage-anchor: 570295d05dfb00ebba1e7a7a776982cba984af6a11e59e3fa8836cba1ae18e06
x-dotstorage-resolution-id: https://freeway.dag.haus
x-dotstorage-resolution-layer: dotstorage-race
x-freeway-version: 2.15.0
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.dweb.link/evergageSmall.min.js.download

209.94.90.3

404 Not Found

137 B

URL GET HTTP/2
bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.dweb.link/evergageSmall.min.js.download
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type
ASCII text
Size
137 B (137 bytes)
Hash
9f792c02e663c4a1b6beb4d70bc19c39
ca559cbe2605c701ea21055bafeafc07ce93848c
3e004d419235790c907de69791f81f09b17943235dbf7eb03ad47e6317d61f3e

HTTP Headers

GET /evergageSmall.min.js.download HTTP/1.1
Host: bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Thu, 25 Apr 2024 17:09:03 GMT
content-type: text/plain; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-content-type-options: nosniff
x-ipfs-path: /ipfs/bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym/evergageSmall.min.js.download
x-ipfs-pop: rainbow-am6-02
cf-cache-status: EXPIRED
set-cookie: __cflb=02DiuEDHAowr6TYPaRoVT4z8NBA6KZwruPi77LjTGvArp; SameSite=None; Secure; path=/; expires=Fri, 26-Apr-24 16:09:03 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ff049492e568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bafybeig5evukk2lmpa2bdjinbdd6bgqonnqhx7xvqbkbrlqiy4v3vv5n5u.ipfs.w3s.link/jquery-ui.css

172.64.146.87

200 OK

19 kB

URL GET HTTP/2
bafybeig5evukk2lmpa2bdjinbdd6bgqonnqhx7xvqbkbrlqiy4v3vv5n5u.ipfs.w3s.link/jquery-ui.css
IP
172.64.146.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Certificate
IssuerCloudflare, Inc.
Subjectw3s.link
FingerprintF0:61:BA:8C:26:BF:F4:1E:58:01:8D:72:FD:EE:3A:4D:2B:07:5E:C4
ValiditySat, 17 Jun 2023 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
19 kB (19017 bytes)
Hash
28b8728001e8dc0205b37bed0579d307
ee6c08fa9022acdd46c9282daf46e7d934c4929a
4d5e9da2e8da6a34fdbb9a43b282e9b7725816009725f10ecade3a1953205485

HTTP Headers

GET /jquery-ui.css HTTP/1.1
Host: bafybeig5evukk2lmpa2bdjinbdd6bgqonnqhx7xvqbkbrlqiy4v3vv5n5u.ipfs.w3s.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:09:04 GMT
content-type: text/css
cf-ray: 879ff044686b5699-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreie6nixuk7s4bslbtircnpndglg7rsxcbpm5xardi5ig4bcimgth5y"
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=1463
x-dotstorage-anchor: bd3b4483866df2df1847df0242b10541dd6897ed7c73cb7094dfdb739713ee43
x-dotstorage-resolution-id: https://freeway.dag.haus
x-dotstorage-resolution-layer: dotstorage-race
x-freeway-version: 2.15.0
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeihbjgeaixczn7cx54jxs55tothzeaururwppolrtid7agdsbvhupm.ipfs.w3s.link/framework.css

172.64.146.87

200 OK

140 kB

URL GET HTTP/2
bafybeihbjgeaixczn7cx54jxs55tothzeaururwppolrtid7agdsbvhupm.ipfs.w3s.link/framework.css
IP
172.64.146.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Certificate
IssuerCloudflare, Inc.
Subjectw3s.link
FingerprintF0:61:BA:8C:26:BF:F4:1E:58:01:8D:72:FD:EE:3A:4D:2B:07:5E:C4
ValiditySat, 17 Jun 2023 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
ASCII text
Size
140 kB (139852 bytes)
Hash
ffc234e210c2e924f00ada4401d6938a
3e41f5d097f2b1d734beabe657203850b915f942
fae44f1c34d84b05c87be946f754356f1d8659b0f295add5a7fea26dbf145ab4

HTTP Headers

GET /framework.css HTTP/1.1
Host: bafybeihbjgeaixczn7cx54jxs55tothzeaururwppolrtid7agdsbvhupm.ipfs.w3s.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:09:04 GMT
content-type: text/css
cf-ray: 879ff04488b25699-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreih24rhryngyjmc4q67ji33vinlpdwdftmhssww5lj76ujw36fc2wq"
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=1387
x-dotstorage-anchor: cc6588b805a52443e1f0fab296221c95ef842b32d4b2b05512b92896ba010fc9
x-dotstorage-resolution-id: https://freeway.dag.haus
x-dotstorage-resolution-layer: dotstorage-race
x-freeway-version: 2.15.0
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeihbjgeaixczn7cx54jxs55tothzeaururwppolrtid7agdsbvhupm.ipfs.w3s.link/framework.css

172.64.146.87

200 OK

140 kB

URL GET HTTP/2
bafybeihbjgeaixczn7cx54jxs55tothzeaururwppolrtid7agdsbvhupm.ipfs.w3s.link/framework.css
IP
172.64.146.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Certificate
IssuerCloudflare, Inc.
Subjectw3s.link
FingerprintF0:61:BA:8C:26:BF:F4:1E:58:01:8D:72:FD:EE:3A:4D:2B:07:5E:C4
ValiditySat, 17 Jun 2023 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
ASCII text
Size
140 kB (139852 bytes)
Hash
ffc234e210c2e924f00ada4401d6938a
3e41f5d097f2b1d734beabe657203850b915f942
fae44f1c34d84b05c87be946f754356f1d8659b0f295add5a7fea26dbf145ab4

HTTP Headers

GET /framework.css HTTP/1.1
Host: bafybeihbjgeaixczn7cx54jxs55tothzeaururwppolrtid7agdsbvhupm.ipfs.w3s.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:09:03 GMT
content-type: text/css
cf-ray: 879ff04488b15699-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreih24rhryngyjmc4q67ji33vinlpdwdftmhssww5lj76ujw36fc2wq"
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=1065
x-dotstorage-anchor: cc6588b805a52443e1f0fab296221c95ef842b32d4b2b05512b92896ba010fc9
x-dotstorage-resolution-id: https://freeway.dag.haus
x-dotstorage-resolution-layer: dotstorage-race
x-freeway-version: 2.15.0
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.dweb.link/images/logo_2.png

209.94.90.3

404 Not Found

0 B

URL GET HTTP/3
bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.dweb.link/images/logo_2.png
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/logo_2.png HTTP/1.1
Host: bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 17:09:04 GMT
content-type: text/plain; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-content-type-options: nosniff
x-ipfs-path: /ipfs/bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey/images/logo_2.png
x-ipfs-pop: rainbow-am6-02
cf-cache-status: EXPIRED
set-cookie: __cflb=0H28v9H4u6qsawHYTF1FbaZbjH9KPSdWMQPc6fd4F4g; SameSite=None; Secure; path=/; expires=Fri, 26-Apr-24 16:09:04 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ff050b853712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link/images/logo_2.png

172.64.146.87

307 Temporary Redirect

0 B

URL GET HTTP/2
bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link/images/logo_2.png
IP
172.64.146.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Certificate
IssuerCloudflare, Inc.
Subjectw3s.link
FingerprintF0:61:BA:8C:26:BF:F4:1E:58:01:8D:72:FD:EE:3A:4D:2B:07:5E:C4
ValiditySat, 17 Jun 2023 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/logo_2.png HTTP/1.1
Host: bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link/xdesktop.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
date: Thu, 25 Apr 2024 17:09:04 GMT
content-length: 0
location: https://bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.dweb.link/images/logo_2.png
access-control-allow-origin: *
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=368
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ff04e4b155699-OSL
X-Firefox-Spdy: h2

bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link/xdesktop.css

172.64.146.87

200 OK

29 kB

URL GET HTTP/2
bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link/xdesktop.css
IP
172.64.146.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Certificate
IssuerCloudflare, Inc.
Subjectw3s.link
FingerprintF0:61:BA:8C:26:BF:F4:1E:58:01:8D:72:FD:EE:3A:4D:2B:07:5E:C4
ValiditySat, 17 Jun 2023 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
ASCII text
Size
29 kB (28887 bytes)
Hash
6597a7cb410aaae59666563cf3a3420d
4b5861bf0a82f478b72cbe93fd8facb59b42fb02
da78c7fdec13d5db31d388f7695ddf218c9af00a505899d2d416f2e31e3c48f7

HTTP Headers

GET /xdesktop.css HTTP/1.1
Host: bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:09:03 GMT
content-type: text/css
cf-ray: 879ff04488ae5699-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreig2pdd733at2xntdu4i65uv3xzbrsnpacsqlcm5fvaw6lrr4pci64"
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=1126
x-dotstorage-anchor: 5c08774bdc1f7b6a693c809df268323c30075b305b7e492d619c94f22d9c5184
x-dotstorage-resolution-id: https://freeway.dag.haus
x-dotstorage-resolution-layer: dotstorage-race
x-freeway-version: 2.15.0
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link/images/logo_1.png

172.64.146.87

307 Temporary Redirect

0 B

URL GET HTTP/2
bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link/images/logo_1.png
IP
172.64.146.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Certificate
IssuerCloudflare, Inc.
Subjectw3s.link
FingerprintF0:61:BA:8C:26:BF:F4:1E:58:01:8D:72:FD:EE:3A:4D:2B:07:5E:C4
ValiditySat, 17 Jun 2023 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/logo_1.png HTTP/1.1
Host: bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link/xdesktop.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
date: Thu, 25 Apr 2024 17:09:04 GMT
content-length: 0
location: https://bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.dweb.link/images/logo_1.png
access-control-allow-origin: *
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=328
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ff04e4b185699-OSL
X-Firefox-Spdy: h2

bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.dweb.link/images/logo_1.png

209.94.90.3

404 Not Found

0 B

URL GET HTTP/3
bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.dweb.link/images/logo_1.png
IP
209.94.90.3:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintF6:88:14:38:C6:3C:1C:FC:F0:D3:23:B2:F2:72:50:9D:5C:DC:BE:D2
ValidityTue, 16 Apr 2024 16:54:22 GMT - Mon, 15 Jul 2024 16:54:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/logo_1.png HTTP/1.1
Host: bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 17:09:04 GMT
content-type: text/plain; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-content-type-options: nosniff
x-ipfs-path: /ipfs/bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey/images/logo_1.png
x-ipfs-pop: rainbow-am6-02
cf-cache-status: EXPIRED
set-cookie: __cflb=0H28v9H4u6qsawHYTF1FbaZbjH9KPSdWMQPc6fd4F4g; SameSite=None; Secure; path=/; expires=Fri, 26-Apr-24 16:09:04 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ff0508821712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link/xdesktop.css

172.64.146.87

200 OK

29 kB

URL GET HTTP/2
bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link/xdesktop.css
IP
172.64.146.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Certificate
IssuerCloudflare, Inc.
Subjectw3s.link
FingerprintF0:61:BA:8C:26:BF:F4:1E:58:01:8D:72:FD:EE:3A:4D:2B:07:5E:C4
ValiditySat, 17 Jun 2023 00:00:00 GMT - Sun, 16 Jun 2024 23:59:59 GMT

File type
ASCII text
Size
29 kB (28887 bytes)
Hash
6597a7cb410aaae59666563cf3a3420d
4b5861bf0a82f478b72cbe93fd8facb59b42fb02
da78c7fdec13d5db31d388f7695ddf218c9af00a505899d2d416f2e31e3c48f7

HTTP Headers

GET /xdesktop.css HTTP/1.1
Host: bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeib7qftc7bgvhkdew2purmpqalnn2knkwefxjdgeuskqd5spht4jym.ipfs.w3s.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:09:04 GMT
content-type: text/css
cf-ray: 879ff04488af5699-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreig2pdd733at2xntdu4i65uv3xzbrsnpacsqlcm5fvaw6lrr4pci64"
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=1391
x-dotstorage-anchor: 5c08774bdc1f7b6a693c809df268323c30075b305b7e492d619c94f22d9c5184
x-dotstorage-resolution-id: https://freeway.dag.haus
x-dotstorage-resolution-layer: dotstorage-race
x-freeway-version: 2.15.0
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (17)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL POST HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type