Report - cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm

Report Overview

Submitted URL
cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
IP
104.17.96.13
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-17 16:02:27
Access
public
Website Title
cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Final URL
cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Tags
wetransfer phishing financial
urlquery detections
Phishing - WeTransfer
Phishing - Generic phishing

Detections

urlquery
14
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
bafybeihzk3r5vvkorkyw6yhdrq6ybyddsqbstgcv563nc4kooxaup7lqee.ipfs.dweb.link	unknown	2017-02-24	2023-07-02	2024-03-19	502 B	12 kB	209.94.90.1
bafybeibti4iinvd5b2p775563ygtudzqktihggrtnksbmphezza3hn4eoi.ipfs.dweb.link	unknown	2017-02-24	2023-07-02	2024-03-17	490 B	23 kB	209.94.90.1
bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona.ipfs.dweb.link	unknown	2017-02-24	2023-07-02	2024-03-25	504 B	30 kB	209.94.90.1
bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu.ipfs.dweb.link	unknown	2017-02-24	2023-06-29	2024-03-25	478 B	87 kB	209.94.90.1
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-17	477 B	7.2 kB	104.17.24.14
bafybeicarifyatgz3sd2cfgucp3bo5bddjyou7vevbvy3bd5epwtmbyu3y.ipfs.dweb.link	unknown	2017-02-24	2023-07-02	2024-04-05	506 B	8.0 kB	209.94.90.1
bafybeibqo6sij2nxln2lh3l4bhpufkriqsc6vtcni44smmcw2hskahjtxq.ipfs.dweb.link	unknown	2017-02-24	2023-07-02	2024-03-17	474 B	88 kB	209.94.90.1
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-17	418 B	24 kB	151.101.2.137
cloudflare-ipfs.com	75147	2018-05-30	2021-01-20	2024-03-15	1.9 kB	16 kB	104.17.96.13
bafybeihtdqp4mpo54jpiwxw4kaxtsv2eg7vfbtauaky25f4lelnwd542pm.ipfs.dweb.link	unknown	2017-02-24	2023-07-01	2024-04-12	493 B	7.0 kB	209.94.90.1
i.postimg.cc	23840	2016-06-11	2018-04-11	2024-04-16	1.3 kB	159 kB	162.19.88.68
bafybeic6x2fp4tittdgm62ih5upavzl5cd7mfqheybck3e262z3mwy4xpy.ipfs.dweb.link	unknown	2017-02-24	2023-07-02	2024-03-17	486 B	8.3 kB	209.94.90.1
bafybeicpmxcovgwlyxv4eqnea4eikta2zqxrymbkggdyjaredhcaatcc5a.ipfs.dweb.link	unknown	2017-02-24	2023-07-02	2024-03-19	507 B	17 kB	209.94.90.1
dweb.link	unknown	2017-02-24	2017-06-27	2024-03-28	4.2 kB	20 kB	209.94.90.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-17	medium	cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm	WeTransfer

PhishTank

Scan Date	Severity	Indicator	Alert
2023-07-24	medium	cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm	Other
2023-05-02	medium	cloudflare-ipfs.com/ipfs/index_files/webfont.js	Other
2023-05-02	medium	cloudflare-ipfs.com/ipfs/index_files/webfont.js	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.2.1.slim.min.js	70 kB	2023-03-07	2024-04-30
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-04-30 15:29:46 Times Seen107050 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm	131 B	2023-06-15	2024-04-23
Pretty URL cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-15 06:44:28 Last Seen2024-04-23 18:47:16 Times Seen152 Hash 0acbc88ef714509336f1a12c34927b89 27f92a58e72f7b8b7dcc98283a3d84277f753193 3112d0f83f1cb864b160f55536b3c38d2648f142db0f5eeb629e9540d30f4d81 Loading...

	bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu.ipfs.dweb.link/?filename=jquery.min.js	86 kB	2023-03-07	2024-04-27
Pretty URL bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu.ipfs.dweb.link/?filename=jquery.min.js IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-27 04:20:01 Times Seen891 Hash bceabde9d4ba653fd1f4bb171bff0c01 c8cdd4f8e91a77cddbc6d9ce8d5f302c52d74b6f 7496a1a9d658f14a47f7ee8dfa70840e47efa61b55b02cda8b316b0fc8dcc2c5 Loading...

	cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm	4.1 kB	2023-07-25	2024-04-17
Pretty URL cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-25 08:37:29 Last Seen2024-04-17 18:02:27 Times Seen19 Hash f5ac25ae1bff8a16575a2a326bc03e0a 453b63aca3540b8b32330fe6417b0cf0f775964f 35b2d2f92b31db3cf05991a7a70c72cd97a1d91aa576a7867e8ea444607aa30f Loading...

	dweb.link/ipfs/QmRbr6GPmMaXViCSY6fErfB14WWdCMBESyRzTPdk6VvjDu?filename=jquery.js	87 kB	2023-03-07	2024-04-30
Pretty URL dweb.link/ipfs/QmRbr6GPmMaXViCSY6fErfB14WWdCMBESyRzTPdk6VvjDu?filename=jquery.js IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-30 16:48:57 Times Seen107126 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	dweb.link/ipfs/QmUiVYsNJuaBoCQ1hYeQE8uXVu6LwDSEBUuA3PxKe7zUFX?filename=popper.js	19 kB	2023-03-07	2024-04-30
Pretty URL dweb.link/ipfs/QmUiVYsNJuaBoCQ1hYeQE8uXVu6LwDSEBUuA3PxKe7zUFX?filename=popper.js IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-30 15:29:46 Times Seen112713 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	dweb.link/ipfs/QmRnpMNJrtmXUfNwYvar6xWLQJxUs65hDtHZUHQfowNRCm?filename=sweetalert.js	41 kB	2023-03-07	2024-04-30
Pretty URL dweb.link/ipfs/QmRnpMNJrtmXUfNwYvar6xWLQJxUs65hDtHZUHQfowNRCm?filename=sweetalert.js IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:31 Last Seen2024-04-30 08:15:18 Times Seen7436 Hash f3b8ce97ff6ce324da6232da353adf40 2a3daabc70232c6350ab48d32605dc4a6ac1f1fa 2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b Loading...

	cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm	627 B	2023-03-07	2024-04-29
Pretty URL cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-29 19:07:27 Times Seen515 Hash f8ecd4d7fd8da5baf55337d6790e0fac d6e502a27fe637b7f06df2d4ca39670e0a5c4bc0 5ab917714cb496bdba1ad47213a9aabd9147bba19c7eff0ddf7e46b4aa1ec1e7 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 4d12a11d93617efa27441f47869d156d	401 B	2023-03-07	2024-04-29
Pretty Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-29 19:07:27 Times Seen634 Hash 4d12a11d93617efa27441f47869d156d 70dd822485874fe16f334468bfffe5dad153abbd 91c16639d04eaf68a0a87c022519be74068014b8ace744930ec7727afa2fa41d Loading...

HTTP Transactions (26)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

104.17.24.14

200 OK

6.2 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (19015)
Size
6.2 kB (6157 bytes)
Hash
70d3fda195602fe8b75e0097eed74dde
c3b977aa4b8dfb69d651e07015031d385ded964b
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

HTTP Headers

GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cloudflare-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 583483
expires: Mon, 07 Apr 2025 16:02:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FC3%2B%2BjOKqk0dXFyfLZSumJ%2Fo8gDWwiFbF6iZIZQBP0OOUWAu8RHabG%2BHjsXjBbK0tfCnsSVzEC0b4nFe76JhnSJ0JuqInt6X3793USvFjHAyxgx7PqLD7AwTDE7imS9mbT7OVahL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875da3179dc6abd2-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dweb.link/ipfs/Qmf7y59RuutyHLhsgQXGDBWGohxMZPfeU4M6ZiVDSC7bma?filename=animate.css

209.94.90.1

301 Moved Permanently

139 B

URL GET HTTP/2
dweb.link/ipfs/Qmf7y59RuutyHLhsgQXGDBWGohxMZPfeU4M6ZiVDSC7bma?filename=animate.css
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text
Size
139 B (139 bytes)
Hash
439db0545a713f00e13cf46233762444
d97e378824f29b648e291074e7a90e8d147345c0
775f99362336dab691a84e0726ce0e8e5a5be1b91c36fc650a9cdade9df32689

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /ipfs/Qmf7y59RuutyHLhsgQXGDBWGohxMZPfeU4M6ZiVDSC7bma?filename=animate.css HTTP/1.1
Host: dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: openresty
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: text/html; charset=utf-8
content-length: 139
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
location: https://bafybeihzk3r5vvkorkyw6yhdrq6ybyddsqbstgcv563nc4kooxaup7lqee.ipfs.dweb.link/?filename=animate.css
x-ipfs-pop: ipfs-bank2-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank2-fr2
x-bfid: 5da5bf96576900b729c1ac363642bf28
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
X-Firefox-Spdy: h2

dweb.link/ipfs/QmSgatZddgpVbC7qiSzcy7TRTe24FKvADHfP4psTqZthyP?filename=logo.jpg

209.94.90.1

301 Moved Permanently

136 B

URL GET HTTP/2
dweb.link/ipfs/QmSgatZddgpVbC7qiSzcy7TRTe24FKvADHfP4psTqZthyP?filename=logo.jpg
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text
Size
136 B (136 bytes)
Hash
f7ed76f13dde1eadd25e1dde15d0380a
41522f8bcbfa2395a055dd1584c74ce0c9c8c54f
72b6c396f56cdd464c726591c1c6a45f3c26b1b8793579481c6f5e885d4ea54f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /ipfs/QmSgatZddgpVbC7qiSzcy7TRTe24FKvADHfP4psTqZthyP?filename=logo.jpg HTTP/1.1
Host: dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
server: openresty
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: text/html; charset=utf-8
content-length: 136
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
location: https://bafybeicarifyatgz3sd2cfgucp3bo5bddjyou7vevbvy3bd5epwtmbyu3y.ipfs.dweb.link/?filename=logo.jpg
x-ipfs-pop: ipfs-bank2-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank2-fr2
x-bfid: 84e905bf3e05241b37af54bbe55f9c69
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
X-Firefox-Spdy: h2

dweb.link/ipfs/QmRnpMNJrtmXUfNwYvar6xWLQJxUs65hDtHZUHQfowNRCm?filename=sweetalert.js

209.94.90.1

301 Moved Permanently

141 B

URL GET HTTP/2
dweb.link/ipfs/QmRnpMNJrtmXUfNwYvar6xWLQJxUs65hDtHZUHQfowNRCm?filename=sweetalert.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text
Size
141 B (141 bytes)
Hash
e328380da6be36d4ee1bb6eecba270f4
40e6e3dc2f6890b3974e930176050b3f412cc4ae
4bcac744b173f98145329cb8f1d7958ff01941e06cf97b1cd9443d94f47f13c1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /ipfs/QmRnpMNJrtmXUfNwYvar6xWLQJxUs65hDtHZUHQfowNRCm?filename=sweetalert.js HTTP/1.1
Host: dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
server: openresty
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: text/html; charset=utf-8
content-length: 141
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
location: https://bafybeibti4iinvd5b2p775563ygtudzqktihggrtnksbmphezza3hn4eoi.ipfs.dweb.link/?filename=sweetalert.js
x-ipfs-pop: ipfs-bank3-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank2-fr2
x-bfid: e4b3cd2d7b298bef73c985d3beb95358
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: EXPIRED
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.2.1.slim.min.js

151.101.2.137

200 OK

24 kB

URL GET HTTP/2
code.jquery.com/jquery-3.2.1.slim.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32012)
Size
24 kB (23856 bytes)
Hash
5f48fc77cac90c4778fa24ec9c57f37d
9e89d1515bc4c371b86f4cb1002fd8e377c1829f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

HTTP Headers

GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-10fdd"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 17 Apr 2024 16:02:01 GMT
age: 839854
x-served-by: cache-lga21963-LGA, cache-hel1410032-HEL
x-cache: HIT, HIT
x-cache-hits: 40, 85832
x-timer: S1713369722.564662,VS0,VE0
vary: Accept-Encoding
content-length: 23856
X-Firefox-Spdy: h2

dweb.link/ipfs/QmRbr6GPmMaXViCSY6fErfB14WWdCMBESyRzTPdk6VvjDu?filename=jquery.js

209.94.90.1

301 Moved Permanently

137 B

URL GET HTTP/2
dweb.link/ipfs/QmRbr6GPmMaXViCSY6fErfB14WWdCMBESyRzTPdk6VvjDu?filename=jquery.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text
Size
137 B (137 bytes)
Hash
28e735fd4f6ee8d8dc888bcb96d48c3a
60578f4a502f70b8092c34d5483df943c0ac36ea
465b0a55df7521b39e2520c06dc37aac2d6d74ca136453dd5dcde14c2d7dcdc7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /ipfs/QmRbr6GPmMaXViCSY6fErfB14WWdCMBESyRzTPdk6VvjDu?filename=jquery.js HTTP/1.1
Host: dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: openresty
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: text/html; charset=utf-8
content-length: 137
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
location: https://bafybeibqo6sij2nxln2lh3l4bhpufkriqsc6vtcni44smmcw2hskahjtxq.ipfs.dweb.link/?filename=jquery.js
x-ipfs-pop: ipfs-bank2-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank2-fr2
x-bfid: 5665793379dd962c5fbcb45faa36b785
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
X-Firefox-Spdy: h2

cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm

104.17.96.13

200 OK

14 kB

URL User Request GET HTTP/2
cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
Fingerprint18:E5:C9:71:96:8A:A9:48:E2:79:2A:29:91:D2:4E:46:90:B7:5D:9F
ValiditySun, 25 Feb 2024 02:55:05 GMT - Sat, 25 May 2024 02:55:04 GMT

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (22699), with CRLF line terminators
Size
14 kB (14503 bytes)
Hash
5a48a48e0ec54015ccd66564e99af74b
c00cde57ebc3ffcdaae5d2474044e085b760a54d
5eb2121365d685011edcefbcca830458fb58b61a500c67b85dae0b168e37fbe9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic phishing
OpenPhish	phishing	WeTransfer
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: text/html
cf-ray: 875da313d8a392df-CPH
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
x-ipfs-roots: bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
set-cookie: __cf_bm=IDeEnaWpRbXlFtIx3HEWMrrU7yiUmKyIx0Y4PaIlHeY-1713369721-1.0.1.1-XE_fbvre5C5iKzdmguNhrOF3YTivLrwzvbPVUahgadIGSLCalY3FPvpIV7mvCg0TWoyW1pdfXuyo9IxOMuY8ug; path=/; expires=Wed, 17-Apr-24 16:32:01 GMT; domain=.cloudflare-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dweb.link/ipfs/QmeheeqeAGN8QeMMXY2Pusp4gwJH99dKPqUCfsX6vwoRKQ?filename=bootstrap.js

209.94.90.1

410 Gone

6.7 kB

URL GET HTTP/2
dweb.link/ipfs/QmeheeqeAGN8QeMMXY2Pusp4gwJH99dKPqUCfsX6vwoRKQ?filename=bootstrap.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text, with very long lines (1632)
Size
6.7 kB (6664 bytes)
Hash
a625932f4efa89cf3dabcb020f3b18ef
69cfc20bcf10dedd1fc6847dd89e95f65234509c
db6ad367de6ed56b2f962000875de9abc8d90042df48ff2ad59887a126b43600

HTTP Headers

GET /ipfs/QmeheeqeAGN8QeMMXY2Pusp4gwJH99dKPqUCfsX6vwoRKQ?filename=bootstrap.js HTTP/1.1
Host: dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 410 Gone
server: openresty
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: text/html
content-length: 6664
etag: "661fa4fb-1a08"
x-ipfs-lb-pop: gateway-bank2-fr2
x-bfid: 0e80cde83581cf09d90bc424491c6d67
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

dweb.link/ipfs/QmRJEENewudtFXP4Q6GzkWvKcm1WTMDrSca7QbGwSdrtMm?filename=bootstrap.css

209.94.90.1

301 Moved Permanently

141 B

URL GET HTTP/2
dweb.link/ipfs/QmRJEENewudtFXP4Q6GzkWvKcm1WTMDrSca7QbGwSdrtMm?filename=bootstrap.css
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text
Size
141 B (141 bytes)
Hash
5075898dfe559205113c24d2bf45dc18
a59688817b13fbd3a12e65b122051e8d5bccbc57
d99849d50d31c2deb73c88087440e84c8e2e95c0fcd82d615669f6603e2666c4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /ipfs/QmRJEENewudtFXP4Q6GzkWvKcm1WTMDrSca7QbGwSdrtMm?filename=bootstrap.css HTTP/1.1
Host: dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: openresty
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: text/html; charset=utf-8
content-length: 141
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
location: https://bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona.ipfs.dweb.link/?filename=bootstrap.css
x-ipfs-pop: ipfs-bank3-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank2-fr2
x-bfid: abfa3bd1786bb6c3ae9c2ad5874abdcc
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: EXPIRED
X-Firefox-Spdy: h2

dweb.link/ipfs/QmTgavUm1wZU5UMoUwb1to6zVgCo7nR7p7ic6H44RRPrX9?filename=font-awesome.css

209.94.90.1

301 Moved Permanently

144 B

URL GET HTTP/2
dweb.link/ipfs/QmTgavUm1wZU5UMoUwb1to6zVgCo7nR7p7ic6H44RRPrX9?filename=font-awesome.css
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text
Size
144 B (144 bytes)
Hash
0095e01889589a96ec6c2fa64e4e0a7c
ff86ffb4165587acb560367a3acd85507c7e09f7
4beba4ea5c0c7453f153b1ae595887b2ae96aba797094c26f9c8e0f1c24c0500

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /ipfs/QmTgavUm1wZU5UMoUwb1to6zVgCo7nR7p7ic6H44RRPrX9?filename=font-awesome.css HTTP/1.1
Host: dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: openresty
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: text/html; charset=utf-8
content-length: 144
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
location: https://bafybeicpmxcovgwlyxv4eqnea4eikta2zqxrymbkggdyjaredhcaatcc5a.ipfs.dweb.link/?filename=font-awesome.css
x-ipfs-pop: ipfs-bank3-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank2-fr2
x-bfid: f1937ae650f6d07e7f6d9f9dccf7df5d
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: EXPIRED
X-Firefox-Spdy: h2

dweb.link/ipfs/QmUiVYsNJuaBoCQ1hYeQE8uXVu6LwDSEBUuA3PxKe7zUFX?filename=popper.js

209.94.90.1

301 Moved Permanently

137 B

URL GET HTTP/2
dweb.link/ipfs/QmUiVYsNJuaBoCQ1hYeQE8uXVu6LwDSEBUuA3PxKe7zUFX?filename=popper.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text
Size
137 B (137 bytes)
Hash
aeb6a5bc098c1cdcc596a46f73dc6d58
d009f7e8cbe879389277dba098d302032dc1062e
d27c51aa56e1890f2d29ebaab1f7d83bc05913925b92518d9bc452ec979454dc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /ipfs/QmUiVYsNJuaBoCQ1hYeQE8uXVu6LwDSEBUuA3PxKe7zUFX?filename=popper.js HTTP/1.1
Host: dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: openresty
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: text/html; charset=utf-8
content-length: 137
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
location: https://bafybeic6x2fp4tittdgm62ih5upavzl5cd7mfqheybck3e262z3mwy4xpy.ipfs.dweb.link/?filename=popper.js
x-ipfs-pop: ipfs-bank3-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank2-fr2
x-bfid: 3cc44e838c665cce85c83e2b84065641
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: EXPIRED
X-Firefox-Spdy: h2

cloudflare-ipfs.com/ipfs/index_files/webfont.js

104.17.96.13

400 Bad Request

103 B

URL GET HTTP/3
cloudflare-ipfs.com/ipfs/index_files/webfont.js
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
Fingerprint18:E5:C9:71:96:8A:A9:48:E2:79:2A:29:91:D2:4E:46:90:B7:5D:9F
ValiditySun, 25 Feb 2024 02:55:05 GMT - Sat, 25 May 2024 02:55:04 GMT

File type
ASCII text
Size
103 B (103 bytes)
Hash
fa64ef653062b08edd5c7dabb2cda690
a66501e3b303dcbb0e333a30e1db91753ceb6cca
05fe5b28843d69c032a0b403e1270063e7a9edbd13042eede98e69572e1af2d5

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/index_files/webfont.js HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Cookie: __cf_bm=IDeEnaWpRbXlFtIx3HEWMrrU7yiUmKyIx0Y4PaIlHeY-1713369721-1.0.1.1-XE_fbvre5C5iKzdmguNhrOF3YTivLrwzvbPVUahgadIGSLCalY3FPvpIV7mvCg0TWoyW1pdfXuyo9IxOMuY8ug
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 400 Bad Request
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: text/plain; charset=utf-8
content-length: 103
cf-ray: 875da316fcee92fa-CPH
cf-cache-status: MISS
cache-control: no-store
vary: Accept-Encoding
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400

bafybeicarifyatgz3sd2cfgucp3bo5bddjyou7vevbvy3bd5epwtmbyu3y.ipfs.dweb.link/?filename=logo.jpg

209.94.90.1

200 OK

6.9 kB

URL GET HTTP/2
bafybeicarifyatgz3sd2cfgucp3bo5bddjyou7vevbvy3bd5epwtmbyu3y.ipfs.dweb.link/?filename=logo.jpg
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3, height=0, orientation=upper-left, width=0], baseline, precision 8, 289x57, components 3
Size
6.9 kB (6929 bytes)
Hash
d04a0e077be370d23d16c1358749563b
d41f2bc6ee296019eba5798682f0b60cff2084a6
f8caf3207186e803510b7c02c6de2818abda8d0720f2764cb4e720a35a4d991e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /?filename=logo.jpg HTTP/1.1
Host: bafybeicarifyatgz3sd2cfgucp3bo5bddjyou7vevbvy3bd5epwtmbyu3y.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudflare-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: image/jpeg
content-length: 6929
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="logo.jpg"; filename*=UTF-8''logo.jpg
etag: "bafybeicarifyatgz3sd2cfgucp3bo5bddjyou7vevbvy3bd5epwtmbyu3y"
x-ipfs-path: /ipfs/bafybeicarifyatgz3sd2cfgucp3bo5bddjyou7vevbvy3bd5epwtmbyu3y/
x-ipfs-roots: bafybeicarifyatgz3sd2cfgucp3bo5bddjyou7vevbvy3bd5epwtmbyu3y
x-ipfs-pop: ipfs-bank1-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank2-fr2
x-bfid: 625253aa51a780817fc72d845feea94a
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

dweb.link/ipfs/QmeheeqeAGN8QeMMXY2Pusp4gwJH99dKPqUCfsX6vwoRKQ?filename=bootstrap.js

209.94.90.1

410 Gone

6.7 kB

URL GET HTTP/2
dweb.link/ipfs/QmeheeqeAGN8QeMMXY2Pusp4gwJH99dKPqUCfsX6vwoRKQ?filename=bootstrap.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text, with very long lines (1632)
Size
6.7 kB (6664 bytes)
Hash
a625932f4efa89cf3dabcb020f3b18ef
69cfc20bcf10dedd1fc6847dd89e95f65234509c
db6ad367de6ed56b2f962000875de9abc8d90042df48ff2ad59887a126b43600

HTTP Headers

GET /ipfs/QmeheeqeAGN8QeMMXY2Pusp4gwJH99dKPqUCfsX6vwoRKQ?filename=bootstrap.js HTTP/1.1
Host: dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 410 Gone
server: openresty
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: text/html
content-length: 6664
etag: "661fa4fb-1a08"
x-ipfs-lb-pop: gateway-bank2-fr2
x-bfid: 82713e143dbbcae80c78877ea5fde158
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

bafybeihzk3r5vvkorkyw6yhdrq6ybyddsqbstgcv563nc4kooxaup7lqee.ipfs.dweb.link/?filename=animate.css

209.94.90.1

200 OK

11 kB

URL GET HTTP/2
bafybeihzk3r5vvkorkyw6yhdrq6ybyddsqbstgcv563nc4kooxaup7lqee.ipfs.dweb.link/?filename=animate.css
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
gzip compressed data, from Unix
Size
11 kB (10767 bytes)
Hash
368ad13b7e291aadfddebcb968aa52bb
6e3a59d7bc7e16010d615230526189743bac5c5a
69eaee61765eabe06f68b5dc6770097b1eff3310de282090f334a3a31380c81b

HTTP Headers

GET /?filename=animate.css HTTP/1.1
Host: bafybeihzk3r5vvkorkyw6yhdrq6ybyddsqbstgcv563nc4kooxaup7lqee.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudflare-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="animate.css"; filename*=UTF-8''animate.css
etag: W/"bafybeihzk3r5vvkorkyw6yhdrq6ybyddsqbstgcv563nc4kooxaup7lqee"
x-ipfs-path: /ipfs/bafybeihzk3r5vvkorkyw6yhdrq6ybyddsqbstgcv563nc4kooxaup7lqee/
x-ipfs-roots: bafybeihzk3r5vvkorkyw6yhdrq6ybyddsqbstgcv563nc4kooxaup7lqee
x-ipfs-pop: ipfs-bank2-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank2-fr2
x-bfid: 506bc02c44ae3fa270c14f3efb94247c
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeihtdqp4mpo54jpiwxw4kaxtsv2eg7vfbtauaky25f4lelnwd542pm.ipfs.dweb.link/?filename=bootstrap.min.js

209.94.90.1

410 Gone

6.7 kB

URL GET HTTP/2
bafybeihtdqp4mpo54jpiwxw4kaxtsv2eg7vfbtauaky25f4lelnwd542pm.ipfs.dweb.link/?filename=bootstrap.min.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
HTML document, ASCII text, with very long lines (1632)
Size
6.7 kB (6664 bytes)
Hash
a625932f4efa89cf3dabcb020f3b18ef
69cfc20bcf10dedd1fc6847dd89e95f65234509c
db6ad367de6ed56b2f962000875de9abc8d90042df48ff2ad59887a126b43600

HTTP Headers

GET /?filename=bootstrap.min.js HTTP/1.1
Host: bafybeihtdqp4mpo54jpiwxw4kaxtsv2eg7vfbtauaky25f4lelnwd542pm.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 410 Gone
server: openresty
date: Wed, 17 Apr 2024 16:02:02 GMT
content-type: text/html
content-length: 6664
etag: "661fa4fb-1a08"
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: 44a3bf4d9f35a314c67424db82969874
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

cloudflare-ipfs.com/ipfs/index_files/webfont.js

104.17.96.13

400 Bad Request

103 B

URL GET HTTP/3
cloudflare-ipfs.com/ipfs/index_files/webfont.js
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
Fingerprint18:E5:C9:71:96:8A:A9:48:E2:79:2A:29:91:D2:4E:46:90:B7:5D:9F
ValiditySun, 25 Feb 2024 02:55:05 GMT - Sat, 25 May 2024 02:55:04 GMT

File type
ASCII text
Size
103 B (103 bytes)
Hash
fa64ef653062b08edd5c7dabb2cda690
a66501e3b303dcbb0e333a30e1db91753ceb6cca
05fe5b28843d69c032a0b403e1270063e7a9edbd13042eede98e69572e1af2d5

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/index_files/webfont.js HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Cookie: __cf_bm=IDeEnaWpRbXlFtIx3HEWMrrU7yiUmKyIx0Y4PaIlHeY-1713369721-1.0.1.1-XE_fbvre5C5iKzdmguNhrOF3YTivLrwzvbPVUahgadIGSLCalY3FPvpIV7mvCg0TWoyW1pdfXuyo9IxOMuY8ug
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 400 Bad Request
date: Wed, 17 Apr 2024 16:02:02 GMT
content-type: text/plain; charset=utf-8
content-length: 103
cf-ray: 875da31a7bd392fa-CPH
cf-cache-status: MISS
cache-control: no-store
vary: Accept-Encoding
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400

i.postimg.cc/1zyhynKB/bg.png

162.19.88.68

200 OK

148 kB

URL GET HTTP/2
i.postimg.cc/1zyhynKB/bg.png
IP
162.19.88.68:443
ASN
#16276 OVH SAS

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13
ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT

File type
PNG image data, 1280 x 589, 8-bit/color RGBA, non-interlaced
Size
148 kB (148425 bytes)
Hash
c928ead236377018eef3508cefde85a7
c777bb5d8cbb6f758a1cf6d2a4d40dfb449a7e48
d55a412bcdc152e05ae539ce1f769a0c71aeef6336a4de2754b013e2bc11af71

HTTP Headers

GET /1zyhynKB/bg.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 17 Apr 2024 16:02:02 GMT
content-type: image/png
content-length: 148425
last-modified: Fri, 23 Jun 2023 07:41:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/3JWwH6wN/apple-touch-icon.png

162.19.88.68

200 OK

9.2 kB

URL GET HTTP/2
i.postimg.cc/3JWwH6wN/apple-touch-icon.png
IP
162.19.88.68:443
ASN
#16276 OVH SAS

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13
ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
9.2 kB (9187 bytes)
Hash
3c231b07623cd54d8404d053145b43b8
fd1c20f77dc6603bec0dc459de6a39a50273ead9
1a7f1cc031190e273ff7d38dd6d7677444eb018f42dbd77a1a78a411a9ca8f74

HTTP Headers

GET /3JWwH6wN/apple-touch-icon.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 17 Apr 2024 16:02:02 GMT
content-type: image/png
content-length: 9187
last-modified: Fri, 23 Jun 2023 07:40:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

bafybeic6x2fp4tittdgm62ih5upavzl5cd7mfqheybck3e262z3mwy4xpy.ipfs.dweb.link/?filename=popper.js

209.94.90.1

200 OK

7.3 kB

URL GET HTTP/2
bafybeic6x2fp4tittdgm62ih5upavzl5cd7mfqheybck3e262z3mwy4xpy.ipfs.dweb.link/?filename=popper.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
gzip compressed data, from Unix
Size
7.3 kB (7279 bytes)
Hash
f2302fe37594167d6087c1e3ef36789f
8499e3f7a85e81ebbc806e5aa8652b11b04dd86c
29e5c687873aaf676c533e7211881ac1b08d2ef11fe9385cbf262c6f3ad58335

HTTP Headers

GET /?filename=popper.js HTTP/1.1
Host: bafybeic6x2fp4tittdgm62ih5upavzl5cd7mfqheybck3e262z3mwy4xpy.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudflare-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="popper.js"; filename*=UTF-8''popper.js
etag: W/"bafybeic6x2fp4tittdgm62ih5upavzl5cd7mfqheybck3e262z3mwy4xpy"
x-ipfs-path: /ipfs/bafybeic6x2fp4tittdgm62ih5upavzl5cd7mfqheybck3e262z3mwy4xpy/
x-ipfs-roots: bafybeic6x2fp4tittdgm62ih5upavzl5cd7mfqheybck3e262z3mwy4xpy
x-ipfs-pop: ipfs-bank2-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank2-fr2
x-bfid: 3d413de76dfecefd68c4b12b4c85575a
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeicpmxcovgwlyxv4eqnea4eikta2zqxrymbkggdyjaredhcaatcc5a.ipfs.dweb.link/?filename=font-awesome.css

209.94.90.1

200 OK

16 kB

URL GET HTTP/2
bafybeicpmxcovgwlyxv4eqnea4eikta2zqxrymbkggdyjaredhcaatcc5a.ipfs.dweb.link/?filename=font-awesome.css
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
gzip compressed data, from Unix
Size
16 kB (15847 bytes)
Hash
c3d4974252cb09f4620bfb4481243189
d1d55ec6f4838456e448fb59874cc8fab57d295b
223a2dfb8a7d787aa640eece0d351452ef43c6b56a9ec5332e19c4399575a629

HTTP Headers

GET /?filename=font-awesome.css HTTP/1.1
Host: bafybeicpmxcovgwlyxv4eqnea4eikta2zqxrymbkggdyjaredhcaatcc5a.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudflare-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="font-awesome.css"; filename*=UTF-8''font-awesome.css
etag: W/"bafybeicpmxcovgwlyxv4eqnea4eikta2zqxrymbkggdyjaredhcaatcc5a"
x-ipfs-path: /ipfs/bafybeicpmxcovgwlyxv4eqnea4eikta2zqxrymbkggdyjaredhcaatcc5a/
x-ipfs-roots: bafybeicpmxcovgwlyxv4eqnea4eikta2zqxrymbkggdyjaredhcaatcc5a
x-ipfs-pop: ipfs-bank4-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank2-fr2
x-bfid: c661f2572fa4febb82761be847d02f9a
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeibti4iinvd5b2p775563ygtudzqktihggrtnksbmphezza3hn4eoi.ipfs.dweb.link/?filename=sweetalert.js

209.94.90.1

200 OK

22 kB

URL GET HTTP/2
bafybeibti4iinvd5b2p775563ygtudzqktihggrtnksbmphezza3hn4eoi.ipfs.dweb.link/?filename=sweetalert.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
gzip compressed data, from Unix
Size
22 kB (22328 bytes)
Hash
1060629c95c5e59b37baecc70b8758c3
7b7dfaf0b14d72dcdb0a869c19c2738312c0d955
04d35944784b916757ec002938e530995c7fb34f8b1b626d5327f0195d29845f

HTTP Headers

GET /?filename=sweetalert.js HTTP/1.1
Host: bafybeibti4iinvd5b2p775563ygtudzqktihggrtnksbmphezza3hn4eoi.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudflare-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="sweetalert.js"; filename*=UTF-8''sweetalert.js
etag: W/"bafybeibti4iinvd5b2p775563ygtudzqktihggrtnksbmphezza3hn4eoi"
x-ipfs-path: /ipfs/bafybeibti4iinvd5b2p775563ygtudzqktihggrtnksbmphezza3hn4eoi/
x-ipfs-roots: bafybeibti4iinvd5b2p775563ygtudzqktihggrtnksbmphezza3hn4eoi
x-ipfs-pop: ipfs-bank4-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank2-fr2
x-bfid: 8e674058ee590a057cea814f2dcb6bea
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona.ipfs.dweb.link/?filename=bootstrap.css

209.94.90.1

200 OK

29 kB

URL GET HTTP/2
bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona.ipfs.dweb.link/?filename=bootstrap.css
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
gzip compressed data, from Unix
Size
29 kB (28635 bytes)
Hash
6803a56ab37bfab06e151ae65c3463c5
4295650f73cedab9290b8b13fba51a07c808020b
f6fd58445721edbbd2e00f95b01afd8666cba86ee19ffbd59b392878b33d367c

HTTP Headers

GET /?filename=bootstrap.css HTTP/1.1
Host: bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudflare-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="bootstrap.css"; filename*=UTF-8''bootstrap.css
etag: W/"bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona"
x-ipfs-path: /ipfs/bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona/
x-ipfs-roots: bafybeibl6q4lz3so3hbhc2vbzxcpitws5yd3wcrkfewuerr3l5ohj4mona
x-ipfs-pop: ipfs-bank2-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank2-fr2
x-bfid: cc8a4da74b4e8a5ef3b9e4a21aa57b43
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu.ipfs.dweb.link/?filename=jquery.min.js

209.94.90.1

200 OK

86 kB

URL GET HTTP/2
bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu.ipfs.dweb.link/?filename=jquery.min.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
JavaScript source, ASCII text, with very long lines (32065), with CRLF line terminators
Size
86 kB (85584 bytes)
Hash
bceabde9d4ba653fd1f4bb171bff0c01
c8cdd4f8e91a77cddbc6d9ce8d5f302c52d74b6f
7496a1a9d658f14a47f7ee8dfa70840e47efa61b55b02cda8b316b0fc8dcc2c5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /?filename=jquery.min.js HTTP/1.1
Host: bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="jquery.min.js"; filename*=UTF-8''jquery.min.js
etag: W/"bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu"
x-ipfs-path: /ipfs/bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu/
x-ipfs-roots: bafybeigeqhk7awdadjfe7mg764ts37prfajxfqry7gsdhb3ku47uwk2tiu
x-ipfs-pop: ipfs-bank2-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank2-fr2
x-bfid: c7055bee6fd26bf5326fc53f11a6d01c
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeibqo6sij2nxln2lh3l4bhpufkriqsc6vtcni44smmcw2hskahjtxq.ipfs.dweb.link/?filename=jquery.js

209.94.90.1

200 OK

87 kB

URL GET HTTP/2
bafybeibqo6sij2nxln2lh3l4bhpufkriqsc6vtcni44smmcw2hskahjtxq.ipfs.dweb.link/?filename=jquery.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint2A:D2:03:4C:D3:15:24:93:EF:9E:1F:8F:5A:9C:AF:C4:E2:63:C9:42
ValidityTue, 06 Feb 2024 17:40:37 GMT - Mon, 06 May 2024 17:40:36 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
87 kB (86927 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer

HTTP Headers

GET /?filename=jquery.js HTTP/1.1
Host: bafybeibqo6sij2nxln2lh3l4bhpufkriqsc6vtcni44smmcw2hskahjtxq.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudflare-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 17 Apr 2024 16:02:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-disposition: inline; filename="jquery.js"; filename*=UTF-8''jquery.js
etag: W/"bafybeibqo6sij2nxln2lh3l4bhpufkriqsc6vtcni44smmcw2hskahjtxq"
x-ipfs-path: /ipfs/bafybeibqo6sij2nxln2lh3l4bhpufkriqsc6vtcni44smmcw2hskahjtxq/
x-ipfs-roots: bafybeibqo6sij2nxln2lh3l4bhpufkriqsc6vtcni44smmcw2hskahjtxq
x-ipfs-pop: ipfs-bank1-fr2
timing-allow-origin: *
x-ipfs-lb-pop: gateway-bank2-fr2
x-bfid: 6200a401ade71742ba23340b2ddad3ce
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

i.postimg.cc/wxnBg2Rk/favicon-16x16.png

162.19.88.68

200 OK

352 B

URL GET HTTP/2
i.postimg.cc/wxnBg2Rk/favicon-16x16.png
IP
162.19.88.68:443
ASN
#16276 OVH SAS

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeiexr2jkg3sjg4fcum63ywzelltf6phc7i63oubl6hbbpp26fbewgm
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13
ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
352 B (352 bytes)
Hash
29a7971ab512fe1c421fa65a785d3970
ba837103dd3877c780a0916c061fd2af38eff741
03aa5551ce60e0e703f7239cb2de4c6f26b9ca7802736dbd30c36af16440d3a1

HTTP Headers

GET /wxnBg2Rk/favicon-16x16.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 17 Apr 2024 16:02:02 GMT
content-type: image/png
content-length: 352
last-modified: Fri, 23 Jun 2023 07:42:10 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML