urlscan.io logo urlscan.io
SecurityTrails logo

ipfs.io Open in urlscan Pro
2602:fea2:2::1  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://d4fplv04.na1.hubspotlinks.com/Ctc/I9+113/d4FPLv04/VW-PNj22XSQQN4LypLL6PSSlW7Wb0M14-3vPhN8Vtb7G96_9hV7Wycr7CgR81W9fCStG5sM-npN5...
Effective URL: https://ipfs.io/ipfs/bafybeiddivoplm6jnzfyz527x5f3qb3vbbrgk4l2vljbp6ary3mmm4tioy/ow_enc.html
Submission: On May 02 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 3 HTTP transactions. The main IP is 2602:fea2:2::1, located in United States and belongs to PROTOCOL, US. The main domain is ipfs.io. The Cisco Umbrella rank of the primary domain is 48658.
TLS certificate: Issued by R3 on March 27th 2023. Valid for: 3 months.
This is the only time ipfs.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Outlook Web Access (Online)

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 154.53.48.92 40021 (CONTABO)
2 2602:fea2:2::1 40680 (PROTOCOL)
3 3
Apex Domain
Subdomains		 Transfer
2 ipfs.io
ipfs.io — Cisco Umbrella Rank: 48658
46 KB
2 hubspotlinks.com
d4fplv04.na1.hubspotlinks.com
4 KB
1 abrafi.com.br
www.abrafi.com.br
341 B
3 3
Domain Requested by
2 ipfs.io d4fplv04.na1.hubspotlinks.com
ipfs.io
2 d4fplv04.na1.hubspotlinks.com 1 redirects
1 www.abrafi.com.br 1 redirects
3 3

This site contains no links.

Subject Issuer Validity Valid
hubspotlinks.com
Cloudflare Inc ECC CA-3		 2023-04-17 -
2024-04-16		 a year crt.sh
*.i.ipfs.io
R3		 2023-03-27 -
2023-06-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ipfs.io/ipfs/bafybeiddivoplm6jnzfyz527x5f3qb3vbbrgk4l2vljbp6ary3mmm4tioy/ow_enc.html
Frame ID: 7BAF324AEEF9D5338822A3F202F98D90
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Outlook

Page URL History Show full URLs

  1. https://d4fplv04.na1.hubspotlinks.com/Ctc/I9+113/d4FPLv04/VW-PNj22XSQQN4LypLL6PSSlW7Wb0M14-3vPhN8Vtb7G96_9hV7Wycr7... Page URL
  2. https://d4fplv04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/I9+113/d4FPLv04/VW-PNj22XSQQN4LypLL6PSSlW7... HTTP 307
    http://www.abrafi.com.br/banner/redirect.php?bid=124&banner_hash=196ec07deb17039611fe77f13d3885403e15... HTTP 302
    https://ipfs.io/ipfs/bafybeiddivoplm6jnzfyz527x5f3qb3vbbrgk4l2vljbp6ary3mmm4tioy/ow_enc.html Page URL

Page Statistics

3
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

49 kB
Transfer

275 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://d4fplv04.na1.hubspotlinks.com/Ctc/I9+113/d4FPLv04/VW-PNj22XSQQN4LypLL6PSSlW7Wb0M14-3vPhN8Vtb7G96_9hV7Wycr7CgR81W9fCStG5sM-npN5whQ0KFKYZHW7cgzpL2M3s3cW4_cGC1357nwsW4L82054LBFH9W5fYdZX5KqLg0W81K5V55g2WcTW3SNjM15CrRlMW1kqHqL3YzsTPW754_NS36NhDbW2wgyr61m90-kW3RN9_V6WXH9SW3S9NLP5-2LH1W8G3vrK3MqbYpW15pB3n3vxyzjW56H17l4SSXhkW2q_ZNq11VDwjW2JVPVz4KM8NLW6WNV9Q8z9mP8W3B4Bq03WDPF_W3nn_RS3q5Y01W6MpMkC2225XcVyTPzg5PdF2CW5fc0135WHCNXVc1Yw21KkTWfW7FgPG37Nfj2pW7Tc-W95NhXNvW5nhRyq7Q9lskVm83bW5Mtmy9W2Sf-YZ74ctxfW6kSVGV8pKC2BW6R-z_t8g7Pl9W40VCrm25WWMnW5dfD1r22Lj69W5hhjhb5pTLwJVhNtNj6mwfW3W8Hp5x93c5N3XMhzlmn_mnVMW5cv1f45tbh4PVb9cjw5Ld3HjW1v_f3H1X01c0W943s2C1Mj1-4W7p_Rdq18jzv7W9lY5Fr92YPPJW1FRzbp8GRF7zW5H5D866DNBB8W3SFBD75pDFdRVXh3bZ1f8GDHVRvxgk1rcw6hW143yTD1qDdJbV9CYN-3sHscXW29wbkP4LYnv-W4cBNRz5X7XLNW7CGYMj7p4C82W5p2RFc2J9Ft6W3N2Gd27_9JVyW35R0rg6BMGq1W6jXS-c6jYxBYW4vC2WB3Z9JZSN8qQD0KdywpdM86z9KSRLh5W7mJT3c7lwYl1W7K4Ds63xqNqXW5Ttk637Gzdp7W3NLBzk3lJVprW28C9JW2s0DvgW1C_1H868S0FdN10ZHPL6rwqnW9bzPzg24J7BgW4-1_sD2bRs_xN8ZR-zKqKQGZW7THX8D3TMVQg3hHg1 Page URL
  2. https://d4fplv04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/I9+113/d4FPLv04/VW-PNj22XSQQN4LypLL6PSSlW7Wb0M14-3vPhN8Vtb7G96_9hV7Wycr7CgR81W9fCStG5sM-npN5whQ0KFKYZHW7cgzpL2M3s3cW4_cGC1357nwsW4L82054LBFH9W5fYdZX5KqLg0W81K5V55g2WcTW3SNjM15CrRlMW1kqHqL3YzsTPW754_NS36NhDbW2wgyr61m90-kW3RN9_V6WXH9SW3S9NLP5-2LH1W8G3vrK3MqbYpW15pB3n3vxyzjW56H17l4SSXhkW2q_ZNq11VDwjW2JVPVz4KM8NLW6WNV9Q8z9mP8W3B4Bq03WDPF_W3nn_RS3q5Y01W6MpMkC2225XcVyTPzg5PdF2CW5fc0135WHCNXVc1Yw21KkTWfW7FgPG37Nfj2pW7Tc-W95NhXNvW5nhRyq7Q9lskVm83bW5Mtmy9W2Sf-YZ74ctxfW6kSVGV8pKC2BW6R-z_t8g7Pl9W40VCrm25WWMnW5dfD1r22Lj69W5hhjhb5pTLwJVhNtNj6mwfW3W8Hp5x93c5N3XMhzlmn_mnVMW5cv1f45tbh4PVb9cjw5Ld3HjW1v_f3H1X01c0W943s2C1Mj1-4W7p_Rdq18jzv7W9lY5Fr92YPPJW1FRzbp8GRF7zW5H5D866DNBB8W3SFBD75pDFdRVXh3bZ1f8GDHVRvxgk1rcw6hW143yTD1qDdJbV9CYN-3sHscXW29wbkP4LYnv-W4cBNRz5X7XLNW7CGYMj7p4C82W5p2RFc2J9Ft6W3N2Gd27_9JVyW35R0rg6BMGq1W6jXS-c6jYxBYW4vC2WB3Z9JZSN8qQD0KdywpdM86z9KSRLh5W7mJT3c7lwYl1W7K4Ds63xqNqXW5Ttk637Gzdp7W3NLBzk3lJVprW28C9JW2s0DvgW1C_1H868S0FdN10ZHPL6rwqnW9bzPzg24J7BgW4-1_sD2bRs_xN8ZR-zKqKQGZW7THX8D3TMVQg3hHg1?_ud=2d6af8e1-6817-4c8f-a70a-4371f614370c&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
    http://www.abrafi.com.br/banner/redirect.php?bid=124&banner_hash=196ec07deb17039611fe77f13d3885403e151cd1ba6ad9b7689bedacdfac29ef&jk=U3N2YxM2QzODg1X9ANSJA&url=https%3A%2F%2Fipfs.io%2Fipfs%2Fbafybeiddivoplm6jnzfyz527x5f3qb3vbbrgk4l2vljbp6ary3mmm4tioy%2Fow_enc.html&condition=redirect&verifybannerhash=MTk2ZWwN2RlYjE3MDM5NjExZmU3N2YxM2QzODg1NDAzZTE1MWNkMWJhNmFkOWI3Njg5YmVkYWNkZmFjMjllZiAgLQo%3D&utm_medium=email&_hsmi=256177445&_hsenc=p2ANqtz--9Mc2eF_UcZJiH7J4JdPF-VXKnaRvi3SnRIwk3AU_D6yOU-GGC_Sit6ozFJH5PiLPYWzQK0ULJZV7bVKlGvyNbZzmX-GfmDZHOZMfUHH9zpqJ7VWU&utm_source=hs_email HTTP 302
    https://ipfs.io/ipfs/bafybeiddivoplm6jnzfyz527x5f3qb3vbbrgk4l2vljbp6ary3mmm4tioy/ow_enc.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VW-PNj22XSQQN4LypLL6PSSlW7Wb0M14-3vPhN8Vtb7G96_9hV7Wycr7CgR81W9fCStG5sM-npN5whQ0KFKYZHW7cgzpL2M3s3cW4_cGC1357nwsW4L82054LBFH9W5fYdZX5KqLg0W81K5V55g2WcTW3SNjM15CrRlMW1kqHqL3YzsTPW754_NS36NhDbW2wgyr6...
d4fplv04.na1.hubspotlinks.com/Ctc/I9+113/d4FPLv04/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d4fplv04.na1.hubspotlinks.com/Ctc/I9+113/d4FPLv04/VW-PNj22XSQQN4LypLL6PSSlW7Wb0M14-3vPhN8Vtb7G96_9hV7Wycr7CgR81W9fCStG5sM-npN5whQ0KFKYZHW7cgzpL2M3s3cW4_cGC1357nwsW4L82054LBFH9W5fYdZX5KqLg0W81K5V55g2WcTW3SNjM15CrRlMW1kqHqL3YzsTPW754_NS36NhDbW2wgyr61m90-kW3RN9_V6WXH9SW3S9NLP5-2LH1W8G3vrK3MqbYpW15pB3n3vxyzjW56H17l4SSXhkW2q_ZNq11VDwjW2JVPVz4KM8NLW6WNV9Q8z9mP8W3B4Bq03WDPF_W3nn_RS3q5Y01W6MpMkC2225XcVyTPzg5PdF2CW5fc0135WHCNXVc1Yw21KkTWfW7FgPG37Nfj2pW7Tc-W95NhXNvW5nhRyq7Q9lskVm83bW5Mtmy9W2Sf-YZ74ctxfW6kSVGV8pKC2BW6R-z_t8g7Pl9W40VCrm25WWMnW5dfD1r22Lj69W5hhjhb5pTLwJVhNtNj6mwfW3W8Hp5x93c5N3XMhzlmn_mnVMW5cv1f45tbh4PVb9cjw5Ld3HjW1v_f3H1X01c0W943s2C1Mj1-4W7p_Rdq18jzv7W9lY5Fr92YPPJW1FRzbp8GRF7zW5H5D866DNBB8W3SFBD75pDFdRVXh3bZ1f8GDHVRvxgk1rcw6hW143yTD1qDdJbV9CYN-3sHscXW29wbkP4LYnv-W4cBNRz5X7XLNW7CGYMj7p4C82W5p2RFc2J9Ft6W3N2Gd27_9JVyW35R0rg6BMGq1W6jXS-c6jYxBYW4vC2WB3Z9JZSN8qQD0KdywpdM86z9KSRLh5W7mJT3c7lwYl1W7K4Ds63xqNqXW5Ttk637Gzdp7W3NLBzk3lJVprW28C9JW2s0DvgW1C_1H868S0FdN10ZHPL6rwqnW9bzPzg24J7BgW4-1_sD2bRs_xN8ZR-zKqKQGZW7THX8D3TMVQg3hHg1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
7c10a9433fb4ba97-MXP
content-encoding
br
content-type
text/html;charset=utf-8
date
Tue, 02 May 2023 13:37:50 GMT
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-hubspot-correlation-id
e9bf75df-6247-4088-b57c-a4080cc968ff
x-robots-tag
none
Primary Request ow_enc.html
ipfs.io/ipfs/bafybeiddivoplm6jnzfyz527x5f3qb3vbbrgk4l2vljbp6ary3mmm4tioy/
Redirect Chain
  • https://d4fplv04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/I9+113/d4FPLv04/VW-PNj22XSQQN4LypLL6PSSlW7Wb0M14-3vPhN8Vtb7G96_9hV7Wycr7CgR81W9fCStG5sM-npN5whQ0KFKYZHW7cgzpL2M3s3cW4_cGC1357...
  • http://www.abrafi.com.br/banner/redirect.php?bid=124&banner_hash=196ec07deb17039611fe77f13d3885403e151cd1ba6ad9b7689bedacdfac29ef&jk=U3N2YxM2QzODg1X9ANSJA&url=https%3A%2F%2Fipfs.io%2Fipfs%2Fbafybei...
  • https://ipfs.io/ipfs/bafybeiddivoplm6jnzfyz527x5f3qb3vbbrgk4l2vljbp6ary3mmm4tioy/ow_enc.html
250 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ipfs.io/ipfs/bafybeiddivoplm6jnzfyz527x5f3qb3vbbrgk4l2vljbp6ary3mmm4tioy/ow_enc.html
Requested by
Host: d4fplv04.na1.hubspotlinks.com
URL: https://d4fplv04.na1.hubspotlinks.com/Ctc/I9+113/d4FPLv04/VW-PNj22XSQQN4LypLL6PSSlW7Wb0M14-3vPhN8Vtb7G96_9hV7Wycr7CgR81W9fCStG5sM-npN5whQ0KFKYZHW7cgzpL2M3s3cW4_cGC1357nwsW4L82054LBFH9W5fYdZX5KqLg0W81K5V55g2WcTW3SNjM15CrRlMW1kqHqL3YzsTPW754_NS36NhDbW2wgyr61m90-kW3RN9_V6WXH9SW3S9NLP5-2LH1W8G3vrK3MqbYpW15pB3n3vxyzjW56H17l4SSXhkW2q_ZNq11VDwjW2JVPVz4KM8NLW6WNV9Q8z9mP8W3B4Bq03WDPF_W3nn_RS3q5Y01W6MpMkC2225XcVyTPzg5PdF2CW5fc0135WHCNXVc1Yw21KkTWfW7FgPG37Nfj2pW7Tc-W95NhXNvW5nhRyq7Q9lskVm83bW5Mtmy9W2Sf-YZ74ctxfW6kSVGV8pKC2BW6R-z_t8g7Pl9W40VCrm25WWMnW5dfD1r22Lj69W5hhjhb5pTLwJVhNtNj6mwfW3W8Hp5x93c5N3XMhzlmn_mnVMW5cv1f45tbh4PVb9cjw5Ld3HjW1v_f3H1X01c0W943s2C1Mj1-4W7p_Rdq18jzv7W9lY5Fr92YPPJW1FRzbp8GRF7zW5H5D866DNBB8W3SFBD75pDFdRVXh3bZ1f8GDHVRvxgk1rcw6hW143yTD1qDdJbV9CYN-3sHscXW29wbkP4LYnv-W4cBNRz5X7XLNW7CGYMj7p4C82W5p2RFc2J9Ft6W3N2Gd27_9JVyW35R0rg6BMGq1W6jXS-c6jYxBYW4vC2WB3Z9JZSN8qQD0KdywpdM86z9KSRLh5W7mJT3c7lwYl1W7K4Ds63xqNqXW5Ttk637Gzdp7W3NLBzk3lJVprW28C9JW2s0DvgW1C_1H868S0FdN10ZHPL6rwqnW9bzPzg24J7BgW4-1_sD2bRs_xN8ZR-zKqKQGZW7THX8D3TMVQg3hHg1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
openresty /
Resource Hash
2530c765391604b5ccc924a81133e6c90733e25c94f017c311d2ede7f8192a42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://d4fplv04.na1.hubspotlinks.com/Ctc/I9+113/d4FPLv04/VW-PNj22XSQQN4LypLL6PSSlW7Wb0M14-3vPhN8Vtb7G96_9hV7Wycr7CgR81W9fCStG5sM-npN5whQ0KFKYZHW7cgzpL2M3s3cW4_cGC1357nwsW4L82054LBFH9W5fYdZX5KqLg0W81K5V55g2WcTW3SNjM15CrRlMW1kqHqL3YzsTPW754_NS36NhDbW2wgyr61m90-kW3RN9_V6WXH9SW3S9NLP5-2LH1W8G3vrK3MqbYpW15pB3n3vxyzjW56H17l4SSXhkW2q_ZNq11VDwjW2JVPVz4KM8NLW6WNV9Q8z9mP8W3B4Bq03WDPF_W3nn_RS3q5Y01W6MpMkC2225XcVyTPzg5PdF2CW5fc0135WHCNXVc1Yw21KkTWfW7FgPG37Nfj2pW7Tc-W95NhXNvW5nhRyq7Q9lskVm83bW5Mtmy9W2Sf-YZ74ctxfW6kSVGV8pKC2BW6R-z_t8g7Pl9W40VCrm25WWMnW5dfD1r22Lj69W5hhjhb5pTLwJVhNtNj6mwfW3W8Hp5x93c5N3XMhzlmn_mnVMW5cv1f45tbh4PVb9cjw5Ld3HjW1v_f3H1X01c0W943s2C1Mj1-4W7p_Rdq18jzv7W9lY5Fr92YPPJW1FRzbp8GRF7zW5H5D866DNBB8W3SFBD75pDFdRVXh3bZ1f8GDHVRvxgk1rcw6hW143yTD1qDdJbV9CYN-3sHscXW29wbkP4LYnv-W4cBNRz5X7XLNW7CGYMj7p4C82W5p2RFc2J9Ft6W3N2Gd27_9JVyW35R0rg6BMGq1W6jXS-c6jYxBYW4vC2WB3Z9JZSN8qQD0KdywpdM86z9KSRLh5W7mJT3c7lwYl1W7K4Ds63xqNqXW5Ttk637Gzdp7W3NLBzk3lJVprW28C9JW2s0DvgW1C_1H868S0FdN10ZHPL6rwqnW9bzPzg24J7BgW4-1_sD2bRs_xN8ZR-zKqKQGZW7THX8D3TMVQg3hHg1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

access-control-allow-headers
X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-methods
GET GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Range, X-Chunked-Output, X-Stream-Output
cache-control
public, max-age=29030400, immutable
content-encoding
gzip
content-type
text/html
date
Tue, 02 May 2023 13:37:51 GMT
etag
W/"bafkreibfgddwkoiwas24zsjevaithzwja4z6exeu6al4geos5xt7qgjkii"
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
x-bfid
f15d050e006bc0df97afe04d0620ab72
x-ipfs-datasize
255756
x-ipfs-gateway-host
ipfs-bank16-fr2
x-ipfs-lb-pop
gateway-bank1-fr2
x-ipfs-path
/ipfs/bafybeiddivoplm6jnzfyz527x5f3qb3vbbrgk4l2vljbp6ary3mmm4tioy/ow_enc.html
x-ipfs-pop
ipfs-bank16-fr2
x-ipfs-roots
bafybeiddivoplm6jnzfyz527x5f3qb3vbbrgk4l2vljbp6ary3mmm4tioy,bafkreibfgddwkoiwas24zsjevaithzwja4z6exeu6al4geos5xt7qgjkii
x-proxy-cache
HIT

Redirect headers

Connection
Upgrade, Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 02 May 2023 13:37:51 GMT
Keep-Alive
timeout=3, max=100
Location
https://ipfs.io/ipfs/bafybeiddivoplm6jnzfyz527x5f3qb3vbbrgk4l2vljbp6ary3mmm4tioy/ow_enc.html
Server
Apache
Transfer-Encoding
chunked
Upgrade
h2,h2c
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4de8fc175826d9f78fce9f9f2b71a63fe832fc7507e0394125c823b0909fa54a

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7c14ee84d81a536a4cd54e3a144f388f2174a4a5c409ae118ea49f0da6b4aa6

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6710ee6e22d5e3e82f70554804806c37aac5789b110d944383ea393d93eb627a

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
segoeui-regular.ttf
ipfs.io/ipfs/bafybeiddivoplm6jnzfyz527x5f3qb3vbbrgk4l2vljbp6ary3mmm4tioy/resources/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://ipfs.io/ipfs/bafybeiddivoplm6jnzfyz527x5f3qb3vbbrgk4l2vljbp6ary3mmm4tioy/resources/segoeui-regular.ttf
Requested by
Host: ipfs.io
URL: https://ipfs.io/ipfs/bafybeiddivoplm6jnzfyz527x5f3qb3vbbrgk4l2vljbp6ary3mmm4tioy/ow_enc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
openresty /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ipfs.io/ipfs/bafybeiddivoplm6jnzfyz527x5f3qb3vbbrgk4l2vljbp6ary3mmm4tioy/ow_enc.html
Origin
https://ipfs.io
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 13:37:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-ipfs-pop
ipfs-bank2-fr2
server
openresty
x-ipfs-datasize
207
x-ipfs-lb-pop
gateway-bank1-fr2
x-bfid
378e3c44bf77c40557913d38968aa82e
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, X-Chunked-Output, X-Stream-Output
timing-allow-origin
*
access-control-allow-headers
X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
content-length
207

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Outlook Web Access (Online)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| data function| html_encoder string| result function| initLogon function| redir function| shw function| hd function| clkSecExp function| kdSecExp function| clkSec function| clkBsc function| checkSubmit function| clkLgn function| clkRtry function| clkReLgn function| gbid function| IsOwaPremiumBrowser function| hres function| LogoffMime function| addPerfMarker object| mainLogonDiv boolean| showPlaceholderText string| mainLogonDivClassName function| setPlaceholderText function| showPasswordClick number| count function| submitForm function| convertToBase64

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://ipfs.io/ipfs/bafybeiddivoplm6jnzfyz527x5f3qb3vbbrgk4l2vljbp6ary3mmm4tioy/resources/segoeui-regular.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()