bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com Open in urlscan Pro
2606:4700::6811:600d Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Submission: On May 14 via api (May 14th 2024, 10:54:35 pm UTC) from US — Scanned from DE

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 27 HTTP transactions. The main IP is 2606:4700::6811:600d, located in United States and belongs to CLOUDFLARENET, US. The main domain is bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com.
TLS certificate: Issued by E1 on March 16th 2024. Valid for: 3 months.

This is the only time bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 11	2606:4700::68... 2606:4700::6811:600d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a01:7c8:e100... 2a01:7c8:e100:1::7254	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
3	88.198.22.18 88.198.22.18	24940 (HETZNER-AS) (HETZNER-AS)
27	4

11 2606:4700::6811:600d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a01:7c8:e100:1::7254 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)

transip.email	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.198.22.18 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: rs6b.rcnoc.com

centgold.africa	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	cf-ipfs.com 1 redirects bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com	12 KB
9	transip.email transip.email — Cisco Umbrella Rank: 171088	90 KB
3	centgold.africa centgold.africa	78 KB
0	dweb.link Failed bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.dweb.link Failed
27	4

	Domain	Requested by
11	bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com	1 redirects bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
9	transip.email	bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
3	centgold.africa	bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
0	bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.dweb.link Failed	bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
27	4

This site contains no links.

Subject Issuer	Validity	Valid
cf-ipfs.com E1	`2024-03-16` - `2024-06-14`	3 months	crt.sh
*.transip.email Sectigo RSA Domain Validation Secure Server CA	`2024-04-23` - `2025-05-18`	a year	crt.sh
centgold.africa R3	`2024-03-30` - `2024-06-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Frame ID: AB27D5A46A8A3D30002FAEC55C63F62E
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/ Page URL
https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/cdn-cgi/phish-bypass?atok=3whM.UEHG_kokDce3T6JLSHdfpuxq10Sn.uB6PCwmSc-171572... HTTP 301
https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

27
Requests

81 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

179 kB
Transfer

1238 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/ Page URL
https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/cdn-cgi/phish-bypass?atok=3whM.UEHG_kokDce3T6JLSHdfpuxq10Sn.uB6PCwmSc-1715727231-0.0.1.1-%2F HTTP 301
https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/xframework/assets/bower_components/js-cookie/src/js.cookie.js?s=1615464115 HTTP 302
https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.dweb.link/plugins/xframework/assets/bower_components/js-cookie/src/js.cookie.js

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/ 4 KB
2 KB 85ms
25ms Document
text/html 2606:4700::6811:600d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:600d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f7b5686afbf288b03950b2600b6b22e4a7c2216fe61e28a7a38e3f131d3c836

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 883e777f6c56047e-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 14 May 2024 22:53:51 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 cf.errors.css
bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/cdn-cgi/styles/ 23 KB
5 KB 32ms
32ms Stylesheet
text/css 2606:4700::6811:600d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/cdn-cgi/styles/cf.errors.css

Requested by

Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:600d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 22:53:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 May 2024 09:31:53 GMT
server: cloudflare
etag: W/"663b4689-5df3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 883e777f9c7b047e-FRA
expires: Wed, 15 May 2024 00:53:51 GMT

GET
H2 200 icon-exclamation.png
bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/cdn-cgi/images/ 452 B
541 B 24ms
23ms Image
image/png 2606:4700::6811:600d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:600d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/cdn-cgi/styles/cf.errors.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 22:53:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 May 2024 09:31:53 GMT
server: cloudflare
etag: "663b4689-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 883e777fdc9f047e-FRA
content-length: 452
expires: Wed, 15 May 2024 00:53:51 GMT

GET
H2 404 favicon.ico
bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/ 191 B
779 B 636ms
636ms Other
text/plain 2606:4700::6811:600d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:600d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

605810491debd51aa4b0e799e086721b206daacead39e793ab84873529aba8b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 22:53:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-cf-ipfs-cache-status: miss
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: no-store
x-ipfs-path: /ipfs/bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q/favicon.ico
cf-ray: 883e777ffcba047e-FRA
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

GET
H2

200

Primary Request / Show response
bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Redirect Chain

https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/cdn-cgi/phish-bypass?atok=3whM.UEHG_kokDce3T6JLSHdfpuxq10Sn.uB6PCwmSc-1715727231-0.0.1.1-%2F
https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/

12 KB
4 KB

539ms
538ms

Document
text/html

2606:4700::6811:600d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:600d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c73897e005aee0835e448a1ead26f4e829c81fe0c39a9b864dca25237484e0e4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: Content-Type Range User-Agent X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=29030400, immutable
cf-cache-status: MISS
cf-ray: 883e7796eb9a047e-FRA
content-encoding: br
content-type: text/html
date: Tue, 14 May 2024 22:53:56 GMT
etag: W/"bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q"
server: cloudflare
vary: Accept-Encoding
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q/
x-ipfs-roots: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q

Redirect headers

cache-control: private, no-cache
cf-ray: 883e7796cb80047e-FRA
content-length: 167
content-type: text/html
date: Tue, 14 May 2024 22:53:55 GMT
location: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H/1.1 200
OK styles.min.css
transip.email/skins/larry/ 46 KB
10 KB 136ms
30ms Stylesheet
text/css 2a01:7c8:e100:1::7254
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://transip.email/skins/larry/styles.min.css?s=1702476951
Requested by: Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:7c8:e100:1::7254 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141 /
Resource Hash: 4bb75dfecf5870bb04ac0edae38092aba6d024e8336c7bf7df15cf104af543cb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 22:53:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Dec 2023 14:15:51 GMT
Server: Apache/2.4.25 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141
ETag: "b8d7-60c64cde805b6-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 9607

GET
H/1.1 200
OK larry.css
transip.email/plugins/xframework/assets/styles/ 453 KB
29 KB 167ms
61ms Stylesheet
text/css 2a01:7c8:e100:1::7254
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://transip.email/plugins/xframework/assets/styles/larry.css?s=1702476950
Requested by: Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:7c8:e100:1::7254 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141 /
Resource Hash: a836baab2ae1f2147fcdbbefa47ef1eb9c7e6f5436d76c32715cfbe28e7e1ac8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 22:53:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Dec 2023 14:15:50 GMT
Server: Apache/2.4.25 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141
ETag: "714dd-60c64cde48345-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 29694

GET styles.css
bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/xskin/assets/styles/ 0
0

GET larry_desktop.css
bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/xskin/assets/styles/ 0
0

GET desktop.css
bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/skins/outlook/assets/ 0
0

GET jquery-ui.min.css
bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/skins/larry/plugins/jqueryui/ 0
0

GET
H2 404 ui.min.js
bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/skins/larry/ 0
0 487ms
485ms Script
text/plain 2606:4700::6811:600d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/skins/larry/ui.min.js?s=1702476951

Requested by

Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:600d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 22:53:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-cf-ipfs-cache-status: miss
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: no-store
x-ipfs-path: /ipfs/bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q/skins/larry/ui.min.js
cf-ray: 883e779a4dd7047e-FRA
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

GET
H/1.1 200
OK transip.css
transip.email/css/ 615 B
683 B 137ms
31ms Stylesheet
text/css 2a01:7c8:e100:1::7254
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://transip.email/css/transip.css
Requested by: Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:7c8:e100:1::7254 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141 /
Resource Hash: e576d325893c1dfe24c15fadeb463f6840f29647413f98072dbaad356e820744

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 22:53:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Dec 2023 14:15:51 GMT
Server: Apache/2.4.25 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141
ETag: "267-60c64cde79086-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 330

GET
H/1.1 200
OK webmail.css
transip.email/css/minified/ 61 KB
11 KB 141ms
31ms Stylesheet
text/css 2a01:7c8:e100:1::7254
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://transip.email/css/minified/webmail.css
Requested by: Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:7c8:e100:1::7254 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141 /
Resource Hash: 171780952376c5674b76057b89fa13de5987eceeaa6eeefd54055b6e1c8bf5f4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 22:53:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Jan 2019 15:18:34 GMT
Server: Apache/2.4.25 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141
ETag: "f247-57fbd06432032-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 10658

GET
H2 200 transip-login.css
centgold.africa/images/demos/ 547 B
483 B 121ms
47ms Stylesheet
text/css 88.198.22.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://centgold.africa/images/demos/transip-login.css
Requested by: Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.22.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: rs6b.rcnoc.com
Software: LiteSpeed /
Resource Hash: 04aad7263253ad1f0177523f29270cc4910cf66d82d27ee44456d9ad723b9172

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 22:53:56 GMT
content-encoding: br
last-modified: Thu, 21 Mar 2024 13:15:33 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 188
expires: Tue, 21 May 2024 22:53:56 GMT

GET
H/1.1 200
OK jquery.min.js Show response
transip.email/program/js/ 89 KB
31 KB 173ms
61ms Script
application/javascript 2a01:7c8:e100:1::7254
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://transip.email/program/js/jquery.min.js?s=1702476950
Requested by: Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:7c8:e100:1::7254 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141 /
Resource Hash: 5641ed21773230a8110279658abac57bb5b4abc7bf4091946c5e61e8f0021f55

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 22:53:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Dec 2023 14:15:50 GMT
Server: Apache/2.4.25 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141
ETag: "1632e-60c64cde630f6-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 31705

GET
H/1.1 200
OK common.min.js Show response
transip.email/program/js/ 12 KB
5 KB 165ms
30ms Script
application/javascript 2a01:7c8:e100:1::7254
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://transip.email/program/js/common.min.js?s=1702476950
Requested by: Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:7c8:e100:1::7254 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141 /
Resource Hash: a8e9036221176bf3ea5fefaaaae97a3fadecf1b25c5b8ace450a63b1af4a6047

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 22:53:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Dec 2023 14:15:50 GMT
Server: Apache/2.4.25 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141
ETag: "31f9-60c64cde630f6-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 4859

GET
H/1.1 200
OK larry.css Show response
transip.email/plugins/xframework/assets/styles/ 453 KB
0 166ms
166ms Script
text/css 2a01:7c8:e100:1::7254
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://transip.email/plugins/xframework/assets/styles/larry.css?s=1702476950
Requested by: Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:7c8:e100:1::7254 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141 /
Resource Hash: a836baab2ae1f2147fcdbbefa47ef1eb9c7e6f5436d76c32715cfbe28e7e1ac8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 22:53:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Dec 2023 14:15:50 GMT
Server: Apache/2.4.25 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141
ETag: "714dd-60c64cde48345-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 29694

GET
H/1.1 200
OK js.cookie.js Show response
transip.email/plugins/xframework/assets/bower_components/js-cookie/src/ 4 KB
2 KB 140ms
29ms Script
application/javascript 2a01:7c8:e100:1::7254
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://transip.email/plugins/xframework/assets/bower_components/js-cookie/src/js.cookie.js?s=1615464115
Requested by: Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:7c8:e100:1::7254 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141 /
Resource Hash: 3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 22:53:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Mar 2021 12:01:55 GMT
Server: Apache/2.4.25 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141
ETag: "f2b-5bd418cbbc893-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 1526

GET

js.cookie.js
bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.dweb.link/plugins/xframework/assets/bower_components/js-cookie/src/
Redirect Chain

https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/xframework/assets/bower_components/js-cookie/src/js.cookie.js?s=1615464115
https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.dweb.link/plugins/xframework/assets/bower_components/js-cookie/src/js.cookie.js

0
0

GET
H2 404 framework.min.js
bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/xframework/assets/scripts/ 0
0 130ms
129ms Script
text/plain 2606:4700::6811:600d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/xframework/assets/scripts/framework.min.js?s=1702476950

Requested by

Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:600d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 22:53:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-cf-ipfs-cache-status: miss
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: no-store
x-ipfs-path: /ipfs/bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q/plugins/xframework/assets/scripts/framework.min.js
cf-ray: 883e779a5dda047e-FRA
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

GET
H2 404 xskin.min.js
bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/xskin/assets/scripts/ 0
0 296ms
295ms Script
text/plain 2606:4700::6811:600d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/xskin/assets/scripts/xskin.min.js?s=1702476950

Requested by

Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:600d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 22:53:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-cf-ipfs-cache-status: miss
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: no-store
x-ipfs-path: /ipfs/bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q/plugins/xskin/assets/scripts/xskin.min.js
cf-ray: 883e779a5ddc047e-FRA
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

GET
H2 404 larry_desktop.min.js
bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/xskin/assets/scripts/ 0
0 2882ms
2881ms Script
text/plain 2606:4700::6811:600d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/xskin/assets/scripts/larry_desktop.min.js?s=1702476950

Requested by

Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:600d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 22:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-cf-ipfs-cache-status: miss
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: no-store
x-ipfs-path: /ipfs/bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q/plugins/xskin/assets/scripts/larry_desktop.min.js
cf-ray: 883e779a5dde047e-FRA
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

GET
H2 404 jquery-ui.min.js
bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/jqueryui/js/ 0
0 301ms
301ms Script
text/plain 2606:4700::6811:600d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/jqueryui/js/jquery-ui.min.js?s=1702476950

Requested by

Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:600d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 22:53:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-cf-ipfs-cache-status: miss
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: no-store
x-ipfs-path: /ipfs/bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q/plugins/jqueryui/js/jquery-ui.min.js
cf-ray: 883e779a5ddf047e-FRA
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

GET
H2 200 language.png
centgold.africa/images/demos/ 12 KB
12 KB 120ms
47ms Image
image/png 88.198.22.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://centgold.africa/images/demos/language.png
Requested by: Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.22.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: rs6b.rcnoc.com
Software: LiteSpeed /
Resource Hash: 7869ea23c3f07e27b0347b5afe0442226e0b4f71d5958926a5ac3f59bb87c833

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 22:53:56 GMT
last-modified: Thu, 21 Mar 2024 12:59:47 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 12650
expires: Tue, 21 May 2024 22:53:56 GMT

GET
H/1.1 200
OK send.svg
transip.email/img/ 941 B
949 B 30ms
30ms Image
image/svg+xml 2a01:7c8:e100:1::7254
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transip.email/img/send.svg
Requested by: Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:7c8:e100:1::7254 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141 /
Resource Hash: ddc129f0de44528f7f3d7fcb0bcd4f268da965624d2d686e7ff3084c3550370d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 22:53:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Jan 2019 15:18:34 GMT
Server: Apache/2.4.25 (Debian) mod_fastcgi/mod_fastcgi-SNAP-0910052141
ETag: "3ad-57fbd06432032-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 591

GET
H2 200 downbg.png
centgold.africa/images/demos/ 65 KB
65 KB 25ms
25ms Image
image/png 88.198.22.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://centgold.africa/images/demos/downbg.png
Requested by: Host: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.22.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: rs6b.rcnoc.com
Software: LiteSpeed /
Resource Hash: c3eb398719f27dcde57d3714c0b60236270fb9b3da3e465fb9842f34d61e264d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 22:53:56 GMT
last-modified: Thu, 21 Mar 2024 13:20:31 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 66355
expires: Tue, 21 May 2024 22:53:56 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/xskin/assets/styles/styles.css?s=1702476950

Domain: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/xskin/assets/styles/larry_desktop.css?s=1702476950

Domain: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/skins/outlook/assets/desktop.css?s=1702476951

Domain: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/skins/larry/plugins/jqueryui/jquery-ui.min.css?s=1702476951

Domain: bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.dweb.link
URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.dweb.link/plugins/xframework/assets/bower_components/js-cookie/src/js.cookie.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/	1970-01-20 20:35:29	Name: __cf_bm Value: Y5jvkkGcZ.i7aiXHXXmBDo4UTOSunb9N1nhmGegWbdw-1715727232-1.0.1.1-ZaDXh2EUl4yy_VkMqH3kkXKPPEwiF6vNLn4A4Le05lzYQ4iRvjFIkQTNySBt_6P5VfAHcVq.NGYpOdKyTMRQ.g
			.bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/	1970-01-20 20:36:53	Name: __cf_mw_byp Value: 3whM.UEHG_kokDce3T6JLSHdfpuxq10Sn.uB6PCwmSc-1715727231-0.0.1.1-/

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/xframework/assets/scripts/framework.min.js?s=1702476950 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/ Message: Refused to apply style from 'https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/xskin/assets/styles/larry_desktop.css?s=1702476950' because its MIME type ('text/plain') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/ Message: Refused to apply style from 'https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/skins/larry/plugins/jqueryui/jquery-ui.min.css?s=1702476951' because its MIME type ('text/plain') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/ Message: Refused to apply style from 'https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/xskin/assets/styles/styles.css?s=1702476950' because its MIME type ('text/plain') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/xskin/assets/scripts/xskin.min.js?s=1702476950 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/jqueryui/js/jquery-ui.min.js?s=1702476950 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/ Message: Refused to apply style from 'https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/skins/outlook/assets/desktop.css?s=1702476951' because its MIME type ('text/plain') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/skins/larry/ui.min.js?s=1702476951 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/ Message: Refused to execute script from 'https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/skins/larry/ui.min.js?s=1702476951' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com/plugins/xskin/assets/scripts/larry_desktop.min.js?s=1702476950 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.dweb.link
centgold.africa
transip.email
bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com
bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.dweb.link
2606:4700::6811:600d
2a01:7c8:e100:1::7254
88.198.22.18
04aad7263253ad1f0177523f29270cc4910cf66d82d27ee44456d9ad723b9172
171780952376c5674b76057b89fa13de5987eceeaa6eeefd54055b6e1c8bf5f4
3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15
4bb75dfecf5870bb04ac0edae38092aba6d024e8336c7bf7df15cf104af543cb
5641ed21773230a8110279658abac57bb5b4abc7bf4091946c5e61e8f0021f55
5f7b5686afbf288b03950b2600b6b22e4a7c2216fe61e28a7a38e3f131d3c836
605810491debd51aa4b0e799e086721b206daacead39e793ab84873529aba8b0
7869ea23c3f07e27b0347b5afe0442226e0b4f71d5958926a5ac3f59bb87c833
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
a836baab2ae1f2147fcdbbefa47ef1eb9c7e6f5436d76c32715cfbe28e7e1ac8
a8e9036221176bf3ea5fefaaaae97a3fadecf1b25c5b8ace450a63b1af4a6047
c3eb398719f27dcde57d3714c0b60236270fb9b3da3e465fb9842f34d61e264d
c73897e005aee0835e448a1ead26f4e829c81fe0c39a9b864dca25237484e0e4
ddc129f0de44528f7f3d7fcb0bcd4f268da965624d2d686e7ff3084c3550370d
e576d325893c1dfe24c15fadeb463f6840f29647413f98072dbaad356e820744
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com Open in urlscan Pro 2606:4700::6811:600d Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

81 %HTTPS

67 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

179 kBTransfer

1238 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

21 JavaScript Global Variables

2 Cookies

11 Console Messages

Security Headers

Indicators

bafkreighhcl6abno4cbv4rekd2wsn5hifheb7ygdtknymtokeurxjbha4q.ipfs.cf-ipfs.com Open in urlscan Pro
2606:4700::6811:600d Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

81 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

179 kB
Transfer

1238 kB
Size

2
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!