ipfs.io
Open in
urlscan Pro
2602:fea2:2::1
Malicious Activity!
Public Scan
Effective URL: https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/
Submission: On May 18 via api from CN — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on April 16th 2024. Valid for: 3 months.
This is the only time ipfs.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3036::6815:ae0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 3 | 2602:fea2:2::1 2602:fea2:2::1 | 40680 (PROTOCOL) (PROTOCOL) | |
3 | 2606:4700:303... 2606:4700:3031::ac43:cb38 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3036::ac43:969e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2400:52e0:1e0... 2400:52e0:1e00::1081:1 | 200325 (BUNNYCDN) (BUNNYCDN) | |
1 | 2a04:4e42::485 2a04:4e42::485 | 54113 (FASTLY) (FASTLY) | |
11 | 7 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
cdn-js-delivr.com
cdn-js-delivr.com |
2 MB |
3 |
ipfs.io
1 redirects
ipfs.io — Cisco Umbrella Rank: 65949 |
4 MB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237 |
143 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310 |
51 KB |
1 |
ipfs.tech
ipfs.tech — Cisco Umbrella Rank: 241700 |
5 KB |
1 |
nftether2.ru
nftether2.ru |
4 KB |
1 |
parallelfi.net
1 redirects
parallelfi.net |
489 B |
11 | 7 |
Domain | Requested by | |
---|---|---|
3 | cdn-js-delivr.com |
ipfs.io
|
3 | ipfs.io |
1 redirects
cdn-js-delivr.com
|
2 | cdnjs.cloudflare.com |
cdn-js-delivr.com
|
1 | cdn.jsdelivr.net |
cdn-js-delivr.com
|
1 | ipfs.tech | |
1 | nftether2.ru |
cdn-js-delivr.com
|
1 | parallelfi.net | 1 redirects |
11 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
twitter.com |
discord.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ipfs.io GTS CA 1P5 |
2024-04-16 - 2024-07-15 |
3 months | crt.sh |
cdn-js-delivr.com E1 |
2024-05-14 - 2024-08-12 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
nftether2.ru E1 |
2024-04-13 - 2024-07-12 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/
Frame ID: F7AFFBCD902AD313020AD2AB58502638
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
ParallelPage URL History Show full URLs
-
https://parallelfi.net/
HTTP 301
https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/ Page URL
Detected technologies
jsDelivr (CDN) ExpandDetected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://parallelfi.net/
HTTP 301
https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://ipfs.io/favicon.ico HTTP 301
- https://ipfs.tech/favicon.ico
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/ Redirect Chain
|
6 MB 4 MB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
contracts.js
cdn-js-delivr.com/scripts/ |
0 487 B |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
cdn-js-delivr.com/scripts/ |
2 MB 2 MB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
entry.js
cdn-js-delivr.com/scripts/ |
0 275 B |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
732 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
169 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
418 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
875 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
179 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
236 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
12 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/ |
59 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
config
nftether2.ru/ |
4 KB 4 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
ipfs.tech/ Redirect Chain
|
15 KB 5 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ethers.umd.min.js
cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ |
719 KB 124 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
merkletree.js
cdn.jsdelivr.net/npm/merkletreejs@latest/ |
209 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
wallet-connect-v4.js
ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/scripts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
popup-6.css
ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/styles/ |
51 KB 11 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ipfs.io
- URL
- https://ipfs.io/ipfs/Qmd1f5hBQBJYWnQuU4tbXxj4UVv16noxaBeWWePvgfxxhF/scripts/wallet-connect-v4.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)41 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| savepage_ShadowLoader string| UNIQUE_IDENTITY object| popups function| __p_2073651016 object| __p_7478504956 number| __p_9905590737 object| __p_4748178779 function| __getGlobal object| __globalObject function| __TextDecoder function| __Uint8Array undefined| __Buffer function| __String function| __Array function| utf8ArrayToStr function| __p_9020619038 string| __p_7688207193 string| __p_0830950695 string| __p_4002270671 string| __p_1492684898 string| __p_0562294071 string| __p_3317661627 object| __p_3855476934 string| __p_4150600891 string| __p_7104306603 object| __p_8827084230 function| __p_6456149621_calc function| __p_3650137225 number| __p_4616965176 function| _0xc659 function| _0x41da13 function| _0x3aca function| __p_9076570504 function| __p_0841413802 object| CryptoJS object| _ethers object| ethers function| MerkleTree function| MerkleMountainRange function| IncrementalMerkleTree function| MerkleSumTree0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn-js-delivr.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ipfs.io
ipfs.tech
nftether2.ru
parallelfi.net
ipfs.io
2400:52e0:1e00::1081:1
2602:fea2:2::1
2606:4700:3031::ac43:cb38
2606:4700:3036::6815:ae0
2606:4700:3036::ac43:969e
2606:4700::6811:180e
2a04:4e42::485
0812bdc6e19d0ac64b968d73b2c3f66aa8dc87f0521e943849a9a1d1d81bf9e1
1547ae1a9d1c1f8ea6bb2201db6ea9e8bf22c1c87990d984dd3ad8b5a981b994
261035cfbb03ae890584fca81a0be24a5edcb091938f0e199e4695465bfcf466
34db24bf8e3256492155f512b06385fff88057d3e8d2c41af66c28a85008a588
36ac4086f2052a871fc9a2e8ef490a4e4b0fe2d3bfe2bc066865a45f60b327aa
3efa25f860125e998e0393b6b5ee85046117fedf8d33fccd2eae8856b0bdae5b
5d5d4c72f5bd7918e8cf106c6d24243e1509e168c42baccc8f7e3166aa334d1e
6272eeab0e59dad79adf0021baf3510e038dcb46dd32dca32d4b311bbd10b17b
6e4c62f62ca912c789a3bd7b10b8f9e8d6ae04cc944c39f0fde2f61bf4519bab
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
84def95bf0d069e599710fd22cd138b1bb2524f25882efa6bdc699eb1c55280e
8dbc5fdf76506f8a5444c98e102b3be3f7b0df8aa615185a9a85f87361a77fa8
92094ae3d72bf08f22da24cddc0b8985aac54d0a0ad603cfb83dbcccf0fc6f38
94a9fefbbe42310c03ff1e52c1f753c21038805f632867ea78930a52c445a456
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
af00d2cec87b70e8139926da6426dd0686ff9a8207386658b6d72ee4e799c2e3
b6ff02fff409919e3ecec56a4db8ed86d576e3ad17f768e9112e205e21607529
bec0f7007bf1df0f5fcd1a03c195a1951110787644d117b267d36930c7a9aca1
c123adb0fb0245332917af0033d26a975ea8b0b6c0d7d3b9fe2825e815438cce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ea3d432e395811f844d5867a2b0b6adcfcf355219d1fdcbeabee63ef6bb788
f4f2ea8a9fae0fe006897e4d5907c3677086ab3d476e308e2a6a43f43ca8ffaf