ipfs.io Open in urlscan Pro
209.94.90.1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://enter-golemnetwork.com/
Effective URL:
https://ipfs.io/ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/
Submission: On May 18 via api (May 18th 2024, 12:41:00 am UTC) from CN — Scanned from DE

Summary HTTP 11 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 11 HTTP transactions. The main IP is 209.94.90.1, located in United States and belongs to PROTOCOL, US. The main domain is ipfs.io. The Cisco Umbrella rank of the primary domain is 65949.
TLS certificate: Issued by GTS CA 1P5 on April 16th 2024. Valid for: 3 months.

This is the only time ipfs.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::6815:177	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	209.94.90.1 209.94.90.1	40680 (PROTOCOL) (PROTOCOL)
3	172.67.203.56 172.67.203.56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:25f... 2600:9000:25f6:c000:12:9e5f:cac0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.182.145 172.67.182.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:600d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	8

1 2606:4700:3035::6815:177 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

enter-golemnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.94.90.1 (United States)

ASN40680 (PROTOCOL, US)

ipfs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.203.56 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-js-delivr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25f6:c000:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets-global.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.182.145 (United States)

ASN13335 (CLOUDFLARENET, US)

security-web3-cryptosecurity.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:600d (United States)

ASN13335 (CLOUDFLARENET, US)

bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.cf-ipfs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	cdn-js-delivr.com cdn-js-delivr.com	2 MB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	143 KB
1	cf-ipfs.com bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.cf-ipfs.com	11 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	51 KB
1	security-web3-cryptosecurity.ru security-web3-cryptosecurity.ru	4 KB
1	website-files.com assets-global.website-files.com — Cisco Umbrella Rank: 6282	182 KB
1	ipfs.io ipfs.io — Cisco Umbrella Rank: 65949	178 KB
1	enter-golemnetwork.com 1 redirects enter-golemnetwork.com	462 B
11	8

	Domain	Requested by
3	cdn-js-delivr.com	ipfs.io
2	cdnjs.cloudflare.com	cdn-js-delivr.com
1	bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.cf-ipfs.com	cdn-js-delivr.com
1	cdn.jsdelivr.net	cdn-js-delivr.com
1	security-web3-cryptosecurity.ru	cdn-js-delivr.com
1	assets-global.website-files.com	ipfs.io
1	ipfs.io	cdn-js-delivr.com
1	enter-golemnetwork.com	1 redirects
11	8

This site contains links to these domains. Also see Links.

Domain
www.golem.network
docs.golem.network
github.com
glm.golem.network
blog.golemproject.net
twitter.com
discord.gg
reddit.com
www.youtube.com
life.golem.network
stats.golem.network
blog.golem.network
migrate.golem.network
assets.website-files.com

Subject Issuer	Validity	Valid
ipfs.io GTS CA 1P5	`2024-04-16` - `2024-07-15`	3 months	crt.sh
cdn-js-delivr.com E1	`2024-05-14` - `2024-08-12`	3 months	crt.sh
*.website-files.com Amazon RSA 2048 M03	`2023-09-11` - `2024-10-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
security-web3-cryptosecurity.ru E1	`2024-04-13` - `2024-07-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
cf-ipfs.com E1	`2024-05-14` - `2024-08-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ipfs.io/ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/
Frame ID: 4C003694584E461933DCF3B3AC03A0CA
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Golem Network

Page URL History Show full URLs

https://enter-golemnetwork.com/ HTTP 301
https://ipfs.io/ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/ Page URL

Detected technologies

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

11
Requests

91 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

2185 kB
Transfer

3590 kB
Size

1
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://www.golem.network/

Search URL Search Domain Scan URL

URL: https://www.golem.network/about
Title: About

Search URL Search Domain Scan URL

URL: http://docs.golem.network/
Title: Docs

Search URL Search Domain Scan URL

URL: https://github.com/golemfactory/awesome-golem?tab=readme-ov-file
Title: Projects

Search URL Search Domain Scan URL

URL: https://www.golem.network/ai
Title: AI

Search URL Search Domain Scan URL

URL: http://glm.golem.network/
Title: GLM Token

Search URL Search Domain Scan URL

URL: https://blog.golemproject.net/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.golem.network/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://twitter.com/golemproject

Search URL Search Domain Scan URL

URL: http://discord.gg/golem

Search URL Search Domain Scan URL

URL: https://reddit.com/r/GolemProject/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCl3fxgrSML2sL3UYZrynbMg/videos

Search URL Search Domain Scan URL

URL: https://github.com/golemfactory/golem

Search URL Search Domain Scan URL

URL: http://life.golem.network/
Title: Discover

Search URL Search Domain Scan URL

URL: https://stats.golem.network/
Title: Network Statistics

Search URL Search Domain Scan URL

URL: https://docs.golem.network/docs/creators
Title: Build now

Search URL Search Domain Scan URL

URL: https://docs.golem.network/docs/providers
Title: Contribute & Earn

Search URL Search Domain Scan URL

URL: https://blog.golem.network/scientific-recognition-for-golem-network-powered-project-simulating-the-origins-of-life-on-earth/
Title: Read more

Search URL Search Domain Scan URL

URL: https://blog.golem.network/golem-gpu-beta-testing-program-launch/
Title: Read more

Search URL Search Domain Scan URL

URL: https://migrate.golem.network/
Title: Migration

Search URL Search Domain Scan URL

URL: https://www.golem.network/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.golem.network/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.golem.network/uig
Title: UiG

Search URL Search Domain Scan URL

URL: https://www.golem.network/disclaimer
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://assets.website-files.com/62446d07873fde065cbcb8d5/62446d07873fdeb626bcb927_Golemwhitepaper.pdf
Title: Whitepaper

Search URL Search Domain Scan URL

URL: https://www.golem.network/brand-assets
Title: Brand assets

Search URL Search Domain Scan URL

URL: https://www.golem.network/about#the-team
Title: Team

Search URL Search Domain Scan URL

URL: https://www.golem.network/contact-form
Title: Contact

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://enter-golemnetwork.com/ HTTP 301
https://ipfs.io/ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
ipfs.io/ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/
Redirect Chain

https://enter-golemnetwork.com/
https://ipfs.io/ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/

582 KB
178 KB

135ms
85ms

Document
text/html

209.94.90.1
PROTOCOL

General

Check archive.org

Show headers Download Go to

Full URL: https://ipfs.io/ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 209.94.90.1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2b029608bcd774345d5f9f039cdf8982e0e13a11c66cf1f283c5b68e2119028

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: Content-Type Range User-Agent X-Requested-With
access-control-allow-methods: GET HEAD OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=29030400, immutable
cf-cache-status: HIT
cf-ray: 8857cc734fc52685-TXL
content-encoding: br
content-type: text/html
date: Sat, 18 May 2024 00:40:55 GMT
server: cloudflare
vary: Accept-Encoding
x-ipfs-path: /ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/
x-ipfs-pop: rainbow-fr2-02
x-ipfs-roots: QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8857cc728c433689-FRA
date: Sat, 18 May 2024 00:40:55 GMT
location: https://ipfs.io/ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ha1xiC5Xt2LeZ21zkLrHgALzaLrgt792XCA7P2EWzfP2VRJIs%2FdnLDCc9Zc2I8Ak5WRyqQpq%2B5N5DVQ1OUVpuSpriwPvwu7wRybb8ahAjTAnaBRMWfg3VDfUdM5JnkjMuiKFinyV4USLWZP55wfdxTlMQNy%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 contracts.js Show response
cdn-js-delivr.com/scripts/ 0
494 B 96ms
51ms Script
application/octet-stream 172.67.203.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js-delivr.com/scripts/contracts.js
Requested by: Host: ipfs.io
URL: https://ipfs.io/ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ipfs.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 00:40:55 GMT
cf-cache-status: HIT
last-modified: Fri, 17 May 2024 22:48:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6773
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Ywh73AkAvPMiLaeB7JK%2BRgDEb9GKhBC%2Fqsv6%2F73JiUin8m%2FcbA8qli7chZHkNwA38mZx4yOUf7Rwo0NH69milc5XLb9BZ%2Fz6CI3IVbKMg%2BhDZBEsBY5NTZHQkUMMT5ImCXlGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8857cc7499a64d56-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 main.js Show response
cdn-js-delivr.com/scripts/ 2 MB
2 MB 98ms
53ms Script
application/octet-stream 172.67.203.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js-delivr.com/scripts/main.js
Requested by: Host: ipfs.io
URL: https://ipfs.io/ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74dd8985d19f9ff7f8aaee42e325e84301200989211e6b4f46f6afb74c9f3652

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ipfs.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 00:40:55 GMT
cf-cache-status: HIT
last-modified: Fri, 17 May 2024 22:48:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6773
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QvN%2BEUsaoAIpiVSnR6bWPdkhyI57uNjaEfWl75b4%2FjIh%2BjnA%2BZ3yModz4XA2FHqGSebiAcKk4JZ4fswqbcOX1OpesT%2Bn9xbSkf8b7%2FdUejnHZV3p%2FF9C%2FDupKtmxwmdffZ%2BYfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8857cc7499a14d56-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1653335

GET
H3 200 entry.js Show response
cdn-js-delivr.com/scripts/ 0
459 B 97ms
53ms Script
application/octet-stream 172.67.203.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js-delivr.com/scripts/entry.js
Requested by: Host: ipfs.io
URL: https://ipfs.io/ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ipfs.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 00:40:55 GMT
cf-cache-status: HIT
last-modified: Sat, 18 May 2024 00:19:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1264
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kIAeIOvfY%2BklCRdR1wJCuSc6ZSb7Q%2Bju4sDccQFnwpgIThbKpg%2B9lOmTM%2BbTmZTXhRO4%2BE06HQnvfmMwVNgUxF5Z9Wf8jtXdoNOzwfwJHV8%2By3w1NbVzUrqZvjlfEyOvxBiSOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8857cc7499a54d56-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6067edf0dc4a883a2b3306f541fe9577a950206429daab4003f5a58c06a2022f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 657201ccae29e25f6b000267_6a72402a-185c-4223-930f-6032853bd089%201-p-1600.jpg
assets-global.website-files.com/62446d07873fde065cbcb8d5/ 181 KB
182 KB 110ms
39ms Image
image/jpg 2600:9000:25f6:c000:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62446d07873fde065cbcb8d5/657201ccae29e25f6b000267_6a72402a-185c-4223-930f-6032853bd089%201-p-1600.jpg
Requested by: Host: ipfs.io
URL: https://ipfs.io/ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25f6:c000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbf7a6139f467485dc8d1d10f41f636085e4df8e568bd001e0c6c4317ea871d4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ipfs.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 20 Feb 2024 13:52:55 GMT
x-amz-version-id: gdlBsWgg_u322xH7jav__YUzhESxnB5K
via: 1.1 2108fe1f44b319cb55c3137bfc0dd142.cloudfront.net (CloudFront)
age: 7555681
x-amz-cf-pop: HAM50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 185226
last-modified: Thu, 07 Dec 2023 17:33:10 GMT
server: AmazonS3
etag: "98d1988108920d5d00721252fce899dd"
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: _ueWkmrx-KAaG2iUmxl46mME2TktFfBKhqxojYJw80OTttq7aI4xWA==

GET
DATA 200
OK truncated
/ 102 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0da5bf535447860e47d9f9985996a5ac325f6ac001bf6833adbfe6d31a864c4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9820a829eb699580e43a1bf718a77d984f30f627b5a8929933c293ed7fe6cd1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 30 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b34aa42a8feea011f3114083a467a10727a7a85fcd3e0e47ce445114bb42e9a0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 561d3da59cb07da7b9c4779805b53417234603b80571983db122f42cf2156cf0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/ 59 KB
20 KB 90ms
45ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js

Requested by

Host: cdn-js-delivr.com
URL: https://cdn-js-delivr.com/scripts/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ipfs.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 00:40:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 245605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19621
last-modified: Tue, 24 Oct 2023 23:03:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65384d58-4ca5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LsgGMRIJpAcenbXeyQS8EBttHqzK5o%2FKtW%2BLLOx7WgeaDgZ5uMwEinBE800fxL0ldJJBPT3k1i28AE9UoaOR2J8cqp1PTE6Vypa61aY%2B8tv4u5V0iPHtiPVIiP03jUGWtpNofCwu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8857cc773a6d4dc1-FRA
expires: Thu, 08 May 2025 00:40:56 GMT

POST
H3 200 config Show response
security-web3-cryptosecurity.ru/ 4 KB
4 KB 286ms
81ms Fetch
text/html 172.67.182.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://security-web3-cryptosecurity.ru/config

Requested by

Host: cdn-js-delivr.com
URL: https://cdn-js-delivr.com/scripts/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9ba10b6a5e587e4b99b22a2561553dbfd6bdeb516d152e3e5abb7b603476e4ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://ipfs.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 18 May 2024 00:40:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z02abz7Tv6P486v4XWwdgMJOXtnmO7LehZTBGE6uP43kl6BTG6FqCvNEY83gVwOxy82cVWZtB2%2FCQAmyiNgepDii1A38tqlbSUZVWinyB3ztXeCPWxQPOXa8UMa%2FLRBc19op%2Fdubo10NCN1MBmeg5bSM"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-ray: 8857cc791fc4bb7a-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 ethers.umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ 719 KB
124 KB 45ms
45ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js

Requested by

Host: cdn-js-delivr.com
URL: https://cdn-js-delivr.com/scripts/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ipfs.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 00:40:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 121293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 125841
last-modified: Sat, 18 Jun 2022 08:07:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62ad87d5-1eb91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2FvlRLv%2F2p07K0flNhKZrSjnCNZXovLwotmm73kfr0dj8YJ%2BZ3al6DT3FIsVAgmTd058qX29Ggwf6U2jHEsiFhjI2g3qIiTa2ze5ZTEv%2BMr38odwruRt3fvHualPWCrK98%2BkkHyI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8857cc79ac2f4dc1-FRA
expires: Thu, 08 May 2025 00:40:56 GMT

GET
H2 200 merkletree.js Show response
cdn.jsdelivr.net/npm/merkletreejs@latest/ 209 KB
51 KB 121ms
40ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/merkletreejs@latest/merkletree.js

Requested by

Host: cdn-js-delivr.com
URL: https://cdn-js-delivr.com/scripts/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

af00d2cec87b70e8139926da6426dd0686ff9a8207386658b6d72ee4e799c2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ipfs.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 May 2024 00:40:56 GMT
x-content-type-options: nosniff
content-encoding: br
age: 40970
x-jsd-version: 0.3.11
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 51348
x-served-by: cache-fra-etou8220103-FRA, cache-cph2320033-CPH
x-jsd-version-type: version
etag: W/"343f5-wn3//e2DIG1tBGj3Z3By+fDhqDc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET wallet-connect-v4.js
ipfs.io/ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/scripts/ 0
0

GET
H2 200 popup-6.css
bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.cf-ipfs.com/styles/ 51 KB
11 KB 218ms
68ms Stylesheet
text/css 2606:4700::6811:600d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.cf-ipfs.com/styles/popup-6.css
Requested by: Host: cdn-js-delivr.com
URL: https://cdn-js-delivr.com/scripts/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:600d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4f2ea8a9fae0fe006897e4d5907c3677086ab3d476e308e2a6a43f43ca8ffaf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ipfs.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 00:40:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 26742
x-cf-ipfs-cache-status: hit
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-ipfs-roots: bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy,bafybeihdkmd6kaafbimsylevgfwy7gigj25thgxhdcnp35mjeyhxaohwea,bafkreihu6lvivh5ob7qancl6jvmqpq3hocdkwpkhnyyi4ktkip2dzkh7v4
etag: W/"bafkreihu6lvivh5ob7qancl6jvmqpq3hocdkwpkhnyyi4ktkip2dzkh7v4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy/styles/popup-6.css
cf-ray: 8857cc7a9e233a84-FRA
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ipfs.io
URL: https://ipfs.io/ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/scripts/wallet-connect-v4.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.cf-ipfs.com/	1970-01-20 20:39:54	Name: __cf_bm Value: 3bMubBn_iO.z1HRw_pD45NlpmcW9zy.FBcP5TFrHeAU-1715992856-1.0.1.1-2b8P0XY7uOZWzqP04X3rf1hgP9KvSEHMd4S3Pj6vTif2ZJKEwNju0pC5.zShTan0XXngeTXDFPShwDFdyd6k0Q

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	URL: https://ipfs.io/ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/(Line 14529) Message: Error: <svg> attribute width: Expected length, "auto".
rendering	error	URL: https://ipfs.io/ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/(Line 14579) Message: Error: <svg> attribute width: Expected length, "auto".
rendering	error	URL: https://ipfs.io/ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/(Line 14784) Message: Error: <svg> attribute width: Expected length, "auto".
other	warning	URL: https://ipfs.io/ipfs/QmbyQZBAtvi84KmNxaW5WQswef2nq4eesj1ceCFtMTtViB/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-global.website-files.com
bafybeiamnxtlocscid45caf4abxpiqlhko55xoalhz5iugyajodlo3y7hy.ipfs.cf-ipfs.com
cdn-js-delivr.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
enter-golemnetwork.com
ipfs.io
security-web3-cryptosecurity.ru
ipfs.io
104.17.25.14
172.67.182.145
172.67.203.56
209.94.90.1
2600:9000:25f6:c000:12:9e5f:cac0:93a1
2606:4700:3035::6815:177
2606:4700::6811:600d
2a04:4e42:400::485
561d3da59cb07da7b9c4779805b53417234603b80571983db122f42cf2156cf0
6067edf0dc4a883a2b3306f541fe9577a950206429daab4003f5a58c06a2022f
74dd8985d19f9ff7f8aaee42e325e84301200989211e6b4f46f6afb74c9f3652
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
9ba10b6a5e587e4b99b22a2561553dbfd6bdeb516d152e3e5abb7b603476e4ca
af00d2cec87b70e8139926da6426dd0686ff9a8207386658b6d72ee4e799c2e3
b34aa42a8feea011f3114083a467a10727a7a85fcd3e0e47ce445114bb42e9a0
d0da5bf535447860e47d9f9985996a5ac325f6ac001bf6833adbfe6d31a864c4
d9820a829eb699580e43a1bf718a77d984f30f627b5a8929933c293ed7fe6cd1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2b029608bcd774345d5f9f039cdf8982e0e13a11c66cf1f283c5b68e2119028
f4f2ea8a9fae0fe006897e4d5907c3677086ab3d476e308e2a6a43f43ca8ffaf
fbf7a6139f467485dc8d1d10f41f636085e4df8e568bd001e0c6c4317ea871d4

ipfs.io Open in urlscan Pro 209.94.90.1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

50 %IPv6

8 Domains

8 Subdomains

8 IPs

2 Countries

2185 kBTransfer

3590 kBSize

1 Cookies

28 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

41 JavaScript Global Variables

1 Cookies

4 Console Messages

Indicators

ipfs.io Open in urlscan Pro
209.94.90.1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

2185 kB
Transfer

3590 kB
Size

1
Cookies

11 HTTP transactions
5 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!